diff options
Diffstat (limited to 'src/openssl.c')
| -rw-r--r-- | src/openssl.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c index f93b1cf..057d7b7 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -365,6 +365,10 @@ #define HAVE_SSL_OP_NO_DTLS_MASK OPENSSL_PREREQ(1,1,0) #endif +#ifndef HAVE_SSL_SESSION_MASTER_KEY +#define HAVE_SSL_SESSION_MASTER_KEY OPENSSL_PREREQ(1,1,0) +#endif + #ifndef HAVE_STACK_OPENSSL_STRING_FUNCS #define HAVE_STACK_OPENSSL_STRING_FUNCS (OPENSSL_PREREQ(1,0,0) || LIBRESSL_PREREQ(2,0,0)) #endif @@ -1731,6 +1735,22 @@ static size_t compat_SSL_get_client_random(const SSL *ssl, unsigned char *out, s } #endif +#if !HAVE_SSL_SESSION_MASTER_KEY +#define SSL_SESSION_get_master_key(...) EXPAND( compat_SSL_SESSION_get_master_key(__VA_ARGS__) ) +static size_t compat_SSL_SESSION_get_master_key(const SSL_SESSION *session, unsigned char *out, size_t outlen) { + if (session->master_key_length < 0) { + /* Should never happen */ + return 0; + } + if (outlen == 0) + return session->master_key_length; + if (outlen > (size_t)session->master_key_length) + outlen = session->master_key_length; + memcpy(out, session->master_key, outlen); + return outlen; +} +#endif + #if !HAVE_SSL_CLIENT_VERSION #define SSL_client_version(...) EXPAND( compat_SSL_client_version(__VA_ARGS__) ) @@ -9254,6 +9274,28 @@ static int ssl_getClientRandom(lua_State *L) { } /* ssl_getClientRandom() */ +static int ssl_getMasterKey(lua_State *L) { + SSL *ssl = checksimple(L, 1, SSL_CLASS); + SSL_SESSION *session; + luaL_Buffer B; + size_t len; + unsigned char *out; + + session = SSL_get0_session(ssl); + if (!session) { + lua_pushnil(L); + return 1; + } + + len = SSL_SESSION_get_master_key(session, NULL, 0); + out = (unsigned char*)luaL_buffinitsize(L, &B, len); + len = SSL_SESSION_get_master_key(session, out, len); + luaL_pushresultsize(&B, len); + + return 1; +} /* ssl_getMasterKey() */ + + static int ssl_getClientVersion(lua_State *L) { SSL *ssl = checksimple(L, 1, SSL_CLASS); int format = luaL_checkoption(L, 2, "d", (const char *[]){ "d", ".", "f", NULL }); @@ -9445,6 +9487,7 @@ static const auxL_Reg ssl_methods[] = { { "setHostName", &ssl_setHostName }, { "getVersion", &ssl_getVersion }, { "getClientRandom", &ssl_getClientRandom }, + { "getMasterKey", &ssl_getMasterKey }, { "getClientVersion", &ssl_getClientVersion }, #if HAVE_SSL_GET0_ALPN_SELECTED { "getAlpnSelected", &ssl_getAlpnSelected }, |