136 } |
136 } |
137 |
137 |
138 /** |
138 /** |
139 * Find the protocol. |
139 * Find the protocol. |
140 */ |
140 */ |
141 static SSL_METHOD* str2method(const char *method) |
141 static const SSL_METHOD* str2method(const char *method) |
142 { |
142 { |
143 if (!strcmp(method, "sslv3")) return SSLv3_method(); |
143 if (!strcmp(method, "sslv3")) return SSLv3_method(); |
144 if (!strcmp(method, "tlsv1")) return TLSv1_method(); |
144 if (!strcmp(method, "tlsv1")) return TLSv1_method(); |
145 if (!strcmp(method, "sslv23")) return SSLv23_method(); |
145 if (!strcmp(method, "sslv23")) return SSLv23_method(); |
146 return NULL; |
146 return NULL; |
229 * Create a SSL context. |
229 * Create a SSL context. |
230 */ |
230 */ |
231 static int create(lua_State *L) |
231 static int create(lua_State *L) |
232 { |
232 { |
233 p_context ctx; |
233 p_context ctx; |
234 SSL_METHOD *method; |
234 const SSL_METHOD *method; |
235 |
235 |
236 if (luasec_sslctx_idx == -1) { |
236 if (luasec_sslctx_idx == -1) { |
237 luasec_sslctx_idx = SSL_CTX_get_ex_new_index(0, "luasec sslctx context", NULL, NULL, NULL); |
237 luasec_sslctx_idx = SSL_CTX_get_ex_new_index(0, "luasec sslctx context", NULL, NULL, NULL); |
238 if (luasec_sslctx_idx == -1) { |
238 if (luasec_sslctx_idx == -1) { |
239 lua_pushnil(L); |
239 lua_pushnil(L); |
491 */ |
491 */ |
492 static int set_verify(lua_State *L) |
492 static int set_verify(lua_State *L) |
493 { |
493 { |
494 int i; |
494 int i; |
495 int flag = 0, vflag = 0; |
495 int flag = 0, vflag = 0; |
496 int ignore_errors = 0; |
|
497 p_context ctx = checkctx(L, 1); |
496 p_context ctx = checkctx(L, 1); |
498 int max = lua_gettop(L); |
497 int max = lua_gettop(L); |
499 /* any flag? */ |
498 /* any flag? */ |
500 if (max > 1) { |
499 if (max > 1) { |
501 ctx->verify_flags = LUASEC_VERIFY_FLAGS_NONE; |
500 ctx->verify_flags = LUASEC_VERIFY_FLAGS_NONE; |
502 for (i = 2; i <= max; i++) { |
501 for (i = 2; i <= max; i++) { |
503 const char *s = luaL_checkstring(L, i); |
502 const char *s = luaL_checkstring(L, i); |
504 if (!strcmp(s, "continue")) { |
503 if (!strcmp(s, "continue")) { |
505 ctx->verify_flags |= LUASEC_VERIFY_FLAGS_ALWAYS_CONTINUE; |
504 ctx->verify_flags |= LUASEC_VERIFY_FLAGS_ALWAYS_CONTINUE; |
506 ignore_errors = 1; |
|
507 } else if (!strcmp(s, "ignore_purpose")) { |
505 } else if (!strcmp(s, "ignore_purpose")) { |
508 ctx->verify_flags |= LUASEC_VERIFY_FLAGS_IGNORE_PURPOSE; |
506 ctx->verify_flags |= LUASEC_VERIFY_FLAGS_IGNORE_PURPOSE; |
509 } else if (!strcmp(s, "crl_check")) { |
507 } else if (!strcmp(s, "crl_check")) { |
510 vflag |= X509_V_FLAG_CRL_CHECK; |
508 vflag |= X509_V_FLAG_CRL_CHECK; |
511 } else if (!strcmp(s, "crl_check_chain")) { |
509 } else if (!strcmp(s, "crl_check_chain")) { |