From dee73c581f25525fdd3e1d05e7736161ad7e1702 Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Thu, 26 Oct 2017 17:52:30 +1100
Subject: src/openssl.c: Bind SSL_SESSION_get_master_key as ssl:getMasterKey()

---
 src/openssl.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/src/openssl.c b/src/openssl.c
index 5ff80fe..0633edd 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -8919,6 +8919,28 @@ static int ssl_getClientRandom(lua_State *L) {
 } /* ssl_getClientRandom() */
 
 
+static int ssl_getMasterKey(lua_State *L) {
+	SSL *ssl = checksimple(L, 1, SSL_CLASS);
+	SSL_SESSION *session;
+	luaL_Buffer B;
+	size_t len;
+	unsigned char *out;
+
+	session = SSL_get0_session(ssl);
+	if (!session) {
+		lua_pushnil(L);
+		return 1;
+	}
+
+	len = SSL_SESSION_get_master_key(session, NULL, 0);
+	out = (unsigned char*)luaL_buffinitsize(L, &B, len);
+	len = SSL_SESSION_get_master_key(session, out, len);
+	luaL_pushresultsize(&B, len);
+
+	return 1;
+} /* ssl_getMasterKey() */
+
+
 static int ssl_getClientVersion(lua_State *L) {
 	SSL *ssl = checksimple(L, 1, SSL_CLASS);
 	int format = luaL_checkoption(L, 2, "d", (const char *[]){ "d", ".", "f", NULL });
@@ -9104,6 +9126,7 @@ static const auxL_Reg ssl_methods[] = {
 	{ "setHostName",      &ssl_setHostName },
 	{ "getVersion",       &ssl_getVersion },
 	{ "getClientRandom",  &ssl_getClientRandom },
+	{ "getMasterKey",     &ssl_getMasterKey },
 	{ "getClientVersion", &ssl_getClientVersion },
 #if HAVE_SSL_GET0_ALPN_SELECTED
 	{ "getAlpnSelected",  &ssl_getAlpnSelected },
-- 
cgit v1.2.3-59-g8ed1b


From b0e0c2a654d791543cd5728163e6912b085e09e8 Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Thu, 26 Oct 2017 17:55:50 +1100
Subject: src/openssl.c: Add compat routines for SSL_SESSION_get_master_key

---
 src/openssl.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/openssl.c b/src/openssl.c
index 0633edd..be0fa58 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -357,6 +357,10 @@
 #define HAVE_SSL_OP_NO_DTLS_MASK OPENSSL_PREREQ(1,1,0)
 #endif
 
+#ifndef HAVE_SSL_SESSION_MASTER_KEY
+#define HAVE_SSL_SESSION_MASTER_KEY OPENSSL_PREREQ(1,1,0)
+#endif
+
 #ifndef HAVE_STACK_OPENSSL_STRING_FUNCS
 #define HAVE_STACK_OPENSSL_STRING_FUNCS (OPENSSL_PREREQ(1,0,0) || LIBRESSL_PREREQ(2,0,0))
 #endif
@@ -1723,6 +1727,22 @@ static size_t compat_SSL_get_client_random(const SSL *ssl, unsigned char *out, s
 }
 #endif
 
+#if !HAVE_SSL_SESSION_MASTER_KEY
+#define SSL_SESSION_get_master_key(...) EXPAND( compat_SSL_SESSION_get_master_key(__VA_ARGS__) )
+static size_t compat_SSL_SESSION_get_master_key(const SSL_SESSION *session, unsigned char *out, size_t outlen) {
+	if (session->master_key_length < 0) {
+		/* Should never happen */
+		return 0;
+	}
+	if (outlen == 0)
+		return session->master_key_length;
+	if (outlen > (size_t)session->master_key_length)
+		outlen = session->master_key_length;
+	memcpy(out, session->master_key, outlen);
+	return outlen;
+}
+#endif
+
 #if !HAVE_SSL_CLIENT_VERSION
 #define SSL_client_version(...) EXPAND( compat_SSL_client_version(__VA_ARGS__) )
 
-- 
cgit v1.2.3-59-g8ed1b