|
1 |
|
2 #include <lua.h> |
|
3 #include <lauxlib.h> |
|
4 #include <glib.h> |
|
5 #include <loudmouth/loudmouth.h> |
|
6 #include <stdio.h> |
|
7 |
|
8 #include "util.h" |
|
9 #include "lm_types.h" |
|
10 |
|
11 /// lm.ssl |
|
12 /// Object, containing information about ssl abilities for connection. |
|
13 /// Create, set parameters, and attach to connection with 'ssl' method. |
|
14 |
|
15 /// ssl status |
|
16 /// String, representing what problem have current ssl session. |
|
17 /// V: no cert found, untrusted cert, cert expired, cert not activated, cert hostname mismatch, cert fingerprint mismatch, generic error |
|
18 const string2enum_t llm_ssl_status[] = { |
|
19 { "no cert found", LM_SSL_STATUS_NO_CERT_FOUND }, |
|
20 { "untrusted cert", LM_SSL_STATUS_UNTRUSTED_CERT }, |
|
21 { "cert expired", LM_SSL_STATUS_CERT_EXPIRED }, |
|
22 { "cert not activated", LM_SSL_STATUS_CERT_NOT_ACTIVATED }, |
|
23 { "cert hostname mismatch", LM_SSL_STATUS_CERT_HOSTNAME_MISMATCH }, |
|
24 { "cert fingerprint mismatch", LM_SSL_STATUS_CERT_FINGERPRINT_MISMATCH }, |
|
25 { "generic error", LM_SSL_STATUS_GENERIC_ERROR }, |
|
26 { NULL, 0 }, // XXX |
|
27 }; |
|
28 |
|
29 /// ssl callback function |
|
30 /// User function, called when ssl error happens. |
|
31 /// XXX: add lm connection object to args? it is not in API, but can be useful, |
|
32 /// though, with upvalues it is not required. |
|
33 /// A: lm ssl object, ssl status |
|
34 /// R: boolean (false if connection process should be terminated) |
|
35 LmSSLResponse llm_ssl_callback (LmSSL *ssl, LmSSLStatus status, llm_callback_t *cb) |
|
36 { |
|
37 int ret; |
|
38 lua_rawgeti (cb->L, LUA_REGISTRYINDEX, cb->reference); |
|
39 llm_ssl_bless (cb->L, ssl); |
|
40 // XXX lm_ssl_unref (ssl); |
|
41 luaL_pushenum (cb->L, status, llm_ssl_status); |
|
42 if (lua_pcall (cb->L, 2, 0, 0)) { |
|
43 // XXX lua_error (cb->L); |
|
44 lua_pop (cb->L, 1); |
|
45 return LM_SSL_RESPONSE_CONTINUE; |
|
46 } |
|
47 ret = lua_toboolean (cb->L, -1); |
|
48 lua_pop (cb->L, 1); |
|
49 if (ret) |
|
50 return LM_SSL_RESPONSE_CONTINUE; |
|
51 else |
|
52 return LM_SSL_RESPONSE_STOP; |
|
53 } |
|
54 |
|
55 static void string2fingerprint (const char *string, char *buffer) |
|
56 { |
|
57 int i; |
|
58 for (i = 0; i < 16; i++) { |
|
59 int h = g_ascii_xdigit_value ((char)string[i*3]); |
|
60 int l = g_ascii_xdigit_value ((char)string[i*3+1]); |
|
61 buffer[i] = (char) ((h >= 0 && l >= 0) ? h*16 + l : 0); |
|
62 } |
|
63 } |
|
64 |
|
65 /// lm.ssl.new |
|
66 /// Creates new ssl object for use with connection. |
|
67 /// You can specify server key fingerprint, callback function for error handling, |
|
68 /// both, or neither. Though, fingerprint should go before callback function. |
|
69 /// SSL fingerprint is a string like '01:23:45:67:89:AB:CD:EF:FE:DC:BA:98:76:54:32:10'. |
|
70 /// A: string (optional ssl fingerprint), ssl callback function (optional) |
|
71 /// R: lm ssl object |
|
72 static int llm_ssl_new (lua_State *L) |
|
73 { |
|
74 int args = lua_gettop (L); |
|
75 LmSSL *ssl; |
|
76 if (args == 0) |
|
77 ssl = lm_ssl_new (NULL, NULL, NULL, NULL); |
|
78 else if (args == 1 && !lua_isfunction (L, 1)) { |
|
79 gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; |
|
80 const char *fingerprint = luaL_checkstring (L, 1); |
|
81 |
|
82 if (lua_objlen (L, 1) > 46) |
|
83 string2fingerprint (fingerprint, buffer); |
|
84 ssl = lm_ssl_new (buffer, NULL, NULL, NULL); |
|
85 lua_pop (L, 1); |
|
86 } else { |
|
87 llm_callback_t *cb; |
|
88 gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; |
|
89 |
|
90 if (args > 1) { |
|
91 const char *fingerprint = luaL_checkstring (L, 1); |
