From 67e5176b6b3dc3e7df8170c97bb2ce861b909c66 Mon Sep 17 00:00:00 2001
From: Bruno Silvestre <brunoos@inf.ufg.br>
Date: Sun, 2 Sep 2012 11:32:26 -0300
Subject: [PATCH] LuaSec 0.4

---
 CHANGELOG      |   6 +++
 INSTALL        |   7 ++-
 LICENSE        |   4 +-
 Makefile       |   4 +-
 luasec.suo     | Bin 10752 -> 10752 bytes
 luasec.vcproj  |   4 +-
 samples/README |  12 ++---
 src/Makefile   |   7 +--
 src/context.c  |   6 ++-
 src/context.h  |   6 ++-
 src/https.lua  | 138 +++++++++++++++++++++++++++++++++++++++++++++++++
 src/ssl.c      |   3 +-
 src/ssl.h      |   7 +--
 src/ssl.lua    |   6 +--
 14 files changed, 177 insertions(+), 33 deletions(-)
 create mode 100644 src/https.lua

diff --git a/CHANGELOG b/CHANGELOG
index 141fdbb..9dfe692 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,9 @@
+--------------------------------------------------------------------------------
+LuaSec 0.4
+------------
+- Add option 'no_ticket' (included in OpenSSL 0.9.8f).
+- Add HTTPS module. (thanks Tomas Guisasola and Pablo Musa)
+
 --------------------------------------------------------------------------------
 LuaSec 0.3.3
 ------------
diff --git a/INSTALL b/INSTALL
index 0bb29ad..faa0436 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,10 +1,11 @@
-LuaSec 0.3.3
+LuaSec 0.4
 ------------
 
 * On Linux, BSD, and Mac OS X:
 
   - Edit 'Makefile'
-    * Inform the path to install the modules.
+    * Inform the path to where install the Lua modules (LUAPATH) and binaries 
+      modules (LUACPATH)
     * If Lua or OpenSSL are not in the default path, set the 
       variables INCDIR and LIBDIR.
     * For Mac OS X, set the variable MACOSX_VERSION.
@@ -21,3 +22,5 @@ LuaSec 0.3.3
   - Copy the 'ssl.lua' file to some place in your LUA_PATH.
 
   - Copy the 'ssl.dll' file to some place in your LUA_CPATH.
+
+  - Create a directory 'ssl' in your LUA_PATH and copy 'https.lua' to it.
diff --git a/LICENSE b/LICENSE
index 80b9c29..07b8826 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,5 +1,5 @@
-LuaSec 0.3.3 license
-Copyright (C) 2006-2009 Bruno Silvestre
+LuaSec 0.4 license
+Copyright (C) 2006-2009 Bruno Silvestre, PUC-Rio
 
 Permission is hereby granted, free  of charge, to any person obtaining
 a  copy  of this  software  and  associated  documentation files  (the
diff --git a/Makefile b/Makefile
index 75917c7..ae688c6 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 # Inform the location to intall the modules
 LUAPATH=/usr/local/share/lua/5.1
-CPATH=/usr/local/lib/lua/5.1
+LUACPATH=/usr/local/lib/lua/5.1
 
 # Edit the lines below to inform new path, if necessary
 #
@@ -26,7 +26,7 @@ none:
 	@echo "  * macosx"
 
 install:
-	@cd src ; $(MAKE) CPATH="$(CPATH)" LUAPATH="$(LUAPATH)" install
+	@cd src ; $(MAKE) LUACPATH="$(LUACPATH)" LUAPATH="$(LUAPATH)" install
 
 linux:
 	@echo "---------------------"
diff --git a/luasec.suo b/luasec.suo
index ccbf85656187959c05c21e4b4913bc1453b94d3c..3de85c6a4feffb378bba3a8d110795071fa8d236 100644
GIT binary patch
delta 319
zcmZn&X$aYn!@@4m;GtsgdunqrODH1;4+8_ke;}BAkws<l7uF>#RzQKtbJ#ps{{cn+
zO$?Nt%)<UhAhz6UO5L%)&a<@m^7`_*Ur%=AG}!FG;ljwg0jT_}Smh?J3P#2~lPkG5
zbLuh}Fz7LuFvM&&<>6zVe3;8{atVLHWEUZW&0qKfn0WYrHgF?bTO#BSR`o^5pO=vf
zD8q{+ySYSIfQj)G(2k{|aFZEw7)luu8HyQF8ImX4i#3YsF_bYRGZZisG2}C30d+G1
zF<1{fRL|r>ab;;K1`nW)M1~X~S;U~g;Kq;%G$|Em4#VdC;+BkzFE;;__|3{_x%sP{
WA0s2fWETaS$rBVbHm^{K-~<4(VPYZx

