moonbridge
changeset 243:1dbc5c27b279
Re-added experimental work on libtls integration
author | jbe |
---|---|
date | Sun Aug 21 15:31:34 2016 +0200 (2016-08-21) |
parents | 63466f65af56 |
children | 832741713761 |
files | Makefile moonbridge_io.c |
line diff
1.1 --- a/Makefile Sun Aug 21 01:42:18 2016 +0200 1.2 +++ b/Makefile Sun Aug 21 15:31:34 2016 +0200 1.3 @@ -61,6 +61,10 @@ 1.4 moonbridge_io.so: moonbridge_io.o 1.5 ld -shared -o moonbridge_io.so moonbridge_io.o $(UTIL_FLAGS) 1.6 1.7 +freebsd_with_tls:: 1.8 + #TODO 1.9 + cc -D MOONBR_IO_USE_TLS -c -Wall -O2 -fPIC -I /usr/local/include/lua52 -I /usr/local/include -o moonbridge_io.o moonbridge_io.c && ld -L/usr/local/lib -shared -o moonbridge_io.so moonbridge_io.o -lutil -ltls 1.10 + 1.11 clean:: 1.12 rm -f moonbridge moonbridge_io.o moonbridge_io.so 1.13
2.1 --- a/moonbridge_io.c Sun Aug 21 01:42:18 2016 +0200 2.2 +++ b/moonbridge_io.c Sun Aug 21 15:31:34 2016 +0200 2.3 @@ -25,6 +25,10 @@ 2.4 #include <bsd/unistd.h> 2.5 #endif 2.6 2.7 +#ifdef MOONBR_IO_USE_TLS 2.8 +#include <tls.h> 2.9 +#endif 2.10 + 2.11 #include <lua.h> 2.12 #include <lauxlib.h> 2.13 #include <lualib.h> 2.14 @@ -48,6 +52,10 @@ 2.15 #define MOONBR_IO_CHILD_MT_REGKEY "moonbridge_io_child" 2.16 #define MOONBR_IO_CHILD_PT_REGKEY "moonbridge_io_child_pt" 2.17 2.18 +#ifdef MOONBR_IO_USE_TLS 2.19 +#define MOONBR_IO_TLSCONF_MT_REGKEY "moonbridge_io_tlsconf" 2.20 +#endif 2.21 + 2.22 typedef struct { 2.23 int fd; 2.24 int issock; 2.25 @@ -1627,6 +1635,96 @@ 2.26 return 1; 2.27 } 2.28 2.29 +#ifdef MOONBR_IO_USE_TLS 2.30 + 2.31 +#define moonbr_io_tlsconf_string(name, field, func) \ 2.32 + /* NOTE: use valuetype = lua_getfield(...) for LUA_VERSION_NUM >= 503 */ \ 2.33 + lua_getfield(L, 1, (field)); \ 2.34 + valuetype = lua_type(L, -1); \ 2.35 + if (valuetype != LUA_TNIL) { \ 2.36 + luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \ 2.37 + value = lua_tostring(L, -1); \ 2.38 + if (func(tlsconf, value)) { \ 2.39 + lua_pushnil(L); \ 2.40 + lua_pushfstring(L, "Could not set " name " \"%s\"", value); \ 2.41 + return 2; \ 2.42 + } \ 2.43 + } \ 2.44 + lua_pop(L, 1); 2.45 + 2.46 +#define moonbr_io_tlsconf_binary(name, field, func) \ 2.47 + /* NOTE: use valuetype = lua_getfield(...) for LUA_VERSION_NUM >= 503 */ \ 2.48 + lua_getfield(L, 1, (field)); \ 2.49 + valuetype = lua_type(L, -1); \ 2.50 + if (valuetype != LUA_TNIL) { \ 2.51 + luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \ 2.52 + value = lua_tolstring(L, -1, &valuelen); \ 2.53 + if (func(tlsconf, (void *)value, valuelen)) { \ 2.54 + lua_pushnil(L); \ 2.55 + lua_pushliteral(L, "Could not set " name); \ 2.56 + return 2; \ 2.57 + } \ 2.58 + } \ 2.59 + lua_pop(L, 1); 2.60 + 2.61 +static int moonbr_io_tlsconf(lua_State *L) { 2.62 + struct tls_config *tlsconf; 2.63 + int valuetype; 2.64 + const char *value; 2.65 + size_t valuelen; 2.66 + luaL_checktype(L, 1, LUA_TTABLE); 2.67 + tlsconf = tls_config_new(); 2.68 + if (!tlsconf) { 2.69 + return luaL_error(L, "Could not allocate memory for TLS configuration"); 2.70 + } 2.71 + lua_pushlightuserdata(L, tlsconf); 2.72 + luaL_setmetatable(L, MOONBR_IO_TLSCONF_MT_REGKEY); 