Fri, 05 Nov 2010 20:48:06 +0000
Split X509 decoding into a separate module, ssl.x509
0 | 1 | ------------------------------------------------------------------------------ |
2 | -- LuaSec 0.4 | |
3 | -- Copyright (C) 2006-2009 Bruno Silvestre | |
4 | -- | |
5 | ------------------------------------------------------------------------------ | |
6 | ||
7 | module("ssl", package.seeall) | |
8 | ||
9 | require("ssl.core") | |
10 | require("ssl.context") | |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
0
diff
changeset
|
11 | require("ssl.x509") |
0 | 12 | |
13 | ||
14 | _VERSION = "0.4" | |
15 | _COPYRIGHT = "LuaSec 0.4 - Copyright (C) 2006-2009 Bruno Silvestre\n" .. | |
16 | "LuaSocket 2.0.2 - Copyright (C) 2004-2007 Diego Nehab" | |
17 | ||
18 | -- Export functions | |
19 | rawconnection = core.rawconnection | |
20 | rawcontext = context.rawcontext | |
21 | ||
22 | -- | |
23 | -- | |
24 | -- | |
25 | local function optexec(func, param, ctx) | |
26 | if param then | |
27 | if type(param) == "table" then | |
28 | return func(ctx, unpack(param)) | |
29 | else | |
30 | return func(ctx, param) | |
31 | end | |
32 | end | |
33 | return true | |
34 | end | |
35 | ||
36 | -- | |
37 | -- | |
38 | -- | |
39 | function newcontext(cfg) | |
40 | local succ, msg, ctx | |
41 | -- Create the context | |
42 | ctx, msg = context.create(cfg.protocol) | |
43 | if not ctx then return nil, msg end | |
44 | -- Mode | |
45 | succ, msg = context.setmode(ctx, cfg.mode) | |
46 | if not succ then return nil, msg end | |
47 | -- Load the key | |
48 | if cfg.key then | |
49 | succ, msg = context.loadkey(ctx, cfg.key, cfg.password) | |
50 | if not succ then return nil, msg end | |
51 | end | |
52 | -- Load the certificate | |
53 | if cfg.certificate then | |
54 | succ, msg = context.loadcert(ctx, cfg.certificate) | |
55 | if not succ then return nil, msg end | |
56 | end | |
57 | -- Load the CA certificates | |
58 | if cfg.cafile or cfg.capath then | |
59 | succ, msg = context.locations(ctx, cfg.cafile, cfg.capath) | |
60 | if not succ then return nil, msg end | |
61 | end | |
62 | -- Set the verification options | |
63 | succ, msg = optexec(context.setverify, cfg.verify, ctx) | |
64 | if not succ then return nil, msg end | |
65 | -- Set SSL options | |
66 | succ, msg = optexec(context.setoptions, cfg.options, ctx) | |
67 | if not succ then return nil, msg end | |
68 | -- Set the depth for certificate verification | |
69 | if cfg.depth then | |
70 | succ, msg = context.setdepth(ctx, cfg.depth) | |
71 | if not succ then return nil, msg end | |
72 | end | |
73 | return ctx | |
74 | end | |
75 | ||
76 | -- | |
77 | -- | |
78 | -- | |
79 | function wrap(sock, cfg) | |
80 | local ctx, msg | |
81 | if type(cfg) == "table" then | |
82 | ctx, msg = newcontext(cfg) | |
83 | if not ctx then return nil, msg end | |
84 | else | |
85 | ctx = cfg | |
86 | end | |
87 | local s, msg = core.create(ctx) | |
88 | if s then | |
89 | core.setfd(s, sock:getfd()) | |
90 | sock:setfd(core.invalidfd) | |
91 | return s | |
92 | end | |
93 | return nil, msg | |
94 | end |