delta 279
zcmZn&X$aYn!@|zcVY|J^>*VHQmQY3xZUzR1|3EPLB8$r8FRV*g{((4i*gPhCu*)$1
zo6N}mU*OfDiM+-#dJZd+f~0hrN;ge*<TTjqz~REkxMFiF=VwO7Et4y`H#5deR%8+0
z?7+j!%*zNek`LMF68-=lUZ?;_5@g@zFZ=;alaKHlOfC`f=VjyqO7kG=`6A>$`7oE^
z<`Q86CdNaP+c_&I+bQZzZV?xm>>$>_Tf~shkOfrF2*k*;3d}%($rCv>Hy;qUU}T)J
k`KQEhRz`=-U*-H584V}9DA-J%ATBn!O+jh%4h0WR0Jr964FCWD

diff --git a/luasec.vcproj b/luasec.vcproj
index 895562d..7135e2e 100644
--- a/luasec.vcproj
+++ b/luasec.vcproj
@@ -121,7 +121,7 @@
 			<Tool
 				Name="VCCLCompilerTool"
 				AdditionalIncludeDirectories="C:\devel\openssl\include;C:\devel\lua-dll9\include"
-				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;LUASEC_EXPORTS;BUFFER_DEBUG;LUASEC_API=__declspec(dllexport)"
+				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;BUFFER_DEBUG"
 				RuntimeLibrary="2"
 				UsePrecompiledHeader="0"
 				WarningLevel="3"
@@ -141,7 +141,7 @@
 				AdditionalDependencies="ws2_32.lib libeay32MD.lib ssleay32MD.lib lua5.1.lib"
 				OutputFile="$(OutDir)/ssl.dll"
 				LinkIncremental="1"
-				AdditionalLibraryDirectories="C:\devel\openssl\lib\VC;C:\devel\lua-dll9"
+				AdditionalLibraryDirectories="C:\devel\openssl\lib\VC;C:\devel\lua-dll9\lib"
 				GenerateDebugInformation="true"
 				SubSystem="2"
 				OptimizeReferences="2"
diff --git a/samples/README b/samples/README
index ecdf3c9..885a94e 100644
--- a/samples/README
+++ b/samples/README
@@ -1,14 +1,8 @@
-In all examples, the SSL/TLS  layer can be disable just commenting the
-wrap  section.   In this  case,  the  examples  work with  normal  TCP
-communication.
-
 Directories: 
 ------------
 * certs
- It  contains a set of  certificates used in the examples.  You can use
- the  scrits  to  recreate  them  if  necessary  (due  to  certificates
- expiration  date,  for example).  First,  generate the Root CA 'A' and 
- 'B', then the servers and clients.
+ Contains scripts to generate the certificates used by the examples.
+ Generate Root CA 'A' and 'B' first, then the servers and clients.
 
 * oneshot
  A simple connection example.
@@ -19,7 +13,7 @@ Directories:
 
 * loop-gc
  Same of above,  but the connection is not  explicit closed, the gabage
- collector is encharge of it.
+ collector is encharge of that.
 
 * wantread
  Test timeout in handshake() and receive().
diff --git a/src/Makefile b/src/Makefile
index a4aa2e5..9b9520d 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -23,7 +23,6 @@ MAC_ENV=env MACOSX_DEPLOYMENT_TARGET='$(MACVER)'
 MAC_CFLAGS=-O2 -fno-common $(WARN) $(INCDIR) $(DEFS)
 MAC_LDFLAGS=-bundle -undefined dynamic_lookup $(LIBDIR)
 
