moonbridge
diff moonbridge_io.c @ 243:1dbc5c27b279
Re-added experimental work on libtls integration
| author | jbe |
|---|---|
| date | Sun Aug 21 15:31:34 2016 +0200 (2016-08-21) |
| parents | 63466f65af56 |
| children | 832741713761 |
line diff
1.1 --- a/moonbridge_io.c Sun Aug 21 01:42:18 2016 +0200 1.2 +++ b/moonbridge_io.c Sun Aug 21 15:31:34 2016 +0200 1.3 @@ -25,6 +25,10 @@ 1.4 #include <bsd/unistd.h> 1.5 #endif 1.6 1.7 +#ifdef MOONBR_IO_USE_TLS 1.8 +#include <tls.h> 1.9 +#endif 1.10 + 1.11 #include <lua.h> 1.12 #include <lauxlib.h> 1.13 #include <lualib.h> 1.14 @@ -48,6 +52,10 @@ 1.15 #define MOONBR_IO_CHILD_MT_REGKEY "moonbridge_io_child" 1.16 #define MOONBR_IO_CHILD_PT_REGKEY "moonbridge_io_child_pt" 1.17 1.18 +#ifdef MOONBR_IO_USE_TLS 1.19 +#define MOONBR_IO_TLSCONF_MT_REGKEY "moonbridge_io_tlsconf" 1.20 +#endif 1.21 + 1.22 typedef struct { 1.23 int fd; 1.24 int issock; 1.25 @@ -1627,6 +1635,96 @@ 1.26 return 1; 1.27 } 1.28 1.29 +#ifdef MOONBR_IO_USE_TLS 1.30 + 1.31 +#define moonbr_io_tlsconf_string(name, field, func) \ 1.32 + /* NOTE: use valuetype = lua_getfield(...) for LUA_VERSION_NUM >= 503 */ \ 1.33 + lua_getfield(L, 1, (field)); \ 1.34 + valuetype = lua_type(L, -1); \ 1.35 + if (valuetype != LUA_TNIL) { \ 1.36 + luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \ 1.37 + value = lua_tostring(L, -1); \ 1.38 + if (func(tlsconf, value)) { \ 1.39 + lua_pushnil(L); \ 1.40 + lua_pushfstring(L, "Could not set " name " \"%s\"", value); \ 1.41 + return 2; \ 1.42 + } \ 1.43 + } \ 1.44 + lua_pop(L, 1); 1.45 + 1.46 +#define moonbr_io_tlsconf_binary(name, field, func) \ 1.47 + /* NOTE: use valuetype = lua_getfield(...) for LUA_VERSION_NUM >= 503 */ \ 1.48 + lua_getfield(L, 1, (field)); \ 1.49 + valuetype = lua_type(L, -1); \ 1.50 + if (valuetype != LUA_TNIL) { \ 1.51 + luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \ 1.52 + value = lua_tolstring(L, -1, &valuelen); \ 1.53 + if (func(tlsconf, (void *)value, valuelen)) { \ 1.54 + lua_pushnil(L); \ 1.55 + lua_pushliteral(L, "Could not set " name); \ 1.56 + return 2; \ 1.57 + } \ 1.58 + } \ 1.59 + lua_pop(L, 1); 1.60 + 1.61 +static int moonbr_io_tlsconf(lua_State *L) { 1.62 + struct tls_config *tlsconf; 1.63 + int valuetype; 1.64 + const char *value; 1.65 + size_t valuelen; 1.66 + luaL_checktype(L, 1, LUA_TTABLE); 1.67 + tlsconf = tls_config_new(); 1.68 + if (!tlsconf) { 1.69 + return luaL_error(L, "Could not allocate memory for TLS configuration"); 1.70 + } 1.71 + lua_pushlightuserdata(L, tlsconf); 1.72 + luaL_setmetatable(L, MOONBR_IO_TLSCONF_MT_REGKEY); 1.73 + lua_pushvalue(L, 1); 1.74 + lua_setuservalue(L, -2); 1.75 + moonbr_io_tlsconf_string("CA file", "ca_file", tls_config_set_ca_file); 1.76 + moonbr_io_tlsconf_string("CA path", "ca_path", tls_config_set_ca_path); 1.77 + moonbr_io_tlsconf_binary("CA", "ca_mem", tls_config_set_ca_mem); 