|
1 ------------------------------------------------------------------------------ |
|
2 -- LuaSec 0.4 |
|
3 -- Copyright (C) 2006-2009 Bruno Silvestre |
|
4 -- |
|
5 ------------------------------------------------------------------------------ |
|
6 |
|
7 module("ssl", package.seeall) |
|
8 |
|
9 require("ssl.core") |
|
10 require("ssl.context") |
|
11 |
|
12 |
|
13 _VERSION = "0.4" |
|
14 _COPYRIGHT = "LuaSec 0.4 - Copyright (C) 2006-2009 Bruno Silvestre\n" .. |
|
15 "LuaSocket 2.0.2 - Copyright (C) 2004-2007 Diego Nehab" |
|
16 |
|
17 -- Export functions |
|
18 rawconnection = core.rawconnection |
|
19 rawcontext = context.rawcontext |
|
20 |
|
21 -- |
|
22 -- |
|
23 -- |
|
24 local function optexec(func, param, ctx) |
|
25 if param then |
|
26 if type(param) == "table" then |
|
27 return func(ctx, unpack(param)) |
|
28 else |
|
29 return func(ctx, param) |
|
30 end |
|
31 end |
|
32 return true |
|
33 end |
|
34 |
|
35 -- |
|
36 -- |
|
37 -- |
|
38 function newcontext(cfg) |
|
39 local succ, msg, ctx |
|
40 -- Create the context |
|
41 ctx, msg = context.create(cfg.protocol) |
|
42 if not ctx then return nil, msg end |
|
43 -- Mode |
|
44 succ, msg = context.setmode(ctx, cfg.mode) |
|
45 if not succ then return nil, msg end |
|
46 -- Load the key |
|
47 if cfg.key then |
|
48 succ, msg = context.loadkey(ctx, cfg.key, cfg.password) |
|
49 if not succ then return nil, msg end |
|
50 end |
|
51 -- Load the certificate |
|
52 if cfg.certificate then |
|
53 succ, msg = context.loadcert(ctx, cfg.certificate) |
|
54 if not succ then return nil, msg end |
|
55 end |
|
56 -- Load the CA certificates |
|
57 if cfg.cafile or cfg.capath then |
|
58 succ, msg = context.locations(ctx, cfg.cafile, cfg.capath) |
|
59 if not succ then return nil, msg end |
|
60 end |
|
61 -- Set the verification options |
|
62 succ, msg = optexec(context.setverify, cfg.verify, ctx) |
|
63 if not succ then return nil, msg end |
|
64 -- Set SSL options |
|
65 succ, msg = optexec(context.setoptions, cfg.options, ctx) |
|
66 if not succ then return nil, msg end |
|
67 -- Set the depth for certificate verification |
|
68 if cfg.depth then |
|
69 succ, msg = context.setdepth(ctx, cfg.depth) |
|
70 if not succ then return nil, msg end |
|
71 end |
|
72 return ctx |
|
73 end |
|
74 |
|
75 -- |
|
76 -- |
|
77 -- |
|
78 function wrap(sock, cfg) |
|
79 local ctx, msg |
|
80 if type(cfg) == "table" then |
|
81 ctx, msg = newcontext(cfg) |
|
82 if not ctx then return nil, msg end |
|
83 else |
|
84 ctx = cfg |
|
85 end |
|
86 local s, msg = core.create(ctx) |
|
87 if s then |
|
88 core.setfd(s, sock:getfd()) |
|
89 sock:setfd(core.invalidfd) |
|
90 return s |
|
91 end |
|
92 return nil, msg |
|
93 end |