-CP=cp
 CC=gcc
 LD=$(MYENV) gcc
 CFLAGS=$(MYCFLAGS)
@@ -34,8 +33,10 @@ LDFLAGS=$(MYLDFLAGS)
 all:
 
 install: $(CMOD) $(LMOD)
-	$(CP) $(CMOD) $(CPATH)
-	$(CP) $(LMOD) $(LUAPATH)
+	mkdir -p $(LUAPATH)/ssl
+	cp $(CMOD) $(LUACPATH)
+	cp $(LMOD) $(LUAPATH)
+	cp https.lua $(LUAPATH)/ssl
 
 linux:
 	@$(MAKE) $(CMOD) MYCFLAGS="$(LNX_CFLAGS)" MYLDFLAGS="$(LNX_LDFLAGS)"
diff --git a/src/context.c b/src/context.c
index 4113ebf..416b504 100644
--- a/src/context.c
+++ b/src/context.c
@@ -1,5 +1,5 @@
 /*--------------------------------------------------------------------------
- * LuaSec 0.3.3
+ * LuaSec 0.4
  * Copyright (C) 2006-2009 Bruno Silvestre
  *
  *--------------------------------------------------------------------------*/
@@ -51,6 +51,10 @@ static ssl_option_t ssl_options[] = {
   {"cookie_exchange",                  SSL_OP_COOKIE_EXCHANGE},
   {"no_query_mtu",                     SSL_OP_NO_QUERY_MTU},
   {"single_ecdh_use",                  SSL_OP_SINGLE_ECDH_USE},
+#endif
+  /* OpenSSL 0.9.8f and above */
+#if defined(SSL_OP_NO_TICKET)
+  {"no_ticket",                        SSL_OP_NO_TICKET},
 #endif
   {NULL, 0L}
 };
diff --git a/src/context.h b/src/context.h
index 883eea4..93470bd 100644
--- a/src/context.h
+++ b/src/context.h
@@ -2,7 +2,7 @@
 #define __CONTEXT_H__
 
 /*--------------------------------------------------------------------------
- * LuaSec 0.3.3
+ * LuaSec 0.4
  * Copyright (C) 2006-2009 Bruno Silvestre
  *
  *--------------------------------------------------------------------------*/
@@ -10,7 +10,9 @@
 #include <lua.h>
 #include <openssl/ssl.h>
 
-#ifndef LUASEC_API
+#if defined(_WIN32)
+#define LUASEC_API __declspec(dllexport) 
+#else
 #define LUASEC_API extern
 #endif
 
