From 569d057d3e26b5a19c5808edd47e221acc9ed61f Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Wed, 9 Nov 2016 18:47:24 +1100
Subject: openssl.ssl.context: Bind SSL_CTX_set1_param and SSL_CTX_get0_param

---
 src/openssl.c | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/src/openssl.c b/src/openssl.c
index 8d513e6..e6ae71d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -7532,6 +7532,38 @@ static int sx_getStore(lua_State *L) {
 } /* sx_getStore() */
 
 
+static int sx_setParam(lua_State *L) {
+	SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
+	X509_VERIFY_PARAM *xp = checksimple(L, 2, X509_VERIFY_PARAM_CLASS);
+
+	if (!SSL_CTX_set1_param(ctx, xp))
+		return auxL_error(L, auxL_EOPENSSL, "ssl.context:setParam");
+
+	lua_pushboolean(L, 1);
+
+	return 1;
+} /* sx_setParam() */
+
+
+static int sx_getParam(lua_State *L) {
+	SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
+	X509_VERIFY_PARAM **ud, *from;
+
+	/* X509_VERIFY_PARAM is not refcounted; create a new object and copy into it. */
+	ud = prepsimple(L, X509_VERIFY_PARAM_CLASS);
+	if (!(*ud = X509_VERIFY_PARAM_new()))
+		return auxL_error(L, auxL_EOPENSSL, "ssl.context:getParam");
+
+	from = SSL_CTX_get0_param(ctx);
+
+	if (!(X509_VERIFY_PARAM_set1(*ud, from)))
+		/* Note: openssl doesn't set an error as it should for some cases */
+		return auxL_error(L, auxL_EOPENSSL, "ssl.context:getParam");
+
+	return 1;
+} /* sx_getParam() */
+
+
 static int sx_setVerify(lua_State *L) {
 	SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS);
 	int mode = luaL_optint(L, 2, -1);
@@ -7799,6 +7831,8 @@ static const auxL_Reg sx_methods[] = {
 	{ "clearOptions",     &sx_clearOptions },
 	{ "setStore",         &sx_setStore },
 	{ "getStore",         &sx_getStore },
+	{ "setParam",         &sx_setParam },
+	{ "getParam",         &sx_getParam },
 	{ "setVerify",        &sx_setVerify },
 	{ "getVerify",        &sx_getVerify },
 	{ "setCertificate",   &sx_setCertificate },
-- 
cgit v1.2.3-59-g8ed1b