diff -r d53804c0fb6f -r 37ed3c7ac1b6 lm_ssl.c --- a/lm_ssl.c Sat Mar 05 14:55:50 2016 +0200 +++ b/lm_ssl.c Sat Mar 05 14:57:47 2016 +0200 @@ -68,6 +68,7 @@ return LM_SSL_RESPONSE_STOP; } +#ifndef HAVE_LM_SHA256_FINGERPRINTS static void string2fingerprint (const char *string, char *buffer) { int i; @@ -77,12 +78,14 @@ buffer[i] = (char) ((h >= 0 && l >= 0) ? h*16 + l : 0); } } +#endif /// lm.ssl.new /// Creates new ssl object for use with connection. /// You can specify server key fingerprint, callback function for error handling, /// both, or neither. Though, fingerprint should go before callback function. -/// SSL fingerprint is a string like '01:23:45:67:89:AB:CD:EF:FE:DC:BA:98:76:54:32:10'. +/// SSL fingerprint is a string like 'SHA256:ABCDEF123456...' (or +/// '01:23:45:67:89:AB:CD:EF:FE:DC:BA:98:76:54:32:10' for LM versions, older than 1.5.3). /// A: string (optional ssl fingerprint), ssl callback function (optional) /// R: userdata (lm ssl object) static int new_lm_ssl (lua_State *L) @@ -92,20 +95,32 @@ if (args == 0) ssl = lm_ssl_new (NULL, NULL, NULL, NULL); else if (args == 1 && !lua_isfunction (L, 1)) { + const char *fingerprint = luaL_checkstring (L, 1); +#ifndef HAVE_LM_SHA256_FINGERPRINTS gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; - const char *fingerprint = luaL_checkstring (L, 1); - if (lua_rawlen (L, 1) > 46) + if (lua_rawlen (L, 1) > 46) { string2fingerprint (fingerprint, buffer); - ssl = lm_ssl_new (buffer, NULL, NULL, NULL); + fingerprint = buffer; + } else + fingerprint = NULL; +#endif + ssl = lm_ssl_new (fingerprint, NULL, NULL, NULL); } else { llm_callback_t *cb; - gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; + const char *fingerprint = NULL; if (args > 1) { - const char *fingerprint = luaL_checkstring (L, 1); - if (lua_rawlen (L, 1) > 46) + fingerprint = luaL_checkstring (L, 1); +#ifndef HAVE_LM_SHA256_FINGERPRINTS + gchar buffer[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; + + if (lua_rawlen (L, 1) > 46) { string2fingerprint (fingerprint, buffer); + fingerprint = buffer; + } else + fingerprint = NULL; +#endif luaL_argcheck (L, lua_isfunction (L, 2), 2, "function expected"); } else luaL_argcheck (L, lua_isfunction (L, 1), 1, "function expected"); @@ -114,7 +129,7 @@ cb->reference = luaL_ref (L, LUA_REGISTRYINDEX); cb->L = L; - ssl = lm_ssl_new ((args > 1) ? buffer : NULL, (LmSSLFunction)callback_lm_ssl, + ssl = lm_ssl_new (fingerprint, (LmSSLFunction)callback_lm_ssl, cb, (GDestroyNotify)llm_callback_destroy); } bless_lm_ssl (L, ssl); @@ -135,11 +150,20 @@ } /// lm.ssl.supported -/// Indicates if SSL is supported by loudmouth library. -/// R: boolean +/// Indicates if SSL is supported by loudmouth library and what kind of +/// ssl fingerprint is used. +/// R: nil or string ("MD5" or "SHA256") static int supported_lm_ssl (lua_State *L) { - lua_pushboolean (L, lm_ssl_is_supported ()); + if (lm_ssl_is_supported ()) { +#ifdef HAVE_LM_SHA256_FINGERPRINTS + lua_pushliteral (L, "SHA256"); +#else + lua_pushliteral (L, "MD5"); +#endif + } else { + lua_pushnil (L); + } return 1; } @@ -148,12 +172,15 @@ /// R: string or nil static int fingerprint_lm_ssl (lua_State *L) { - char buffer[48]; llm_ssl_t *object = luaL_checklm_ssl (L, 1); const gchar *fingerprint = lm_ssl_get_fingerprint (object->ssl); if (fingerprint == NULL) lua_pushnil (L); else { +#ifdef HAVE_LM_SHA256_FINGERPRINTS + lua_pushstring (L, fingerprint); +#else + char buffer[48]; snprintf (buffer, 48, "%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:" "%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX", @@ -162,6 +189,7 @@ fingerprint[8], fingerprint[9], fingerprint[10], fingerprint[11], fingerprint[12], fingerprint[13], fingerprint[14], fingerprint[15]); lua_pushlstring (L, buffer, 47); +#endif } return 1; }