moonbridge

changeset 252:d39f818aff02

Fixes for TLS extension of moonbridge_io (userdata instead of lightuserdata for TLS configuration required)
author jbe
date Sat Sep 03 12:02:26 2016 +0200 (2016-09-03)
parents f3988723732a
children 892175969740
files moonbridge_io.c
line diff
     1.1 --- a/moonbridge_io.c	Sat Sep 03 11:41:26 2016 +0200
     1.2 +++ b/moonbridge_io.c	Sat Sep 03 12:02:26 2016 +0200
     1.3 @@ -54,6 +54,11 @@
     1.4  
     1.5  #ifdef MOONBR_IO_USE_TLS
     1.6  #define MOONBR_IO_TLSCONF_MT_REGKEY "moonbridge_io_tlsconf"
     1.7 +
     1.8 +typedef struct {
     1.9 +  struct tls_config *config;
    1.10 +  int server;
    1.11 +} moonbr_io_tlsconf_t;
    1.12  #endif
    1.13  
    1.14  typedef struct {
    1.15 @@ -1800,7 +1805,7 @@
    1.16    if (valuetype != LUA_TNIL) { \
    1.17      luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \
    1.18      value = lua_tostring(L, -1); \
    1.19 -    if (func(tlsconf, value)) { \
    1.20 +    if (func(tlsconf->config, value)) { \
    1.21        lua_pushnil(L); \
    1.22        lua_pushfstring(L, "Could not set " name " \"%s\"", value); \
    1.23        return 2; \
    1.24 @@ -1815,7 +1820,7 @@
    1.25    if (valuetype != LUA_TNIL) { \
    1.26      luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \
    1.27      value = lua_tolstring(L, -1, &valuelen); \
    1.28 -    if (func(tlsconf, (void *)value, valuelen)) { \
    1.29 +    if (func(tlsconf->config, (void *)value, valuelen)) { \
    1.30        lua_pushnil(L); \
    1.31        lua_pushliteral(L, "Could not set " name); \
    1.32        return 2; \
    1.33 @@ -1824,29 +1829,22 @@
    1.34    lua_pop(L, 1);
    1.35  
    1.36  static int moonbr_io_tlsconf(lua_State *L) {
    1.37 -  struct tls_config *tlsconf;
    1.38 +  moonbr_io_tlsconf_t *tlsconf;
    1.39    int valuetype;
    1.40    const char *value;
    1.41    size_t valuelen;
    1.42    luaL_checktype(L, 1, LUA_TTABLE);
    1.43 -  tlsconf = tls_config_new();
    1.44 -  if (!tlsconf) {
    1.45 +  tlsconf = lua_newuserdata(L, sizeof(moonbr_io_tlsconf_t));
    1.46 +  tlsconf->config = tls_config_new();
    1.47 +  if (!tlsconf->config) {
    1.48      return luaL_error(L, "Could not allocate memory for TLS configuration");
    1.49    }
    1.50 -  lua_pushlightuserdata(L, tlsconf);
    1.51    luaL_setmetatable(L, MOONBR_IO_TLSCONF_MT_REGKEY);
    1.52 -  lua_pushvalue(L, 1);
    1.53 -  lua_setuservalue(L, -2);
    1.54 -#if LUA_VERSION_NUM >= 503
    1.55 -  if (lua_getfield(L, 1, "mode") == LUA_TSTRING) value = lua_tostring(L, -1);
    1.56 -#else
    1.57    lua_getfield(L, 1, "mode");
    1.58 -  if (lua_type(L, -1) == LUA_TSTRING) value = lua_tostring(L, -1);
    1.59 -#endif
    1.60 -  else value = "";
    1.61 -  if (strcmp(value, "server") && strcmp(value, "client")) {
    1.62 -    luaL_argcheck(L, 0, 1, "field \"mode\" must be set to \"server\" or \"client\"");
    1.63 -  }
    1.64 +  value = lua_tostring(L, -1);
    1.65 +  if (value && !strcmp(value, "server")) tlsconf->server = 1;
    1.66 +  else if (value && !strcmp(value, "client")) tlsconf->server = 0;
    1.67 +  else luaL_argcheck(L, 0, 1, "field \"mode\" must be set to \"server\" or \"client\"");
    1.68    lua_pop(L, 1);
    1.69    moonbr_io_tlsconf_string("CA file",          "ca_file",   tls_config_set_ca_file);
    1.70    moonbr_io_tlsconf_string("CA path",          "ca_path",   tls_config_set_ca_path);
    1.71 @@ -1861,16 +1859,11 @@
    1.72    lua_getfield(L, 1, "verify_client");
    1.73  #endif
    1.74    if (lua_toboolean(L, -1)) {
    1.75 -#if LUA_VERSION_NUM >= 503
    1.76 -    if (valuetype == LUA_TSTRING) value = lua_tostring(L, -1);
    1.77 -#else
    1.78 -    if (lua_type(L, -1) == LUA_TSTRING) value = lua_tostring(L, -1);
    1.79 -#endif
    1.80 -    else value = "";
    1.81 -    if (!strcmp(value, "required")) {
    1.82 -      tls_config_verify_client(tlsconf);
    1.83 -    } else if (!strcmp(value, "optional")) {
    1.84 -      tls_config_verify_client_optional(tlsconf);
