From dee73c581f25525fdd3e1d05e7736161ad7e1702 Mon Sep 17 00:00:00 2001 From: daurnimator Date: Thu, 26 Oct 2017 17:52:30 +1100 Subject: src/openssl.c: Bind SSL_SESSION_get_master_key as ssl:getMasterKey() --- src/openssl.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'src') diff --git a/src/openssl.c b/src/openssl.c index 5ff80fe..0633edd 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -8919,6 +8919,28 @@ static int ssl_getClientRandom(lua_State *L) { } /* ssl_getClientRandom() */ +static int ssl_getMasterKey(lua_State *L) { + SSL *ssl = checksimple(L, 1, SSL_CLASS); + SSL_SESSION *session; + luaL_Buffer B; + size_t len; + unsigned char *out; + + session = SSL_get0_session(ssl); + if (!session) { + lua_pushnil(L); + return 1; + } + + len = SSL_SESSION_get_master_key(session, NULL, 0); + out = (unsigned char*)luaL_buffinitsize(L, &B, len); + len = SSL_SESSION_get_master_key(session, out, len); + luaL_pushresultsize(&B, len); + + return 1; +} /* ssl_getMasterKey() */ + + static int ssl_getClientVersion(lua_State *L) { SSL *ssl = checksimple(L, 1, SSL_CLASS); int format = luaL_checkoption(L, 2, "d", (const char *[]){ "d", ".", "f", NULL }); @@ -9104,6 +9126,7 @@ static const auxL_Reg ssl_methods[] = { { "setHostName", &ssl_setHostName }, { "getVersion", &ssl_getVersion }, { "getClientRandom", &ssl_getClientRandom }, + { "getMasterKey", &ssl_getMasterKey }, { "getClientVersion", &ssl_getClientVersion }, #if HAVE_SSL_GET0_ALPN_SELECTED { "getAlpnSelected", &ssl_getAlpnSelected }, -- cgit v1.2.3-59-g8ed1b From b0e0c2a654d791543cd5728163e6912b085e09e8 Mon Sep 17 00:00:00 2001 From: daurnimator Date: Thu, 26 Oct 2017 17:55:50 +1100 Subject: src/openssl.c: Add compat routines for SSL_SESSION_get_master_key --- src/openssl.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'src') diff --git a/src/openssl.c b/src/openssl.c index 0633edd..be0fa58 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -357,6 +357,10 @@ #define HAVE_SSL_OP_NO_DTLS_MASK OPENSSL_PREREQ(1,1,0) #endif +#ifndef HAVE_SSL_SESSION_MASTER_KEY +#define HAVE_SSL_SESSION_MASTER_KEY OPENSSL_PREREQ(1,1,0) +#endif + #ifndef HAVE_STACK_OPENSSL_STRING_FUNCS #define HAVE_STACK_OPENSSL_STRING_FUNCS (OPENSSL_PREREQ(1,0,0) || LIBRESSL_PREREQ(2,0,0)) #endif @@ -1723,6 +1727,22 @@ static size_t compat_SSL_get_client_random(const SSL *ssl, unsigned char *out, s } #endif +#if !HAVE_SSL_SESSION_MASTER_KEY +#define SSL_SESSION_get_master_key(...) EXPAND( compat_SSL_SESSION_get_master_key(__VA_ARGS__) ) +static size_t compat_SSL_SESSION_get_master_key(const SSL_SESSION *session, unsigned char *out, size_t outlen) { + if (session->master_key_length < 0) { + /* Should never happen */ + return 0; + } + if (outlen == 0) + return session->master_key_length; + if (outlen > (size_t)session->master_key_length) + outlen = session->master_key_length; + memcpy(out, session->master_key, outlen); + return outlen; +} +#endif + #if !HAVE_SSL_CLIENT_VERSION #define SSL_client_version(...) EXPAND( compat_SSL_client_version(__VA_ARGS__) ) -- cgit v1.2.3-59-g8ed1b