| author | Matthew Wild <mwild1@gmail.com> |
| Wed, 06 May 2015 19:43:28 +0100 | |
| changeset 6674 | 2d5e2ed44c22 |
| parent 6292 | 751618071e89 |
| child 6780 | 5de6b93d0190 |
| permissions | -rw-r--r-- |
|
6292
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
local handlers = { }; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
local finalisers = { }; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
local id = function (v) return v end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
function handlers.options(a, k, b) |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
local o = a[k] or { }; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
if type(b) ~= "table" then b = { b } end |
|
6674
2d5e2ed44c22
util.sslconfig: Rename variable to avoid name clash [luacheck]
Matthew Wild <mwild1@gmail.com>
parents:
6292
diff
changeset
|
9 |
for key, value in pairs(b) do |
|
2d5e2ed44c22
util.sslconfig: Rename variable to avoid name clash [luacheck]
Matthew Wild <mwild1@gmail.com>
parents:
6292
diff
changeset
|
10 |
if value == true or value == false then |
|
2d5e2ed44c22
util.sslconfig: Rename variable to avoid name clash [luacheck]
Matthew Wild <mwild1@gmail.com>
parents:
6292
diff
changeset
|
11 |
o[key] = value; |
|
6292
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
else |
|
6674
2d5e2ed44c22
util.sslconfig: Rename variable to avoid name clash [luacheck]
Matthew Wild <mwild1@gmail.com>
parents:
6292
diff
changeset
|
13 |
o[value] = true; |
|
6292
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
a[k] = o; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
handlers.verify = handlers.options; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
handlers.verifyext = handlers.options; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 |
function finalisers.options(a) |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
local o = {}; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 |
for opt, enable in pairs(a) do |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 |
if enable then |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
o[#o+1] = opt; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
return o; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
finalisers.verify = finalisers.options; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
finalisers.verifyext = finalisers.options; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
function finalisers.ciphers(a) |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 |
if type(a) == "table" then |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 |
return table.concat(a, ":"); |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 |
return a; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 |
local protocols = { "sslv2", "sslv3", "tlsv1", "tlsv1_1", "tlsv1_2" }; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 |
for i = 1, #protocols do protocols[protocols[i] .. "+"] = i - 1; end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 |
local function protocol(a) |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
local min_protocol = protocols[a.protocol]; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
if min_protocol then |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 |
a.protocol = "sslv23"; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
for i = 1, min_protocol do |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 |
table.insert(a.options, "no_"..protocols[i]); |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 |
local function apply(a, b) |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 |
if type(b) == "table" then |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 |
for k,v in pairs(b) do |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 |
(handlers[k] or rawset)(a, k, v); |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 |
local function final(a) |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 |
local f = { }; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 |
for k,v in pairs(a) do |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 |
f[k] = (finalisers[k] or id)(v); |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 |
protocol(f); |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 |
return f; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 |
local sslopts_mt = { |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 |
__index = { |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 |
apply = apply; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 |
final = final; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 |
}; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 |
}; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 |
local function new() |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 |
return setmetatable({options={}}, sslopts_mt); |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 |
end |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 |
|
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 |
return { |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 |
apply = apply; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 |
final = final; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
86 |
new = new; |
|
751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
87 |
}; |