0
|
1 |
|
|
2 |
#include <lua.h> |
|
3 |
#include <lauxlib.h> |
|
4 |
#include <glib.h> |
|
5 |
#include <loudmouth/loudmouth.h> |
|
6 |
#include <stdio.h> |
|
7 |
|
|
8 |
#include "util.h" |
|
9 |
#include "lm_types.h" |
|
10 |
|
|
11 |
/// lm.ssl |
|
12 |
/// Object, containing information about ssl abilities for connection. |
|
13 |
/// Create, set parameters, and attach to connection with 'ssl' method. |
|
14 |
|
|
15 |
/// ssl status |
|
16 |
/// String, representing what problem have current ssl session. |
|
17 |
/// V: no cert found, untrusted cert, cert expired, cert not activated, cert hostname mismatch, cert fingerprint mismatch, generic error |
|
18 |
const string2enum_t llm_ssl_status[] = { |
|
19 |
{ "no cert found", LM_SSL_STATUS_NO_CERT_FOUND }, |
|
20 |
{ "untrusted cert", LM_SSL_STATUS_UNTRUSTED_CERT }, |
|
21 |
{ "cert expired", LM_SSL_STATUS_CERT_EXPIRED }, |
|
22 |
{ "cert not activated", LM_SSL_STATUS_CERT_NOT_ACTIVATED }, |
|
23 |
{ "cert hostname mismatch", LM_SSL_STATUS_CERT_HOSTNAME_MISMATCH }, |
|
24 |
{ "cert fingerprint mismatch", LM_SSL_STATUS_CERT_FINGERPRINT_MISMATCH }, |
|
25 |
{ "generic error", LM_SSL_STATUS_GENERIC_ERROR }, |
|
26 |
{ NULL, 0 }, // XXX |
|
27 |
}; |
|
28 |
|
|
29 |
/// ssl callback function |
|
30 |
/// User function, called when ssl error happens. |
|
31 |
/// XXX: add lm connection object to args? it is not in API, but can be useful, |
|
32 |
/// though, with upvalues it is not required. |
|
33 |
/// A: lm ssl object, ssl status |
|
34 |
/// R: boolean (false if connection process should be terminated) |
|
35 |
LmSSLResponse llm_ssl_callback (LmSSL *ssl, LmSSLStatus status, llm_callback_t *cb) |
|
36 |
{ |
|
37 |
int ret; |
|
38 |
lua_rawgeti (cb->L, LUA_REGISTRYINDEX, cb->reference); |
|
39 |
llm_ssl_bless (cb->L, ssl); |
|
40 |
// XXX lm_ssl_unref (ssl); |
|
41 |
luaL_pushenum (cb->L, status, llm_ssl_status); |
|
42 |
if (lua_pcall (cb->L, 2, 0, 0)) { |
|
43 |
// XXX lua_error (cb->L); |
|
44 |
lua_pop (cb->L, 1); |
|
45 |
return LM_SSL_RESPONSE_CONTINUE; |
|
46 |
} |
|
47 |
ret = lua_toboolean (cb->L, -1); |
|
48 |
lua_pop (cb->L, 1); |
|
49 |
if (ret) |
|
50 |
return LM_SSL_RESPONSE_CONTINUE; |
|
51 |
else |
|
52 |
return LM_SSL_RESPONSE_STOP; |
|
53 |
} |
|
54 |
|
|
55 |
static void string2fingerprint (const char *string, char *buffer) |
|
56 |
{ |
|
57 |
int i; |
|
58 |
for (i = 0; i < 16; i++) { |
|
59 |
int h = g_ascii_xdigit_value ((char)string[i*3]); |
|
60 |
int l = g_ascii_xdigit_value ((char)string[i*3+1]); |
|
61 |
buffer[i] = (char) ((h >= 0 && l >= 0) ? h*16 + l : 0); |
|
62 |
} |
|
63 |
} |
|
64 |
|
|
65 |
/// lm.ssl.new |
|
66 |
/// Creates new ssl object for use with connection. |
|
67 |
/// You can specify server key fingerprint, callback function for error handling, |
|
68 |
/// both, or neither. Though, fingerprint should go before callback function. |
|
69 |
/// SSL fingerprint is a string like '01:23:45:67:89:AB:CD:EF:FE:DC:BA:98:76:54:32:10'. |
|
70 |
/// A: string (optional ssl fingerprint), ssl callback function (optional) |
|
71 |
/// R: lm ssl object |
|
72 |
static int llm_ssl_new (lua_State *L) |
|
73 |
{ |
|
74 |
int args = lua_gettop (L); |
|
75 |
LmSSL *ssl; |
|
76 |
if (args == 0) |
|
77 |
ssl = lm_ssl_new (NULL, NULL, NULL, NULL); |
|
78 |
else if (args == 1 && !lua_isfunction (L, 1)) { |
|
79 |
gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; |
|
80 |
const char *fingerprint = luaL_checkstring (L, 1); |
|
81 |
|
|
82 |
if (lua_objlen (L, 1) > 46) |
|
83 |
string2fingerprint (fingerprint, buffer); |
|
84 |
ssl = lm_ssl_new (buffer, NULL, NULL, NULL); |
|
85 |
lua_pop (L, 1); |
|
86 |
} else { |
|
87 |
llm_callback_t *cb; |
|
88 |
gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; |
|
89 |
|
|
90 |
if (args > 1) { |
|
91 |
const char *fingerprint = luaL_checkstring (L, 1); |
|
92 |
