From f603c7ac366b90649d8635b600dd646f40dac25a Mon Sep 17 00:00:00 2001 From: daurnimator Date: Mon, 7 Nov 2016 23:29:45 +1100 Subject: openssl.x509.store: Add xs_push to push an existing X509_STORE --- src/openssl.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/src/openssl.c b/src/openssl.c index 4564061..d7b572e 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -259,6 +259,10 @@ #define HAVE_X509_UP_REF OPENSSL_PREREQ(1,1,0) #endif +#ifndef HAVE_X509_STORE_UP_REF +#define HAVE_X509_STORE_UP_REF OPENSSL_PREREQ(1,1,0) +#endif + #ifndef HMAC_INIT_EX_INT #define HMAC_INIT_EX_INT OPENSSL_PREREQ(1,0,0) #endif @@ -1599,6 +1603,18 @@ static int compat_X509_up_ref(X509 *crt) { } /* compat_X509_up_ref() */ #endif +#if !HAVE_X509_STORE_UP_REF +#define X509_STORE_up_ref(...) compat_X509_STORE_up_ref(__VA_ARGS__) + +static int compat_X509_STORE_up_ref(X509_STORE *crt) { + /* our caller should already have had a proper reference */ + if (CRYPTO_add(&crt->references, 1, CRYPTO_LOCK_X509_STORE) < 2) + return 0; /* fail */ + + return 1; +} /* compat_X509_STORE_up_ref() */ +#endif + static int compat_init(void) { static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; static int store_index = -1, ssl_ctx_index = -1, done; @@ -6744,6 +6760,16 @@ static int xs_new(lua_State *L) { } /* xs_new() */ +static X509_STORE *xs_push(lua_State *L, X509_STORE *store) { + X509_STORE **ud = prepsimple(L, X509_STORE_CLASS); + + X509_STORE_up_ref(store); + *ud = store; + + return *ud; +} /* xs_push() */ + + static int xs_interpose(lua_State *L) { return interpose(L, X509_STORE_CLASS); } /* xs_interpose() */ -- cgit v1.2.3-59-g8ed1b From 0362804658c4b7eb4abc2c4c9a64e154855c24ee Mon Sep 17 00:00:00 2001 From: daurnimator Date: Mon, 7 Nov 2016 23:30:24 +1100 Subject: openssl.ssl.context: Add :getStore() that returns the ssl context's internal x509 store --- src/openssl.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/openssl.c b/src/openssl.c index d7b572e..d4f75aa 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -7263,6 +7263,20 @@ static int sx_setStore(lua_State *L) { } /* sx_setStore() */ +static int sx_getStore(lua_State *L) { + SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS); + X509_STORE *store; + + if((store = SSL_CTX_get_cert_store(ctx))) { + xs_push(L, store); + } else { + lua_pushnil(L); + } + + return 1; +} /* sx_getStore() */ + + static int sx_setVerify(lua_State *L) { SSL_CTX *ctx = checksimple(L, 1, SSL_CTX_CLASS); int mode = luaL_optint(L, 2, -1); @@ -7529,6 +7543,7 @@ static const auxL_Reg sx_methods[] = { { "getOptions", &sx_getOptions }, { "clearOptions", &sx_clearOptions }, { "setStore", &sx_setStore }, + { "getStore", &sx_getStore }, { "setVerify", &sx_setVerify }, { "getVerify", &sx_getVerify }, { "setCertificate", &sx_setCertificate }, -- cgit v1.2.3-59-g8ed1b From a45ea1e4ffd195c45cde3f79df576460272b66fa Mon Sep 17 00:00:00 2001 From: William Ahern Date: Wed, 23 Nov 2016 18:11:37 -0800 Subject: restore alphabetical ordering of definitions --- src/openssl.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/src/openssl.c b/src/openssl.c index ee2cd68..c33d934 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -281,14 +281,14 @@ #define HAVE_X509_STORE_REFERENCES (!OPENSSL_PREREQ(1,1,0)) #endif -#ifndef HAVE_X509_UP_REF -#define HAVE_X509_UP_REF OPENSSL_PREREQ(1,1,0) -#endif - #ifndef HAVE_X509_STORE_UP_REF #define HAVE_X509_STORE_UP_REF OPENSSL_PREREQ(1,1,0) #endif +#ifndef HAVE_X509_UP_REF +#define HAVE_X509_UP_REF OPENSSL_PREREQ(1,1,0) +#endif + #ifndef HMAC_INIT_EX_INT #define HMAC_INIT_EX_INT OPENSSL_PREREQ(1,0,0) #endif @@ -1629,28 +1629,28 @@ static void compat_init_X509_STORE_onfree(void *store, void *data NOTUSED, CRYPT compat.tmp.store = NULL; } /* compat_init_X509_STORE_onfree() */ -#if !HAVE_X509_UP_REF -#define X509_up_ref(...) compat_X509_up_ref(__VA_ARGS__) +#if !HAVE_X509_STORE_UP_REF +#define X509_STORE_up_ref(...) compat_X509_STORE_up_ref(__VA_ARGS__) -static int compat_X509_up_ref(X509 *crt) { +static int compat_X509_STORE_up_ref(X509_STORE *crt) { /* our caller should already have had a proper reference */ - if (CRYPTO_add(&crt->references, 1, CRYPTO_LOCK_X509) < 2) + if (CRYPTO_add(&crt->references, 1, CRYPTO_LOCK_X509_STORE) < 2) return 0; /* fail */ return 1; -} /* compat_X509_up_ref() */ +} /* compat_X509_STORE_up_ref() */ #endif -#if !HAVE_X509_STORE_UP_REF -#define X509_STORE_up_ref(...) compat_X509_STORE_up_ref(__VA_ARGS__) +#if !HAVE_X509_UP_REF +#define X509_up_ref(...) compat_X509_up_ref(__VA_ARGS__) -static int compat_X509_STORE_up_ref(X509_STORE *crt) { +static int compat_X509_up_ref(X509 *crt) { /* our caller should already have had a proper reference */ - if (CRYPTO_add(&crt->references, 1, CRYPTO_LOCK_X509_STORE) < 2) + if (CRYPTO_add(&crt->references, 1, CRYPTO_LOCK_X509) < 2) return 0; /* fail */ return 1; -} /* compat_X509_STORE_up_ref() */ +} /* compat_X509_up_ref() */ #endif static int compat_init(void) { -- cgit v1.2.3-59-g8ed1b