385 SSL_CTX_set_verify_depth(ctx, luaL_checkint(L, 2)); |
385 SSL_CTX_set_verify_depth(ctx, luaL_checkint(L, 2)); |
386 lua_pushboolean(L, 1); |
386 lua_pushboolean(L, 1); |
387 return 1; |
387 return 1; |
388 } |
388 } |
389 |
389 |
|
390 int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) |
|
391 { |
|
392 return 1; |
|
393 } |
|
394 |
390 /** |
395 /** |
391 * Set the handshake verify options. |
396 * Set the handshake verify options. |
392 */ |
397 */ |
393 static int set_verify(lua_State *L) |
398 static int set_verify(lua_State *L) |
394 { |
399 { |
395 int i; |
400 int i; |
396 int flag = 0; |
401 int flag = 0; |
|
402 int ignore_errors = 0; |
397 SSL_CTX *ctx = ctx_getcontext(L, 1); |
403 SSL_CTX *ctx = ctx_getcontext(L, 1); |
398 int max = lua_gettop(L); |
404 int max = lua_gettop(L); |
399 /* any flag? */ |
405 /* any flag? */ |
400 if (max > 1) { |
406 if (max > 1) { |
401 for (i = 2; i <= max; i++) { |
407 for (i = 2; i <= max; i++) { |
402 if (!set_verify_flag(luaL_checkstring(L, i), &flag)) { |
408 const char *s = luaL_checkstring(L, i); |
|
409 if (!strcmp(s, "continue")) { |
|
410 ignore_errors = 1; |
|
411 } else if (!set_verify_flag(s, &flag)) { |
403 lua_pushboolean(L, 0); |
412 lua_pushboolean(L, 0); |
404 lua_pushstring(L, "invalid verify option"); |
413 lua_pushstring(L, "invalid verify option"); |
405 return 2; |
414 return 2; |
406 } |
415 } |
407 } |
416 } |
408 SSL_CTX_set_verify(ctx, flag, NULL); |
417 SSL_CTX_set_verify(ctx, flag, ignore_errors ? verify_cb : NULL); |
409 } |
418 } |
410 lua_pushboolean(L, 1); |
419 lua_pushboolean(L, 1); |
411 return 1; |
420 return 1; |
412 } |
421 } |
413 |
422 |