if (lua_objlen (L, 1) > 46) |
|
93 |
string2fingerprint (fingerprint, buffer); |
|
94 |
luaL_argcheck (L, lua_isfunction (L, 2), 2, "function expected"); |
|
95 |
} else |
|
96 |
luaL_argcheck (L, lua_isfunction (L, 1), 1, "function expected"); |
|
97 |
|
|
98 |
cb = luaL_malloc (L, sizeof (llm_callback_t)); |
|
99 |
cb->reference = luaL_ref (L, LUA_REGISTRYINDEX); |
|
100 |
cb->L = L; |
|
101 |
|
|
102 |
ssl = lm_ssl_new ((args > 1) ? buffer : NULL, (LmSSLFunction)llm_ssl_callback, |
|
103 |
cb, (GDestroyNotify)llm_callback_destroy); |
|
104 |
lua_pop (L, 1); |
|
105 |
} |
|
106 |
llm_ssl_bless (L, ssl); |
|
107 |
lm_ssl_unref (ssl); // XXX |
|
108 |
return 1; |
|
109 |
} |
|
110 |
|
|
111 |
/// lm.ssl.bless |
|
112 |
/// Blesses given pointer to lm ssl object. |
|
113 |
/// A: lightuserdata (C lm ssl object) |
|
114 |
/// R: lm ssl object |
|
115 |
static int llm_ssl_bless_lua (lua_State *L) |
|
116 |
{ |
|
117 |
luaL_argcheck (L, lua_islightuserdata (L, 1), 1, "lm ssl lightuserdata expected"); |
|
118 |
llm_ssl_bless (L, lua_touserdata (L, 1)); |
|
119 |
lua_remove (L, -2); |
|
120 |
return 1; |
|
121 |
} |
|
122 |
|
|
123 |
/// lm.ssl.supported |
|
124 |
/// Indicates if SSL is supported by loudmouth library. |
|
125 |
/// R: boolean |
|
126 |
static int llm_ssl_supported (lua_State *L) |
|
127 |
{ |
|
128 |
lua_pushboolean (L, lm_ssl_is_supported ()); |
|
129 |
return 1; |
|
130 |
} |
|
131 |
|
|
132 |
/// ssl:fingerprint |
|
133 |
/// Returns fingerprint of remote server. |
|
134 |
/// R: string or nil |
|
135 |
static int llm_ssl_fingerprint (lua_State *L) |
|
136 |
{ |
|
137 |
char buffer[48]; |
|
138 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
139 |
const gchar *fingerprint = lm_ssl_get_fingerprint (object->ssl); |
|
140 |
if (fingerprint == NULL) |
|
141 |
lua_pushnil (L); |
|
142 |
else { |
|
143 |
snprintf (buffer, 48, |
|
144 |
"%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:" |
|
145 |
"%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX", |
|
146 |
fingerprint[0], fingerprint[1], fingerprint[2], fingerprint[3], |
|
147 |
fingerprint[4], fingerprint[5], fingerprint[6], fingerprint[7], |
|
148 |
fingerprint[8], fingerprint[9], fingerprint[10], fingerprint[11], |
|
149 |
fingerprint[12], fingerprint[13], fingerprint[14], fingerprint[15]); |
|
150 |
lua_pushlstring (L, buffer, 47); |
|
151 |
} |
|
152 |
lua_remove (L, -2); |
|
153 |
return 1; |
|
154 |
} |
|
155 |
|
|
156 |
/// ssl:pointer |
|
157 |
/// Returns pointer to underlying C structure. |
|
158 |
/// R: lightuserdata |
|
159 |
static int llm_ssl_pointer (lua_State *L) |
|
160 |
{ |
|
161 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
162 |
lua_pushlightuserdata (L, object->ssl); |
|
163 |
lua_remove (L, -2); |
|
164 |
return 1; |
|
165 |
} |
|
166 |
|
|
167 |
static int llm_ssl_gc (lua_State *L) |
|
168 |
{ |
|
169 |
llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
170 |
lm_ssl_unref (object->ssl); |
|
171 |
lua_pop (L, 1); |
|
172 |
return 0; |
|
173 |
} |
|
174 |
|
|
175 |
const static luaL_Reg llm_ssl_reg_f[] = { |
|
176 |
{ "new", llm_ssl_new }, |
|
177 |
{ "bless", llm_ssl_bless_lua }, |
|
178 |
{ "supported", llm_ssl_supported }, |
|
179 |
{ NULL, NULL }, |
|
180 |
}; |
|
181 |
|
|
182 |
const static luaL_Reg llm_ssl_reg_m[] = { |
|
183 |
{ "fingerprint", llm_ssl_fingerprint }, |
|
184 |
{ "pointer", llm_ssl_pointer }, |
|
185 |
{ "__gc", llm_ssl_gc }, |
|
186 |
{ NULL, NULL }, |
|
187 |
}; |
|
188 |
|
|
189 |
int luaopen_lm_ssl (lua_State *L) |
|
190 |
{ |
|
191 |
luaL_newmetatable (L, "loudmouth.ssl"); |
|
192 |
lua_pushstring (L, "__index"); |
|
193 |
lua_pushvalue (L, -2); |
|
194 |
lua_settable (L, -3); |
|
195 |
luaL_register (L, NULL, llm_ssl_reg_m); |
|
196 |
lua_pop (L, 1); |
|
197 |
luaL_register (L, "lm.ssl", llm_ssl_reg_f); |
|
198 |
return 1; |
|
199 |
} |
|
200 |
|