aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatarLibravatar daurnimator <quae@daurnimator.com> 2018-10-31 15:43:19 +1100
committerLibravatarLibravatar daurnimator <quae@daurnimator.com> 2018-10-31 15:43:19 +1100
commit0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95 (patch)
tree647c043fdb87c8bdfbd0bbdb611da0794f9de19d
parent4da94eb5c92dc5ac7c86bb047a927a014e6bc760 (diff)
downloadluaossl-0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95.tar.gz
luaossl-0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95.tar.bz2
luaossl-0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95.zip
Add ssl:setCipherList()
-rw-r--r--doc/luaossl.tex4
-rw-r--r--src/openssl.c14
-rw-r--r--src/openssl.ssl.lua11
3 files changed, 29 insertions, 0 deletions
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index b5ae2f6..96ed900 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -1225,6 +1225,10 @@ TLS1\_2\_VERSION & 16-bit TLSv1.2 identifier (0x0303). \\
Returns the SSL/TLS version supported by the client, which should be greater than or equal to the negotiated version. See \fn{ssl:getVersion}.
+\subsubsection[\fn{ssl:setCipherList}]{\fn{ssl:setCipherList($string$ [, ...])}}
+
+Sets the allowed public key and private key algorithm(s). See \fn{openssl.ssl.context:setCipherList}.
+
\subsubsection[\fn{ssl:setCurvesList}]{\fn{ssl:setCurvesList($string$ [, ...])}}
Sets the supported curves for this SSL connection instance. See \fn{openssl.ssl.context:setCurvesList}.
diff --git a/src/openssl.c b/src/openssl.c
index e49c0e7..2495a09 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -10026,6 +10026,19 @@ static int ssl_getCipherInfo(lua_State *L) {
} /* ssl_getCipherInfo() */
+static int ssl_setCipherList(lua_State *L) {
+ SSL *ssl = checksimple(L, 1, SSL_CLASS);
+ const char *ciphers = luaL_checkstring(L, 2);
+
+ if (!SSL_set_cipher_list(ssl, ciphers))
+ return auxL_error(L, auxL_EOPENSSL, "ssl:setCipherList");
+
+ lua_pushboolean(L, 1);
+
+ return 1;
+} /* ssl_setCipherList() */
+
+
#if HAVE_SSL_SET_CURVES_LIST
static int ssl_setCurvesList(lua_State *L) {
SSL *ssl = checksimple(L, 1, SSL_CLASS);
@@ -10344,6 +10357,7 @@ static const auxL_Reg ssl_methods[] = {
{ "getPeerCertificate", &ssl_getPeerCertificate },
{ "getPeerChain", &ssl_getPeerChain },
{ "getCipherInfo", &ssl_getCipherInfo },
+ { "setCipherList", &ssl_setCipherList },
#if HAVE_SSL_SET_CURVES_LIST
{ "setCurvesList", &ssl_setCurvesList },
#endif
diff --git a/src/openssl.ssl.lua b/src/openssl.ssl.lua
index 4f9f82b..22311cd 100644
--- a/src/openssl.ssl.lua
+++ b/src/openssl.ssl.lua
@@ -8,6 +8,17 @@ ssl.interpose("setStore", function(self, store)
return true
end)
+-- Allow passing a vararg of ciphers, or an array
+local setCipherList; setCipherList = ssl.interpose("setCipherList", function (self, ciphers, ...)
+ if (...) then
+ local ciphers_t = pack(ciphers, ...)
+ ciphers = table.concat(ciphers_t, ":", 1, ciphers_t.n)
+ elseif type(ciphers) == "table" then
+ ciphers = table.concat(ciphers, ":")
+ end
+ return setCipherList(self, ciphers)
+end)
+
-- Allow passing a vararg of curves, or an array
local setCurvesList = ssl.interpose("setCurvesList", nil)
if setCurvesList then