From 938ffdf8c30cb88e4ece27031a2c18cedf9da722 Mon Sep 17 00:00:00 2001 From: daurnimator Date: Mon, 7 Nov 2016 23:04:57 +1100 Subject: openssl_x509_store: add :addDefault() method to add OS default certificates --- src/openssl.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/openssl.c b/src/openssl.c index 4564061..7c3f32f 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -6789,6 +6789,18 @@ static int xs_add(lua_State *L) { } /* xs_add() */ +static int xs_addDefaults(lua_State *L) { + X509_STORE *store = checksimple(L, 1, X509_STORE_CLASS); + + if (!X509_STORE_set_default_paths(store)) + return auxL_error(L, auxL_EOPENSSL, "x509.store:addDefaults"); + + lua_pushvalue(L, 1); + + return 1; +} /* xs_addDefaults() */ + + static int xs_verify(lua_State *L) { X509_STORE *store = checksimple(L, 1, X509_STORE_CLASS); X509 *crt = checksimple(L, 2, X509_CERT_CLASS); @@ -6871,9 +6883,10 @@ static int xs__gc(lua_State *L) { static const auxL_Reg xs_methods[] = { - { "add", &xs_add }, - { "verify", &xs_verify }, - { NULL, NULL }, + { "add", &xs_add }, + { "addDefaults", &xs_addDefaults }, + { "verify", &xs_verify }, + { NULL, NULL }, }; static const auxL_Reg xs_metatable[] = { -- cgit v1.2.3-59-g8ed1b From 79ce69e01bf377ae26a3d40ea37454339def94bd Mon Sep 17 00:00:00 2001 From: daurnimator Date: Mon, 7 Nov 2016 23:09:08 +1100 Subject: openssl.x509.store: Expose cert dir and cert file constants --- src/openssl.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/openssl.c b/src/openssl.c index 7c3f32f..5ee969a 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -6905,6 +6905,15 @@ int luaopen__openssl_x509_store(lua_State *L) { auxL_newlib(L, xs_globals, 0); + lua_pushstring(L, X509_get_default_cert_dir()); + lua_setfield(L, -2, "CERT_DIR"); + lua_pushstring(L, X509_get_default_cert_file()); + lua_setfield(L, -2, "CERT_FILE"); + lua_pushstring(L, X509_get_default_cert_dir_env()); + lua_setfield(L, -2, "CERT_DIR_EVP"); + lua_pushstring(L, X509_get_default_cert_file_env()); + lua_setfield(L, -2, "CERT_FILE_EVP"); + return 1; } /* luaopen__openssl_x509_store() */ -- cgit v1.2.3-59-g8ed1b