2.73 + lua_pushvalue(L, 1); 2.74 + lua_setuservalue(L, -2); 2.75 + moonbr_io_tlsconf_string("CA file", "ca_file", tls_config_set_ca_file); 2.76 + moonbr_io_tlsconf_string("CA path", "ca_path", tls_config_set_ca_path); 2.77 + moonbr_io_tlsconf_binary("CA", "ca_mem", tls_config_set_ca_mem); 2.78 + moonbr_io_tlsconf_string("certificate file", "cert_file", tls_config_set_cert_file); 2.79 + moonbr_io_tlsconf_binary("certificate", "cert_mem", tls_config_set_cert_mem); 2.80 + moonbr_io_tlsconf_string("key file", "key_file", tls_config_set_key_file); 2.81 + moonbr_io_tlsconf_binary("key", "key_mem", tls_config_set_key_mem); 2.82 + return 1; 2.83 +} 2.84 + 2.85 +static int moonbr_io_tlsconfindex(lua_State *L) { 2.86 + struct tls_config *tlsconf; 2.87 + tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY); 2.88 + luaL_checkany(L, 2); 2.89 +#if LUA_VERSION_NUM >= 503 2.90 + if (lua_getuservalue(L, 1) == LUA_TNIL) { 2.91 +#else 2.92 + lua_getuservalue(L, 1); 2.93 + if (lua_isnil(L, -1)) { 2.94 +#endif 2.95 + return luaL_error(L, "Attempt to use a destroyed TLS configuration"); 2.96 + } 2.97 + lua_pushvalue(L, 2); 2.98 + lua_gettable(L, -2); 2.99 + return 1; 2.100 +} 2.101 + 2.102 +static int moonbr_io_tlsconfgc(lua_State *L) { 2.103 + struct tls_config *tlsconf; 2.104 + tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY); 2.105 +#if LUA_VERSION_NUM >= 503 2.106 + if (lua_getuservalue(L, 1) == LUA_TNIL) return 0; 2.107 +#else 2.108 + lua_getuservalue(L, 1); 2.109 + if (lua_isnil(L, -1)) return 0; 2.110 +#endif 2.111 + tls_config_free(tlsconf); 2.112 + lua_pushnil(L); 2.113 + lua_setuservalue(L, 1); 2.114 + return 0; 2.115 +} 2.116 + 2.117 +#endif 2.118 + 2.119 static const struct luaL_Reg moonbr_io_handle_methods[] = { 2.120 {"read", moonbr_io_read}, 2.121 {"read_nb", moonbr_io_read_nb}, 2.122 @@ -1695,9 +1793,20 @@ 2.123 {"exec", moonbr_io_exec}, 2.124 {"poll", moonbr_io_poll}, 2.125 {"timeref", moonbr_io_timeref}, 2.126 +#ifdef MOONBR_IO_USE_TLS 2.127 + {"tlsconf", moonbr_io_tlsconf}, 2.128 +#endif 2.129 {NULL, NULL} 2.130 }; 2.131 2.132 +#ifdef MOONBR_IO_USE_TLS 2.133 +static const struct luaL_Reg moonbr_io_tlsconf_metamethods[] = { 2.134 + {"__index", moonbr_io_tlsconfindex}, 2.135 + {"__gc", moonbr_io_tlsconfgc}, 2.136 + {NULL, NULL} 2.137 +}; 2.138 +#endif 2.139 + 2.140 int luaopen_moonbridge_io(lua_State *L) { 2.141 2.142 signal(SIGPIPE, SIG_IGN); /* generate I/O errors instead of signal 13 */ 2.143 @@ -1740,6 +1849,17 @@ 2.144 lua_setfield(L, -3, "child_mt"); 2.145 lua_setfield(L, LUA_REGISTRYINDEX, MOONBR_IO_CHILD_MT_REGKEY); 2.146 2.147 +#ifdef MOONBR_IO_USE_TLS 2.148 + if(tls_init()) { 2.149 + return luaL_error(L, "Could not initialize TLS library"); 2.150 + } 2.151 + lua_newtable(L); // tlsconf metatable 2.152 + luaL_setfuncs(L, moonbr_io_tlsconf_metamethods, 0); 2.153 + lua_pushvalue(L, -1); 2.154 + lua_setfield(L, -3, "tlsconf_mt"); 2.155 + lua_setfield(L, LUA_REGISTRYINDEX, MOONBR_IO_TLSCONF_MT_REGKEY); 2.156 +#endif 2.157 + 2.158 moonbr_io_pushhandle(L, 0); 2.159 lua_setfield(L, -2, "stdin"); 2.160 moonbr_io_pushhandle(L, 1);