author | Myhailo Danylenko <isbear@ukrpost.net> |
Sat, 05 Mar 2016 17:32:20 +0200 | |
changeset 64 | 82fc7c385c9a |
parent 62 | d92358eafead |
permissions | -rw-r--r-- |
23 | 1 |
|
59
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
2 |
/* Copyright 2009-2016 Myhailo Danylenko |
23 | 3 |
|
4 |
This file is part of lua-lm. |
|
5 |
||
6 |
lua-lm is free software: you can redistribute it and/or modify |
|
7 |
it under the terms of the GNU General Public License as published by |
|
8 |
the Free Software Foundation, either version 2 of the License, or |
|
9 |
(at your option) any later version. |
|
10 |
||
11 |
This program is distributed in the hope that it will be useful, |
|
12 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14 |
GNU General Public License for more details. |
|
15 |
||
16 |
You should have received a copy of the GNU General Public License |
|
17 |
along with this program. If not, see <http://www.gnu.org/licenses/>. */ |
|
0 | 18 |
|
19 |
#include <lua.h> |
|
20 |
#include <lauxlib.h> |
|
21 |
#include <glib.h> |
|
22 |
#include <loudmouth/loudmouth.h> |
|
23 |
#include <stdio.h> |
|
24 |
||
6
90073cbb535d
Logging and chained methods
Myhailo Danylenko <isbear@ukrpost.net>
parents:
4
diff
changeset
|
25 |
#include "config.h" |
0 | 26 |
#include "util.h" |
27 |
#include "lm_types.h" |
|
28 |
||
29 |
/// lm.ssl |
|
30 |
/// Object, containing information about ssl abilities for connection. |
|
31 |
/// Create, set parameters, and attach to connection with 'ssl' method. |
|
32 |
||
33 |
/// ssl status |
|
34 |
/// String, representing what problem have current ssl session. |
|
4 | 35 |
/// G: |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
36 |
const string2enum_t status_lm_ssl[] = { |
0 | 37 |
{ "no cert found", LM_SSL_STATUS_NO_CERT_FOUND }, |
38 |
{ "untrusted cert", LM_SSL_STATUS_UNTRUSTED_CERT }, |
|
39 |
{ "cert expired", LM_SSL_STATUS_CERT_EXPIRED }, |
|
40 |
{ "cert not activated", LM_SSL_STATUS_CERT_NOT_ACTIVATED }, |
|
41 |
{ "cert hostname mismatch", LM_SSL_STATUS_CERT_HOSTNAME_MISMATCH }, |
|
42 |
{ "cert fingerprint mismatch", LM_SSL_STATUS_CERT_FINGERPRINT_MISMATCH }, |
|
43 |
{ "generic error", LM_SSL_STATUS_GENERIC_ERROR }, |
|
44 |
{ NULL, 0 }, // XXX |
|
45 |
}; |
|
46 |
||
47 |
/// ssl callback function |
|
48 |
/// User function, called when ssl error happens. |
|
42 | 49 |
/// A: userdata (lm ssl object), argument enum field (ssl status) |
0 | 50 |
/// R: boolean (false if connection process should be terminated) |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
51 |
LmSSLResponse callback_lm_ssl (LmSSL *ssl, LmSSLStatus status, llm_callback_t *cb) |
0 | 52 |
{ |
53 |
int ret; |
|
54 |
lua_rawgeti (cb->L, LUA_REGISTRYINDEX, cb->reference); |
|
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
55 |
bless_lm_ssl (cb->L, ssl); |
0 | 56 |
// XXX lm_ssl_unref (ssl); |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
57 |
luaL_pushenum (cb->L, status, status_lm_ssl); |
42 | 58 |
if (lua_pcall (cb->L, 2, 1, 0)) { |
9
50f55d494efb
Not use error log level, it is fatal
Myhailo Danylenko <isbear@ukrpost.net>
parents:
6
diff
changeset
|
59 |
W ("SSL callback error: %s", lua_tostring (cb->L, -1)); |
0 | 60 |
lua_pop (cb->L, 1); |
61 |
return LM_SSL_RESPONSE_CONTINUE; |
|
62 |
} |
|
63 |
ret = lua_toboolean (cb->L, -1); |
|
64 |
lua_pop (cb->L, 1); |
|
65 |
if (ret) |
|
66 |
return LM_SSL_RESPONSE_CONTINUE; |
|
67 |
else |
|
68 |
return LM_SSL_RESPONSE_STOP; |
|
69 |
} |
|
70 |
||
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
71 |
#ifndef HAVE_LM_SHA256_FINGERPRINTS |
0 | 72 |
static void string2fingerprint (const char *string, char *buffer) |
73 |
{ |
|
74 |
int i; |
|
75 |
for (i = 0; i < 16; i++) { |
|
76 |
int h = g_ascii_xdigit_value ((char)string[i*3]); |
|
77 |
int l = g_ascii_xdigit_value ((char)string[i*3+1]); |
|
78 |
buffer[i] = (char) ((h >= 0 && l >= 0) ? h*16 + l : 0); |
|
79 |
} |
|
80 |
} |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
81 |
#endif |
0 | 82 |
|
83 |
/// lm.ssl.new |
|
84 |
/// Creates new ssl object for use with connection. |
|
85 |
/// You can specify server key fingerprint, callback function for error handling, |
|
86 |
/// both, or neither. Though, fingerprint should go before callback function. |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
87 |
/// SSL fingerprint is a string like 'SHA256:ABCDEF123456...' (or |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
88 |
/// '01:23:45:67:89:AB:CD:EF:FE:DC:BA:98:76:54:32:10' for LM versions, older than 1.5.3). |
0 | 89 |
