--- a/lm_ssl.c Sat Mar 05 14:55:50 2016 +0200
+++ b/lm_ssl.c Sat Mar 05 14:57:47 2016 +0200
@@ -68,6 +68,7 @@
return LM_SSL_RESPONSE_STOP;
}
+#ifndef HAVE_LM_SHA256_FINGERPRINTS
static void string2fingerprint (const char *string, char *buffer)
{
int i;
@@ -77,12 +78,14 @@
buffer[i] = (char) ((h >= 0 && l >= 0) ? h*16 + l : 0);
}
}
+#endif
/// lm.ssl.new
/// Creates new ssl object for use with connection.
/// You can specify server key fingerprint, callback function for error handling,
/// both, or neither. Though, fingerprint should go before callback function.
-/// SSL fingerprint is a string like '01:23:45:67:89:AB:CD:EF:FE:DC:BA:98:76:54:32:10'.
+/// SSL fingerprint is a string like 'SHA256:ABCDEF123456...' (or
+/// '01:23:45:67:89:AB:CD:EF:FE:DC:BA:98:76:54:32:10' for LM versions, older than 1.5.3).
/// A: string (optional ssl fingerprint), ssl callback function (optional)
/// R: userdata (lm ssl object)
static int new_lm_ssl (lua_State *L)
@@ -92,20 +95,32 @@
if (args == 0)
ssl = lm_ssl_new (NULL, NULL, NULL, NULL);
else if (args == 1 && !lua_isfunction (L, 1)) {
+ const char *fingerprint = luaL_checkstring (L, 1);
+#ifndef HAVE_LM_SHA256_FINGERPRINTS
gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
- const char *fingerprint = luaL_checkstring (L, 1);
- if (lua_rawlen (L, 1) > 46)
+ if (lua_rawlen (L, 1) > 46) {
string2fingerprint (fingerprint, buffer);
- ssl = lm_ssl_new (buffer, NULL, NULL, NULL);
+ fingerprint = buffer;
+ } else
+ fingerprint = NULL;
+#endif
+ ssl = lm_ssl_new (fingerprint, NULL, NULL, NULL);
} else {
llm_callback_t *cb;
- gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+ const char *fingerprint = NULL;
if (args > 1) {
- const char *fingerprint = luaL_checkstring (L, 1);
- if (lua_rawlen (L, 1) > 46)
+ fingerprint = luaL_checkstring (L, 1);
+#ifndef HAVE_LM_SHA256_FINGERPRINTS
+ gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+
+ if (lua_rawlen (L, 1) > 46) {
string2fingerprint (fingerprint, buffer);
+ fingerprint = buffer;
+ } else
+ fingerprint = NULL;
+#endif
luaL_argcheck (L, lua_isfunction (L, 2), 2, "function expected");
} else
luaL_argcheck (L, lua_isfunction (L, 1), 1, "function expected");
@@ -114,7 +129,7 @@
cb->reference = luaL_ref (L, LUA_REGISTRYINDEX);
cb->L = L;
- ssl = lm_ssl_new ((args > 1) ? buffer : NULL, (LmSSLFunction)callback_lm_ssl,
+ ssl = lm_ssl_new (fingerprint, (LmSSLFunction)callback_lm_ssl,
cb, (GDestroyNotify)llm_callback_destroy);
}
bless_lm_ssl (L, ssl);
@@ -135,11 +150,20 @@
}
/// lm.ssl.supported
-/// Indicates if SSL is supported by loudmouth library.
-/// R: boolean
+/// Indicates if SSL is supported by loudmouth library and what kind of
+/// ssl fingerprint is used.
+/// R: nil or string ("MD5" or "SHA256")
static int supported_lm_ssl (lua_State *L)
{
- lua_pushboolean (L, lm_ssl_is_supported ());
+ if (lm_ssl_is_supported ()) {
+#ifdef HAVE_LM_SHA256_FINGERPRINTS
+ lua_pushliteral (L, "SHA256");
+#else
+ lua_pushliteral (L, "MD5");
+#endif
+ } else {
+ lua_pushnil (L);
+ }
return 1;
}
@@ -148,12 +172,15 @@
/// R: string or nil
static int fingerprint_lm_ssl (lua_State *L)
{
- char buffer[48];
llm_ssl_t *object = luaL_checklm_ssl (L, 1);
const gchar *fingerprint = lm_ssl_get_fingerprint (object->ssl);
if (fingerprint == NULL)
lua_pushnil (L);
else {
+#ifdef HAVE_LM_SHA256_FINGERPRINTS
+ lua_pushstring (L, fingerprint);
+#else
+ char buffer[48];
snprintf (buffer, 48,
"%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:"
"%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX",
@@ -162,6 +189,7 @@
fingerprint[8], fingerprint[9], fingerprint[10], fingerprint[11],
fingerprint[12], fingerprint[13], fingerprint[14], fingerprint[15]);
lua_pushlstring (L, buffer, 47);
+#endif
}
return 1;
}