diff options
author | daurnimator <quae@daurnimator.com> | 2018-10-31 15:43:19 +1100 |
---|---|---|
committer | daurnimator <quae@daurnimator.com> | 2018-10-31 15:43:19 +1100 |
commit | 0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95 (patch) | |
tree | 647c043fdb87c8bdfbd0bbdb611da0794f9de19d | |
parent | 4da94eb5c92dc5ac7c86bb047a927a014e6bc760 (diff) | |
download | luaossl-0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95.tar.gz luaossl-0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95.tar.bz2 luaossl-0aaec41e02fbf7cb71eb317effdd6d34fe2e5e95.zip |
Add ssl:setCipherList()
-rw-r--r-- | doc/luaossl.tex | 4 | ||||
-rw-r--r-- | src/openssl.c | 14 | ||||
-rw-r--r-- | src/openssl.ssl.lua | 11 |
3 files changed, 29 insertions, 0 deletions
diff --git a/doc/luaossl.tex b/doc/luaossl.tex index b5ae2f6..96ed900 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex @@ -1225,6 +1225,10 @@ TLS1\_2\_VERSION & 16-bit TLSv1.2 identifier (0x0303). \\ Returns the SSL/TLS version supported by the client, which should be greater than or equal to the negotiated version. See \fn{ssl:getVersion}. +\subsubsection[\fn{ssl:setCipherList}]{\fn{ssl:setCipherList($string$ [, ...])}} + +Sets the allowed public key and private key algorithm(s). See \fn{openssl.ssl.context:setCipherList}. + \subsubsection[\fn{ssl:setCurvesList}]{\fn{ssl:setCurvesList($string$ [, ...])}} Sets the supported curves for this SSL connection instance. See \fn{openssl.ssl.context:setCurvesList}. diff --git a/src/openssl.c b/src/openssl.c index e49c0e7..2495a09 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -10026,6 +10026,19 @@ static int ssl_getCipherInfo(lua_State *L) { } /* ssl_getCipherInfo() */ +static int ssl_setCipherList(lua_State *L) { + SSL *ssl = checksimple(L, 1, SSL_CLASS); + const char *ciphers = luaL_checkstring(L, 2); + + if (!SSL_set_cipher_list(ssl, ciphers)) + return auxL_error(L, auxL_EOPENSSL, "ssl:setCipherList"); + + lua_pushboolean(L, 1); + + return 1; +} /* ssl_setCipherList() */ + + #if HAVE_SSL_SET_CURVES_LIST static int ssl_setCurvesList(lua_State *L) { SSL *ssl = checksimple(L, 1, SSL_CLASS); @@ -10344,6 +10357,7 @@ static const auxL_Reg ssl_methods[] = { { "getPeerCertificate", &ssl_getPeerCertificate }, { "getPeerChain", &ssl_getPeerChain }, { "getCipherInfo", &ssl_getCipherInfo }, + { "setCipherList", &ssl_setCipherList }, #if HAVE_SSL_SET_CURVES_LIST { "setCurvesList", &ssl_setCurvesList }, #endif diff --git a/src/openssl.ssl.lua b/src/openssl.ssl.lua index 4f9f82b..22311cd 100644 --- a/src/openssl.ssl.lua +++ b/src/openssl.ssl.lua @@ -8,6 +8,17 @@ ssl.interpose("setStore", function(self, store) return true end) +-- Allow passing a vararg of ciphers, or an array +local setCipherList; setCipherList = ssl.interpose("setCipherList", function (self, ciphers, ...) + if (...) then + local ciphers_t = pack(ciphers, ...) + ciphers = table.concat(ciphers_t, ":", 1, ciphers_t.n) + elseif type(ciphers) == "table" then + ciphers = table.concat(ciphers, ":") + end + return setCipherList(self, ciphers) +end) + -- Allow passing a vararg of curves, or an array local setCurvesList = ssl.interpose("setCurvesList", nil) if setCurvesList then |