/// A: string (optional ssl fingerprint), ssl callback function (optional) |
42 | 90 |
/// R: userdata (lm ssl object) |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
91 |
static int new_lm_ssl (lua_State *L) |
0 | 92 |
{ |
93 |
int args = lua_gettop (L); |
|
94 |
LmSSL *ssl; |
|
95 |
if (args == 0) |
|
96 |
ssl = lm_ssl_new (NULL, NULL, NULL, NULL); |
|
97 |
else if (args == 1 && !lua_isfunction (L, 1)) { |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
98 |
const char *fingerprint = luaL_checkstring (L, 1); |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
99 |
#ifndef HAVE_LM_SHA256_FINGERPRINTS |
0 | 100 |
gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; |
101 |
||
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
102 |
if (lua_rawlen (L, 1) > 46) { |
0 | 103 |
string2fingerprint (fingerprint, buffer); |
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
104 |
fingerprint = buffer; |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
105 |
} else |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
106 |
fingerprint = NULL; |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
107 |
#endif |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
108 |
ssl = lm_ssl_new (fingerprint, NULL, NULL, NULL); |
0 | 109 |
} else { |
110 |
llm_callback_t *cb; |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
111 |
const char *fingerprint = NULL; |
0 | 112 |
|
113 |
if (args > 1) { |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
114 |
fingerprint = luaL_checkstring (L, 1); |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
115 |
#ifndef HAVE_LM_SHA256_FINGERPRINTS |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
116 |
gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
117 |
|
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
118 |
if (lua_rawlen (L, 1) > 46) { |
0 | 119 |
string2fingerprint (fingerprint, buffer); |
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
120 |
fingerprint = buffer; |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
121 |
} else |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
122 |
fingerprint = NULL; |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
123 |
#endif |
0 | 124 |
luaL_argcheck (L, lua_isfunction (L, 2), 2, "function expected"); |
125 |
} else |
|
126 |
luaL_argcheck (L, lua_isfunction (L, 1), 1, "function expected"); |
|
127 |
||
128 |
cb = luaL_malloc (L, sizeof (llm_callback_t)); |
|
129 |
cb->reference = luaL_ref (L, LUA_REGISTRYINDEX); |
|
130 |
cb->L = L; |
|
131 |
||
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
132 |
ssl = lm_ssl_new (fingerprint, (LmSSLFunction)callback_lm_ssl, |
0 | 133 |
cb, (GDestroyNotify)llm_callback_destroy); |
134 |
} |
|
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
135 |
bless_lm_ssl (L, ssl); |
0 | 136 |
lm_ssl_unref (ssl); // XXX |
38
34a2b880615c
Fix debugging pointer format character
Myhailo Danylenko <isbear@ukrpost.net>
parents:
23
diff
changeset
|
137 |
D ("SSL %p created", ssl); |
0 | 138 |
return 1; |
139 |
} |
|
140 |
||
141 |
/// lm.ssl.bless |
|
142 |
/// Blesses given pointer to lm ssl object. |
|
143 |
/// A: lightuserdata (C lm ssl object) |
|
42 | 144 |
/// R: userdata (lm ssl object) |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
145 |
static int bless_lua_lm_ssl (lua_State *L) |
0 | 146 |
{ |
147 |
luaL_argcheck (L, lua_islightuserdata (L, 1), 1, "lm ssl lightuserdata expected"); |
|
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
148 |
bless_lm_ssl (L, lua_touserdata (L, 1)); |
0 | 149 |
return 1; |
150 |
} |
|
151 |
||
152 |
/// lm.ssl.supported |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
153 |
/// Indicates if SSL is supported by loudmouth library and what kind of |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
154 |
/// ssl fingerprint is used. |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
155 |
/// R: nil or string ("MD5" or "SHA256") |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
156 |
static int supported_lm_ssl (lua_State *L) |
0 | 157 |
{ |
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
158 |
if (lm_ssl_is_supported ()) { |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
159 |
#ifdef HAVE_LM_SHA256_FINGERPRINTS |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
160 |
lua_pushliteral (L, "SHA256"); |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
161 |
#else |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
162 |
lua_pushliteral (L, "MD5"); |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
163 |
#endif |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
164 |