1.78 + moonbr_io_tlsconf_string("certificate file", "cert_file", tls_config_set_cert_file); 1.79 + moonbr_io_tlsconf_binary("certificate", "cert_mem", tls_config_set_cert_mem); 1.80 + moonbr_io_tlsconf_string("key file", "key_file", tls_config_set_key_file); 1.81 + moonbr_io_tlsconf_binary("key", "key_mem", tls_config_set_key_mem); 1.82 + return 1; 1.83 +} 1.84 + 1.85 +static int moonbr_io_tlsconfindex(lua_State *L) { 1.86 + struct tls_config *tlsconf; 1.87 + tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY); 1.88 + luaL_checkany(L, 2); 1.89 +#if LUA_VERSION_NUM >= 503 1.90 + if (lua_getuservalue(L, 1) == LUA_TNIL) { 1.91 +#else 1.92 + lua_getuservalue(L, 1); 1.93 + if (lua_isnil(L, -1)) { 1.94 +#endif 1.95 + return luaL_error(L, "Attempt to use a destroyed TLS configuration"); 1.96 + } 1.97 + lua_pushvalue(L, 2); 1.98 + lua_gettable(L, -2); 1.99 + return 1; 1.100 +} 1.101 + 1.102 +static int moonbr_io_tlsconfgc(lua_State *L) { 1.103 + struct tls_config *tlsconf; 1.104 + tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY); 1.105 +#if LUA_VERSION_NUM >= 503 1.106 + if (lua_getuservalue(L, 1) == LUA_TNIL) return 0; 1.107 +#else 1.108 + lua_getuservalue(L, 1); 1.109 + if (lua_isnil(L, -1)) return 0; 1.110 +#endif 1.111 + tls_config_free(tlsconf); 1.112 + lua_pushnil(L); 1.113 + lua_setuservalue(L, 1); 1.114 + return 0; 1.115 +} 1.116 + 1.117 +#endif 1.118 + 1.119 static const struct luaL_Reg moonbr_io_handle_methods[] = { 1.120 {"read", moonbr_io_read}, 1.121 {"read_nb", moonbr_io_read_nb}, 1.122 @@ -1695,9 +1793,20 @@ 1.123 {"exec", moonbr_io_exec}, 1.124 {"poll", moonbr_io_poll}, 1.125 {"timeref", moonbr_io_timeref}, 1.126 +#ifdef MOONBR_IO_USE_TLS 1.127 + {"tlsconf", moonbr_io_tlsconf}, 1.128 +#endif 1.129 {NULL, NULL} 1.130 }; 1.131 1.132 +#ifdef MOONBR_IO_USE_TLS 1.133 +static const struct luaL_Reg moonbr_io_tlsconf_metamethods[] = { 1.134 + {"__index", moonbr_io_tlsconfindex}, 1.135 + {"__gc", moonbr_io_tlsconfgc}, 1.136 + {NULL, NULL} 1.137 +}; 1.138 +#endif 1.139 + 1.140 int luaopen_moonbridge_io(lua_State *L) { 1.141 1.142 signal(SIGPIPE, SIG_IGN); /* generate I/O errors instead of signal 13 */ 1.143 @@ -1740,6 +1849,17 @@ 1.144 lua_setfield(L, -3, "child_mt"); 1.145 lua_setfield(L, LUA_REGISTRYINDEX, MOONBR_IO_CHILD_MT_REGKEY); 1.146 1.147 +#ifdef MOONBR_IO_USE_TLS 1.148 + if(tls_init()) { 1.149 + return luaL_error(L, "Could not initialize TLS library"); 1.150 + } 1.151 + lua_newtable(L); // tlsconf metatable 1.152 + luaL_setfuncs(L, moonbr_io_tlsconf_metamethods, 0); 1.153 + lua_pushvalue(L, -1); 1.154 + lua_setfield(L, -3, "tlsconf_mt"); 1.155 + lua_setfield(L, LUA_REGISTRYINDEX, MOONBR_IO_TLSCONF_MT_REGKEY); 1.156 +#endif 1.157 + 1.158 moonbr_io_pushhandle(L, 0); 1.159 lua_setfield(L, -2, "stdin"); 1.160 moonbr_io_pushhandle(L, 1);