dany/luasec
1
0
Fork 0
mirror of https://github.com/brunoos/luasec.git synced 2024-12-27 04:58:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Enable DANE only for OpenSSL 1.1.0 or higher

Browse Source
This commit is contained in:
Bruno Silvestre 2019-07-11 10:09:39 -03:00
parent 18fa0118be
commit a2dcfffcfa
4 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/config.c
View File

@ -74,6 +74,13 @@ LSEC_API int luaopen_ssl_config(lua_State *L)
lua_pushboolean(L, 1); lua_pushboolean(L, 1);
lua_rawset(L, -3); lua_rawset(L, -3);
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
// DANE
lua_pushstring(L, "dane");
lua_pushboolean(L, 1);
lua_rawset(L, -3);
#endif
#ifndef OPENSSL_NO_EC #ifndef OPENSSL_NO_EC
lua_pushstring(L, "curves_list"); lua_pushstring(L, "curves_list");
lua_pushboolean(L, 1); lua_pushboolean(L, 1);

14
src/context.c
View File

@ -703,7 +703,7 @@ static int set_alpn_cb(lua_State *L)
return 1; return 1;
} }
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
/* /*
* DANE * DANE
*/ */
@ -714,6 +714,7 @@ static int set_dane(lua_State *L)
lua_pushboolean(L, ret); lua_pushboolean(L, ret);
return 1; return 1;
} }
#endif
/** /**
* Package functions * Package functions
@ -733,14 +734,13 @@ static luaL_Reg funcs[] = {
{"setverify", set_verify}, {"setverify", set_verify},
{"setoptions", set_options}, {"setoptions", set_options},
{"setmode", set_mode}, {"setmode", set_mode},
#if !defined(OPENSSL_NO_EC) #if !defined(OPENSSL_NO_EC)
{"setcurve", set_curve}, {"setcurve", set_curve},
{"setcurveslist", set_curves_list}, {"setcurveslist", set_curves_list},
#endif
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
{"setdane", set_dane},
#endif #endif
{"setdane", set_dane},
{NULL, NULL} {NULL, NULL}
}; };

5
src/ssl.c
View File

@ -826,6 +826,7 @@ static int meth_copyright(lua_State *L)
return 1; return 1;
} }
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
static int meth_dane(lua_State *L) static int meth_dane(lua_State *L)
{ {
p_ssl ssl = (p_ssl)luaL_checkudata(L, 1, "SSL:Connection"); p_ssl ssl = (p_ssl)luaL_checkudata(L, 1, "SSL:Connection");
@ -849,7 +850,7 @@ static int meth_tlsa(lua_State *L)
return 1; return 1;
} }
#endif
/*---------------------------------------------------------------------------*/ /*---------------------------------------------------------------------------*/
@ -875,8 +876,10 @@ static luaL_Reg methods[] = {
{"settimeout", meth_settimeout}, {"settimeout", meth_settimeout},
{"sni", meth_sni}, {"sni", meth_sni},
{"want", meth_want}, {"want", meth_want},
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL)
{"setdane", meth_dane}, {"setdane", meth_dane},
{"settlsa", meth_tlsa}, {"settlsa", meth_tlsa},
#endif
{NULL, NULL} {NULL, NULL}
}; };

2
src/ssl.lua
View File

@ -201,7 +201,7 @@ local function newcontext(cfg)
if not succ then return nil, msg end if not succ then return nil, msg end
end end
if cfg.dane then if config.capabilities.dane and cfg.dane then
context.setdane(ctx) context.setdane(ctx)
end end