|
92 if (lua_objlen (L, 1) > 46) |
|
93 string2fingerprint (fingerprint, buffer); |
|
94 luaL_argcheck (L, lua_isfunction (L, 2), 2, "function expected"); |
|
95 } else |
|
96 luaL_argcheck (L, lua_isfunction (L, 1), 1, "function expected"); |
|
97 |
|
98 cb = luaL_malloc (L, sizeof (llm_callback_t)); |
|
99 cb->reference = luaL_ref (L, LUA_REGISTRYINDEX); |
|
100 cb->L = L; |
|
101 |
|
102 ssl = lm_ssl_new ((args > 1) ? buffer : NULL, (LmSSLFunction)llm_ssl_callback, |
|
103 cb, (GDestroyNotify)llm_callback_destroy); |
|
104 lua_pop (L, 1); |
|
105 } |
|
106 llm_ssl_bless (L, ssl); |
|
107 lm_ssl_unref (ssl); // XXX |
|
108 return 1; |
|
109 } |
|
110 |
|
111 /// lm.ssl.bless |
|
112 /// Blesses given pointer to lm ssl object. |
|
113 /// A: lightuserdata (C lm ssl object) |
|
114 /// R: lm ssl object |
|
115 static int llm_ssl_bless_lua (lua_State *L) |
|
116 { |
|
117 luaL_argcheck (L, lua_islightuserdata (L, 1), 1, "lm ssl lightuserdata expected"); |
|
118 llm_ssl_bless (L, lua_touserdata (L, 1)); |
|
119 lua_remove (L, -2); |
|
120 return 1; |
|
121 } |
|
122 |
|
123 /// lm.ssl.supported |
|
124 /// Indicates if SSL is supported by loudmouth library. |
|
125 /// R: boolean |
|
126 static int llm_ssl_supported (lua_State *L) |
|
127 { |
|
128 lua_pushboolean (L, lm_ssl_is_supported ()); |
|
129 return 1; |
|
130 } |
|
131 |
|
132 /// ssl:fingerprint |
|
133 /// Returns fingerprint of remote server. |
|
134 /// R: string or nil |
|
135 static int llm_ssl_fingerprint (lua_State *L) |
|
136 { |
|
137 char buffer[48]; |
|
138 llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
139 const gchar *fingerprint = lm_ssl_get_fingerprint (object->ssl); |
|
140 if (fingerprint == NULL) |
|
141 lua_pushnil (L); |
|
142 else { |
|
143 snprintf (buffer, 48, |
|
144 "%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:" |
|
145 "%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX", |
|
146 fingerprint[0], fingerprint[1], fingerprint[2], fingerprint[3], |
|
147 fingerprint[4], fingerprint[5], fingerprint[6], fingerprint[7], |
|
148 fingerprint[8], fingerprint[9], fingerprint[10], fingerprint[11], |
|
149 fingerprint[12], fingerprint[13], fingerprint[14], fingerprint[15]); |
|
150 lua_pushlstring (L, buffer, 47); |
|
151 } |
|
152 lua_remove (L, -2); |
|
153 return 1; |
|
154 } |
|
155 |
|
156 /// ssl:pointer |
|
157 /// Returns pointer to underlying C structure. |
|
158 /// R: lightuserdata |
|
159 static int llm_ssl_pointer (lua_State *L) |
|
160 { |
|
161 llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
162 lua_pushlightuserdata (L, object->ssl); |
|
163 lua_remove (L, -2); |
|
164 return 1; |
|
165 } |
|
166 |
|
167 static int llm_ssl_gc (lua_State *L) |
|
168 { |
|
169 llm_ssl_t *object = luaL_checklm_ssl (L, 1); |
|
170 lm_ssl_unref (object->ssl); |
|
171 lua_pop (L, 1); |
|
172 return 0; |
|
173 } |
|
174 |
|
175 const static luaL_Reg llm_ssl_reg_f[] = { |
|
176 { "new", llm_ssl_new }, |
|
177 { "bless", llm_ssl_bless_lua }, |
|
178 { "supported", llm_ssl_supported }, |
|
179 { NULL, NULL }, |
|
180 }; |
|
181 |
|
182 const static luaL_Reg llm_ssl_reg_m[] = { |
|
183 { "fingerprint", llm_ssl_fingerprint }, |
|
184 { "pointer", llm_ssl_pointer }, |
|
185 { "__gc", llm_ssl_gc }, |
|
186 { NULL, NULL }, |
|
187 }; |
|
188 |
|
189 int luaopen_lm_ssl (lua_State *L) |
|
190 { |
|
191 luaL_newmetatable (L, "loudmouth.ssl"); |
|
192 lua_pushstring (L, "__index"); |
|
193 lua_pushvalue (L, -2); |
|
194 lua_settable (L, -3); |
|
195 luaL_register (L, NULL, llm_ssl_reg_m); |
|
196 lua_pop (L, 1); |
|
197 luaL_register (L, "lm.ssl", llm_ssl_reg_f); |
|
198 return 1; |
|
199 } |
|
200 |