diff --git a/src/https.lua b/src/https.lua
new file mode 100644
index 0000000..19c19fe
--- /dev/null
+++ b/src/https.lua
@@ -0,0 +1,138 @@
+----------------------------------------------------------------------------
+-- LuaSec 0.4
+-- Copyright (C) 2009 PUC-Rio
+--
+-- Author: Pablo Musa
+-- Author: Tomas Guisasola
+---------------------------------------------------------------------------
+
+local socket = require("socket")
+local ssl    = require("ssl")
+local ltn12  = require("ltn12")
+local http   = require("socket.http")
+local url    = require("socket.url")
+
+local table  = require("table")
+local string = require("string")
+
+local try          = socket.try
+local type         = type
+local pairs        = pairs
+local getmetatable = getmetatable
+
+module("ssl.https")
+
+_VERSION   = "0.4"
+_COPYRIGHT = "LuaSec 0.4 - Copyright (C) 2009 PUC-Rio"
+
+-- Default settings
+PORT = 443
+
+local cfg = {
+  protocol = "tlsv1",
+  options  = "all",
+  verify   = "none",
+}
+
+--------------------------------------------------------------------
+-- Auxiliar Functions
+--------------------------------------------------------------------
+
+-- Insert default HTTPS port.
+local function default_https_port(u)
+   return url.build(url.parse(u, {port = PORT}))
+end
+
+-- Convert an URL to a table according to Luasocket needs.
+local function urlstring_totable(url, body, result_table)
+   url = {
+      url = default_https_port(url),
+      method = body and "POST" or "GET",
+      sink = ltn12.sink.table(result_table)
+   }
+   if body then
+      url.source = ltn12.source.string(body)
+      url.headers = {
+         ["content-length"] = #body,
+         ["content-type"] = "application/x-www-form-urlencoded",
+      }
+   end
+   return url
+end
+
+-- Forward calls to the real connection object.
+local function reg(conn)
+   local mt = getmetatable(conn.sock).__index
+   for name, method in pairs(mt) do
+      if type(method) == "function" then
+         conn[name] = function (self, ...)
+                         return method(self.sock, ...)
+                      end
+      end
+   end
+end
+
+-- Return a function which performs the SSL/TLS connection.
+local function tcp(params)
+   params = params or {}
+   -- Default settings
+   for k, v in pairs(cfg) do 
+      params[k] = params[k] or v
+   end
+   -- Force client mode
+   params.mode = "client"
+   -- 'create' function for LuaSocket
+   return function ()
+      local conn = {}
+      conn.sock = try(socket.tcp())
+      local st = getmetatable(conn.sock).__index.settimeout
+      function conn:settimeout(...)
+         return st(self.sock, ...)
+      end
+      -- Replace TCP's connection function
+      function conn:connect(host, port)
+         try(self.sock:connect(host, port))
+         self.sock = try(ssl.wrap(self.sock, params))
+         try(self.sock:dohandshake())
+         reg(self, getmetatable(self.sock))
+         return 1
+      end
+      return conn
+  end
+end
+
+--------------------------------------------------------------------
+-- Main Function
+--------------------------------------------------------------------
+
+-- Make a HTTP request over secure connection.  This function receives
+--  the same parameters of LuaSocket's HTTP module (except 'proxy' and
+--  'redirect') plus LuaSec parameters.
+--
+-- @param url mandatory (string or table)
+-- @param body optional (string)
+-- @return (string if url == string or 1), code, headers, status
+--
+function request(url, body)
+  local result_table = {}
+  local stringrequest = type(url) == "string"
+  if stringrequest then
+    url = urlstring_totable(url, body, result_table)
+  else
+    url.url = default_https_port(url.url)
+  end
+  if http.PROXY or url.proxy then
+    return nil, "proxy not supported"
+  elseif url.redirect then
+    return nil, "redirect not supported"
+  elseif url.create then
+    return nil, "create function not permitted"
+  end
+  -- New 'create' function to establish a secure connection
+  url.create = tcp(url)
+  local res, code, headers, status = http.request(url)
+  if res and stringrequest then
+    return table.concat(result_table), code, headers, status
+  end
+  return res, code, headers, status
+end
diff --git a/src/ssl.c b/src/ssl.c
index dbdfb84..4058c97 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1,5 +1,5 @@
 /*--------------------------------------------------------------------------
- * LuaSec 0.3.3
+ * LuaSec 0.4
  * Copyright (C) 2006-2009 Bruno Silvestre
  *
  *--------------------------------------------------------------------------*/
@@ -16,7 +16,6 @@
 #include "buffer.h"
 #include "timeout.h"
 #include "socket.h"
-#include "context.h"
 #include "ssl.h"
 
 /**
diff --git a/src/ssl.h b/src/ssl.h
index 63b2eb7..d504f71 100644
--- a/src/ssl.h
+++ b/src/ssl.h
@@ -2,7 +2,7 @@
 #define __SSL_H__
 
 /*--------------------------------------------------------------------------
- * LuaSec 0.3.3
+ * LuaSec 0.4
  * Copyright (C) 2006-2009 Bruno Silvestre
  *
  *--------------------------------------------------------------------------*/
@@ -13,10 +13,7 @@
 #include "io.h"
 #include "buffer.h"
 #include "timeout.h"
-
-#ifndef LUASEC_API
-#define LUASEC_API extern
-#endif
+#include "context.h"
 
 #define ST_SSL_NEW       1
 #define ST_SSL_CONNECTED 2
diff --git a/src/ssl.lua b/src/ssl.lua
index 7ba345a..18a07b3 100644
--- a/src/ssl.lua
+++ b/src/ssl.lua
@@ -1,5 +1,5 @@
 ------------------------------------------------------------------------------
--- LuaSec 0.3.3
+-- LuaSec 0.4
 -- Copyright (C) 2006-2009 Bruno Silvestre
 --
 ------------------------------------------------------------------------------
@@ -10,8 +10,8 @@ require("ssl.core")
 require("ssl.context")
 
 
-_VERSION   = "0.3.3"
-_COPYRIGHT = "LuaSec 0.3.3 - Copyright (C) 2006-2009 Bruno Silvestre\n" .. 
+_VERSION   = "0.4"
+_COPYRIGHT = "LuaSec 0.4 - Copyright (C) 2006-2009 Bruno Silvestre\n" .. 
              "LuaSocket 2.0.2 - Copyright (C) 2004-2007 Diego Nehab"
 
 -- Export functions