} else { |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
165 |
lua_pushnil (L); |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
166 |
} |
0 | 167 |
return 1; |
168 |
} |
|
169 |
||
59
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
170 |
#ifdef HAVE_LM_SSL_SET_CA |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
171 |
/// ssl:ca_path |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
172 |
/// Set path to trusted ssl certificates. Argument must be a name of a PEM file |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
173 |
/// or a name of directory with hashed certificates. |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
174 |
/// A: string (path) |
62
d92358eafead
ssl: Return object from cipher/ca methods for chain initialization
Myhailo Danylenko <isbear@ukrpost.net>
parents:
59
diff
changeset
|
175 |
/// R: lm ssl object |
59
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
176 |
static int ca_path_lm_ssl (lua_State *L) |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
177 |
{ |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
178 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
179 |
const gchar *path = luaL_checkstring (L, 2); |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
180 |
lm_ssl_set_ca (object -> ssl, path); |
62
d92358eafead
ssl: Return object from cipher/ca methods for chain initialization
Myhailo Danylenko <isbear@ukrpost.net>
parents:
59
diff
changeset
|
181 |
lua_pop (L, 1); |
d92358eafead
ssl: Return object from cipher/ca methods for chain initialization
Myhailo Danylenko <isbear@ukrpost.net>
parents:
59
diff
changeset
|
182 |
return 1; |
59
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
183 |
} |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
184 |
#endif |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
185 |
|
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
186 |
#ifdef HAVE_LM_SSL_SET_CIPHER_LIST |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
187 |
/// ssl:cipher_list |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
188 |
/// Set list of allowed ciphers (colon-separated). Names may vary depending on ssl |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
189 |
/// implementation in use. |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
190 |
/// A: string (cipher list) |
62
d92358eafead
ssl: Return object from cipher/ca methods for chain initialization
Myhailo Danylenko <isbear@ukrpost.net>
parents:
59
diff
changeset
|
191 |
/// R: lm ssl object |
59
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
192 |
static int cipher_list_lm_ssl (lua_State *L) |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
193 |
{ |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
194 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
195 |
const gchar *list = luaL_checkstring (L, 2); |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
196 |
lm_ssl_set_cipher_list (object -> ssl, list); |
62
d92358eafead
ssl: Return object from cipher/ca methods for chain initialization
Myhailo Danylenko <isbear@ukrpost.net>
parents:
59
diff
changeset
|
197 |
lua_pop (L, 1); |
d92358eafead
ssl: Return object from cipher/ca methods for chain initialization
Myhailo Danylenko <isbear@ukrpost.net>
parents:
59
diff
changeset
|
198 |
return 1; |
59
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
199 |
} |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
200 |
#endif |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
201 |
|
0 | 202 |
/// ssl:fingerprint |
203 |
/// Returns fingerprint of remote server. |
|
204 |
/// R: string or nil |
|
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
205 |
static int fingerprint_lm_ssl (lua_State *L) |
0 | 206 |
{ |
207 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
208 |
const gchar *fingerprint = lm_ssl_get_fingerprint (object->ssl); |
|
209 |
if (fingerprint == NULL) |
|
210 |
lua_pushnil (L); |
|
211 |
else { |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
212 |
#ifdef HAVE_LM_SHA256_FINGERPRINTS |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
213 |
lua_pushstring (L, fingerprint); |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
214 |
#else |
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
215 |
char buffer[48]; |
0 | 216 |
snprintf (buffer, 48, |
217 |
"%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:" |
|
218 |
"%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX", |
|
219 |
fingerprint[0], fingerprint[1], fingerprint[2], fingerprint[3], |
|
220 |
fingerprint[4], fingerprint[5], fingerprint[6], fingerprint[7], |