    1.85 +    value = lua_tostring(L, -1);
    1.86 +    if (value && !strcmp(value, "required")) {
    1.87 +      tls_config_verify_client(tlsconf->config);
    1.88 +    } else if (value && !strcmp(value, "optional")) {
    1.89 +      tls_config_verify_client_optional(tlsconf->config);
    1.90      } else {
    1.91        luaL_argcheck(L, 0, 1, "field \"verify_client\" must be set to \"required\", \"optional\", or be false or nil");
    1.92      }
    1.93 @@ -1879,45 +1872,19 @@
    1.94    return 1;
    1.95  }
    1.96  
    1.97 -static int moonbr_io_tlsconfindex(lua_State *L) {
    1.98 -  struct tls_config *tlsconf;
    1.99 +static int moonbr_io_tlsconfgc(lua_State *L) {
   1.100 +  moonbr_io_tlsconf_t *tlsconf;
   1.101    tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY);
   1.102 -  luaL_checkany(L, 2);
   1.103 -#if LUA_VERSION_NUM >= 503
   1.104 -  if (lua_getuservalue(L, 1) == LUA_TNIL) {
   1.105 -#else
   1.106 -  lua_getuservalue(L, 1);
   1.107 -  if (lua_isnil(L, -1)) {
   1.108 -#endif
   1.109 -    return luaL_error(L, "Attempt to use a destroyed TLS configuration");
   1.110 -  }
   1.111 -  lua_pushvalue(L, 2);
   1.112 -  lua_gettable(L, -2);
   1.113 -  return 1;
   1.114 -}
   1.115 -
   1.116 -static int moonbr_io_tlsconfgc(lua_State *L) {
   1.117 -  struct tls_config *tlsconf;
   1.118 -  tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY);
   1.119 -#if LUA_VERSION_NUM >= 503
   1.120 -  if (lua_getuservalue(L, 1) == LUA_TNIL) return 0;
   1.121 -#else
   1.122 -  lua_getuservalue(L, 1);
   1.123 -  if (lua_isnil(L, -1)) return 0;
   1.124 -#endif
   1.125 -  tls_config_free(tlsconf);
   1.126 -  lua_pushnil(L);
   1.127 -  lua_setuservalue(L, 1);
   1.128 +  if (tlsconf->config) tls_config_free(tlsconf->config);
   1.129 +  tlsconf->config = NULL;
   1.130    return 0;
   1.131  }
   1.132  
   1.133  static int moonbr_io_starttls(lua_State *L) {
   1.134    moonbr_io_handle_t *handle;
   1.135 -  struct tls_config *tlsconf;
   1.136 -  const char *mode;
   1.137 +  moonbr_io_tlsconf_t *tlsconf;
   1.138    const char *servername;
   1.139    struct tls *tls, *tls2;
   1.140 -  int is_server = 0;
   1.141    handle = luaL_checkudata(L, 1, MOONBR_IO_HANDLE_MT_REGKEY);
   1.142    if (lua_type(L, 2) == LUA_TTABLE) {
   1.143      lua_pushcfunction(L, moonbr_io_tlsconf);
   1.144 @@ -1936,26 +1903,16 @@
   1.145    if (handle->readbufin || handle->writebufin) {
   1.146      return luaL_error(L, "Attempt to start TLS on an I/O handle with non-empty buffers");
   1.147    }
   1.148 -  lua_getfield(L, 2, "mode");
   1.149 -  mode = lua_tostring(L, -1);
   1.150 -  if (mode && !strcmp(mode, "server")) {
   1.151 -    lua_pop(L, 1);
   1.152 -    tls = tls_server();
   1.153 -    is_server = 1;
   1.154 -  } else if (mode && !strcmp(mode, "client")) {
   1.155 -    lua_pop(L, 1);
   1.156 +  if (tlsconf->server) tls = tls_server();
   1.157 +  else {
   1.158      servername = luaL_checkstring(L, 3);
   1.159      tls = tls_client();
   1.160 -  } else {
   1.161 -    /* shouldn't happen unless table has been modified */
   1.162 -    lua_pop(L, 1);
   1.163 -    return luaL_error(L, "Field \"mode\" of TLS configuration is neither set to \"server\" nor \"client\"");
   1.164    }
   1.165    if (!tls) {
   1.166      return luaL_error(L, "Could not allocate memory for TLS context");
   1.167    }
   1.168 -  if (tls_configure(tls, tlsconf)) goto moonbr_io_starttls_error;
   1.169 -  if (is_server) {
   1.170 +  if (tls_configure(tls, tlsconf->config)) goto moonbr_io_starttls_error;
   1.171 +  if (tlsconf->server) {
   1.172      if (tls_accept_socket(tls, &tls2, handle->fd)) goto moonbr_io_starttls_error;
   1.173      handle->servertls = tls;
   1.174      handle->tls = tls2;
   1.175 @@ -2053,7 +2010,6 @@
   1.176  
   1.177  #ifdef MOONBR_IO_USE_TLS
   1.178  static const struct luaL_Reg moonbr_io_tlsconf_metamethods[] = {
   1.179 -  {"__index", moonbr_io_tlsconfindex},
   1.180    {"__gc", moonbr_io_tlsconfgc},
   1.181    {NULL, NULL}
   1.182  };

Impressum / About Us