diff options
| -rw-r--r-- | src/openssl.c | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c index 6511e75..0cc0f14 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -323,6 +323,14 @@ #define HAVE_SSL_CTX_GET_TLSEXT_STATUS_TYPE OPENSSL_PREREQ(1,1,0) #endif +#ifndef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEYS +#define HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEYS OPENSSL_PREREQ(1,0,0) +#endif + +#ifndef HAVE_SSL_CTX_GET_TLSEXT_TICKET_KEYS +#define HAVE_SSL_CTX_GET_TLSEXT_TICKET_KEYS OPENSSL_PREREQ(1,0,0) +#endif + #ifndef HAVE_SSL_GET0_ALPN_SELECTED #define HAVE_SSL_GET0_ALPN_SELECTED HAVE_SSL_CTX_SET_ALPN_PROTOS #endif @@ -8937,6 +8945,49 @@ static int sx_getTLSextStatusType(lua_State *L) { #endif +#if HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEYS +static int sx_setTicketKeys(lua_State *L) { + SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS); + size_t keylen; + const char *keys = luaL_optlstring(L, 2, NULL, &keylen); + + int res = SSL_CTX_set_tlsext_ticket_keys(ctx, (void*)keys, keylen); + + if (keys == NULL) { + /* returns expected 'keys' length */ + lua_pushinteger(L, res); + return 1; + } + + if (res == 0) + return auxL_error(L, auxL_EOPENSSL, "ssl.context:setTicketKeys"); + + lua_pushboolean(L, 1); + + return 1; +} /* sx_setTicketKeys() */ +#endif + + +#if HAVE_SSL_CTX_GET_TLSEXT_TICKET_KEYS +static int sx_getTicketKeys(lua_State *L) { + SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS); + int keylen; + char *out; + luaL_Buffer B; + + keylen = SSL_CTX_get_tlsext_ticket_keys(ctx, NULL, 0); + out = luaL_buffinitsize(L, &B, keylen); + if (!SSL_CTX_get_tlsext_ticket_keys(ctx, out, keylen)) + return auxL_error(L, auxL_EOPENSSL, "ssl.context:getTicketKeys"); + + luaL_pushresultsize(&B, keylen); + + return 1; +} /* sx_getTicketKeys() */ +#endif + + static int sx__gc(lua_State *L) { SSL_CTX **ud = luaL_checkudata(L, 1, SSL_CTX_CLASS); @@ -8984,6 +9035,12 @@ static const auxL_Reg sx_methods[] = { #if HAVE_SSL_CTX_GET_TLSEXT_STATUS_TYPE { "getTLSextStatusType", &sx_getTLSextStatusType }, #endif +#if HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEYS + { "setTicketKeys", &sx_setTicketKeys }, +#endif +#if HAVE_SSL_CTX_GET_TLSEXT_TICKET_KEYS + { "getTicketKeys", &sx_getTicketKeys }, +#endif { NULL, NULL }, }; |