|
221 |
fingerprint[8], fingerprint[9], fingerprint[10], fingerprint[11], |
|
222 |
fingerprint[12], fingerprint[13], fingerprint[14], fingerprint[15]); |
|
223 |
lua_pushlstring (L, buffer, 47); |
|
57
37ed3c7ac1b6
ssl: Support for SHA256 fingerprints (v0.9.3)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
54
diff
changeset
|
224 |
#endif |
0 | 225 |
} |
226 |
return 1; |
|
227 |
} |
|
228 |
||
42 | 229 |
/// ssl:tls |
230 |
/// Sets or returns use of starttls by this ssl object. |
|
231 |
/// A: boolean (use starttls), boolean (require starttls) |
|
232 |
/// or |
|
233 |
/// R: boolean (use starttls), boolean (require starttls) |
|
234 |
static int tls_lm_ssl (lua_State *L) |
|
235 |
{ |
|
236 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
237 |
if (lua_gettop (L) > 1) { |
|
238 |
gboolean use = lua_toboolean (L, 2); |
|
239 |
gboolean require = lua_toboolean (L, 3); |
|
240 |
lm_ssl_use_starttls (object -> ssl, use, require); |
|
241 |
return 0; |
|
242 |
} else { |
|
243 |
lua_pushboolean (L, lm_ssl_get_use_starttls (object -> ssl)); |
|
244 |
lua_pushboolean (L, lm_ssl_get_require_starttls (object -> ssl)); |
|
245 |
return 2; |
|
246 |
} |
|
247 |
} |
|
248 |
||
0 | 249 |
/// ssl:pointer |
250 |
/// Returns pointer to underlying C structure. |
|
251 |
/// R: lightuserdata |
|
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
252 |
static int pointer_lm_ssl (lua_State *L) |
0 | 253 |
{ |
254 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
255 |
lua_pushlightuserdata (L, object->ssl); |
|
256 |
return 1; |
|
257 |
} |
|
258 |
||
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
259 |
static int gc_lm_ssl (lua_State *L) |
0 | 260 |
{ |
261 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
38
34a2b880615c
Fix debugging pointer format character
Myhailo Danylenko <isbear@ukrpost.net>
parents:
23
diff
changeset
|
262 |
D ("SSL %p gc called", object); |
0 | 263 |
lm_ssl_unref (object->ssl); |
264 |
return 0; |
|
265 |
} |
|
266 |
||
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
267 |
const static luaL_Reg reg_f_lm_ssl[] = { |
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
268 |
{ "new", new_lm_ssl }, |
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
269 |
{ "bless", bless_lua_lm_ssl }, |
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
270 |
{ "supported", supported_lm_ssl }, |
12 | 271 |
{ NULL, NULL }, |
0 | 272 |
}; |
273 |
||
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
274 |
const static luaL_Reg reg_m_lm_ssl[] = { |
59
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
275 |
#ifdef HAVE_LM_SSL_SET_CA |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
276 |
{ "ca_path", ca_path_lm_ssl }, |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
277 |
#endif |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
278 |
#ifdef HAVE_LM_SSL_SET_CIPHER_LIST |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
279 |
{ "cipher_list", cipher_list_lm_ssl }, |
19cfaceda6bb
ssl: Add ssl:ca_path and ssl:cipher_list methods (v0.9.4)
Myhailo Danylenko <isbear@ukrpost.net>
parents:
57
diff
changeset
|
280 |
#endif |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
281 |
{ "fingerprint", fingerprint_lm_ssl }, |
42 | 282 |
{ "tls", tls_lm_ssl }, |
11
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
283 |
{ "pointer", pointer_lm_ssl }, |
a8c6460d612b
Naming scheme change to more ld-friendly
Myhailo Danylenko <isbear@ukrpost.net>
parents:
9
diff
changeset
|
284 |
{ "__gc", gc_lm_ssl }, |
12 | 285 |
{ NULL, NULL }, |
0 | 286 |
}; |
287 |
||
288 |
int luaopen_lm_ssl (lua_State *L) |
|
289 |
{ |
|
290 |
luaL_newmetatable (L, "loudmouth.ssl"); |
|
19
d775d7289fe4
Use lua_pushliteral and lua_setfield
Myhailo Danylenko <isbear@ukrpost.net>
parents:
16
diff
changeset
|
291 |
lua_pushvalue (L, -1); |
d775d7289fe4
Use lua_pushliteral and lua_setfield
Myhailo Danylenko <isbear@ukrpost.net>
parents:
16
diff
changeset
|
292 |
lua_setfield (L, -2, "__index"); |
54
6bef2082e5f9
v0.9.2 Support for lua 5.2
Myhailo Danylenko <isbear@ukrpost.net>
parents:
42
diff
changeset
|
293 |
luaL_setfuncs (L, reg_m_lm_ssl, 0); |
0 | 294 |
lua_pop (L, 1); |
16
09b375e9ce32
Switch to new module organization scheme
Myhailo Danylenko <isbear@ukrpost.net>
parents:
12
diff
changeset
|
295 |
lua_newtable (L); // XXX we can specify here exact amount of fields |
54
6bef2082e5f9
v0.9.2 Support for lua 5.2
Myhailo Danylenko <isbear@ukrpost.net>
parents:
42
diff
changeset
|
296 |
luaL_setfuncs (L, reg_f_lm_ssl, 0); |
0 | 297 |
return 1; |
298 |
} |
|
299 |