moonbridge
changeset 252:d39f818aff02
Fixes for TLS extension of moonbridge_io (userdata instead of lightuserdata for TLS configuration required)
author | jbe |
---|---|
date | Sat Sep 03 12:02:26 2016 +0200 (2016-09-03) |
parents | f3988723732a |
children | 892175969740 |
files | moonbridge_io.c |
line diff
1.1 --- a/moonbridge_io.c Sat Sep 03 11:41:26 2016 +0200 1.2 +++ b/moonbridge_io.c Sat Sep 03 12:02:26 2016 +0200 1.3 @@ -54,6 +54,11 @@ 1.4 1.5 #ifdef MOONBR_IO_USE_TLS 1.6 #define MOONBR_IO_TLSCONF_MT_REGKEY "moonbridge_io_tlsconf" 1.7 + 1.8 +typedef struct { 1.9 + struct tls_config *config; 1.10 + int server; 1.11 +} moonbr_io_tlsconf_t; 1.12 #endif 1.13 1.14 typedef struct { 1.15 @@ -1800,7 +1805,7 @@ 1.16 if (valuetype != LUA_TNIL) { \ 1.17 luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \ 1.18 value = lua_tostring(L, -1); \ 1.19 - if (func(tlsconf, value)) { \ 1.20 + if (func(tlsconf->config, value)) { \ 1.21 lua_pushnil(L); \ 1.22 lua_pushfstring(L, "Could not set " name " \"%s\"", value); \ 1.23 return 2; \ 1.24 @@ -1815,7 +1820,7 @@ 1.25 if (valuetype != LUA_TNIL) { \ 1.26 luaL_argcheck(L, valuetype == LUA_TSTRING, 1, "field \"" field "\" is not a string"); \ 1.27 value = lua_tolstring(L, -1, &valuelen); \ 1.28 - if (func(tlsconf, (void *)value, valuelen)) { \ 1.29 + if (func(tlsconf->config, (void *)value, valuelen)) { \ 1.30 lua_pushnil(L); \ 1.31 lua_pushliteral(L, "Could not set " name); \ 1.32 return 2; \ 1.33 @@ -1824,29 +1829,22 @@ 1.34 lua_pop(L, 1); 1.35 1.36 static int moonbr_io_tlsconf(lua_State *L) { 1.37 - struct tls_config *tlsconf; 1.38 + moonbr_io_tlsconf_t *tlsconf; 1.39 int valuetype; 1.40 const char *value; 1.41 size_t valuelen; 1.42 luaL_checktype(L, 1, LUA_TTABLE); 1.43 - tlsconf = tls_config_new(); 1.44 - if (!tlsconf) { 1.45 + tlsconf = lua_newuserdata(L, sizeof(moonbr_io_tlsconf_t)); 1.46 + tlsconf->config = tls_config_new(); 1.47 + if (!tlsconf->config) { 1.48 return luaL_error(L, "Could not allocate memory for TLS configuration"); 1.49 } 1.50 - lua_pushlightuserdata(L, tlsconf); 1.51 luaL_setmetatable(L, MOONBR_IO_TLSCONF_MT_REGKEY); 1.52 - lua_pushvalue(L, 1); 1.53 - lua_setuservalue(L, -2); 1.54 -#if LUA_VERSION_NUM >= 503 1.55 - if (lua_getfield(L, 1, "mode") == LUA_TSTRING) value = lua_tostring(L, -1); 1.56 -#else 1.57 lua_getfield(L, 1, "mode"); 1.58 - if (lua_type(L, -1) == LUA_TSTRING) value = lua_tostring(L, -1); 1.59 -#endif 1.60 - else value = ""; 1.61 - if (strcmp(value, "server") && strcmp(value, "client")) { 1.62 - luaL_argcheck(L, 0, 1, "field \"mode\" must be set to \"server\" or \"client\""); 1.63 - } 1.64 + value = lua_tostring(L, -1); 1.65 + if (value && !strcmp(value, "server")) tlsconf->server = 1; 1.66 + else if (value && !strcmp(value, "client")) tlsconf->server = 0; 1.67 + else luaL_argcheck(L, 0, 1, "field \"mode\" must be set to \"server\" or \"client\""); 1.68 lua_pop(L, 1); 1.69 moonbr_io_tlsconf_string("CA file", "ca_file", tls_config_set_ca_file); 1.70 moonbr_io_tlsconf_string("CA path", "ca_path", tls_config_set_ca_path); 1.71 @@ -1861,16 +1859,11 @@ 1.72 lua_getfield(L, 1, "verify_client"); 1.73 #endif 1.74 if (lua_toboolean(L, -1)) { 1.75 -#if LUA_VERSION_NUM >= 503 1.76 - if (valuetype == LUA_TSTRING) value = lua_tostring(L, -1); 1.77 -#else 1.78 - if (lua_type(L, -1) == LUA_TSTRING) value = lua_tostring(L, -1); 1.79 -#endif 1.80 - else value = ""; 1.81 - if (!strcmp(value, "required")) { 1.82 - tls_config_verify_client(tlsconf); 1.83 - } else if (!strcmp(value, "optional")) { 1.84 - tls_config_verify_client_optional(tlsconf); 1.85 + value = lua_tostring(L, -1); 1.86 + if (value && !strcmp(value, "required")) { 1.87 + tls_config_verify_client(tlsconf->config); 1.88 + } else if (value && !strcmp(value, "optional")) { 1.89 + tls_config_verify_client_optional(tlsconf->config); 1.90 } else { 1.91 luaL_argcheck(L, 0, 1, "field \"verify_client\" must be set to \"required\", \"optional\", or be false or nil"); 1.92 } 1.93 @@ -1879,45 +1872,19 @@ 1.94 return 1; 1.95 } 1.96 1.97 -static int moonbr_io_tlsconfindex(lua_State *L) { 1.98 - struct tls_config *tlsconf; 1.99 +static int moonbr_io_tlsconfgc(lua_State *L) { 1.100 + moonbr_io_tlsconf_t *tlsconf; 1.101 tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY); 1.102 - luaL_checkany(L, 2); 1.103 -#if LUA_VERSION_NUM >= 503 1.104 - if (lua_getuservalue(L, 1) == LUA_TNIL) { 1.105 -#else 1.106 - lua_getuservalue(L, 1); 1.107 - if (lua_isnil(L, -1)) { 1.108 -#endif 1.109 - return luaL_error(L, "Attempt to use a destroyed TLS configuration"); 1.110 - } 1.111 - lua_pushvalue(L, 2); 1.112 - lua_gettable(L, -2); 1.113 - return 1; 1.114 -} 1.115 - 1.116 -static int moonbr_io_tlsconfgc(lua_State *L) { 1.117 - struct tls_config *tlsconf; 1.118 - tlsconf = luaL_checkudata(L, 1, MOONBR_IO_TLSCONF_MT_REGKEY); 1.119 -#if LUA_VERSION_NUM >= 503 1.120 - if (lua_getuservalue(L, 1) == LUA_TNIL) return 0; 1.121 -#else 1.122 - lua_getuservalue(L, 1); 1.123 - if (lua_isnil(L, -1)) return 0; 1.124 -#endif 1.125 - tls_config_free(tlsconf); 1.126 - lua_pushnil(L); 1.127 - lua_setuservalue(L, 1); 1.128 + if (tlsconf->config) tls_config_free(tlsconf->config); 1.129 + tlsconf->config = NULL; 1.130 return 0; 1.131 } 1.132 1.133 static int moonbr_io_starttls(lua_State *L) { 1.134 moonbr_io_handle_t *handle; 1.135 - struct tls_config *tlsconf; 1.136 - const char *mode; 1.137 + moonbr_io_tlsconf_t *tlsconf; 1.138 const char *servername; 1.139 struct tls *tls, *tls2; 1.140 - int is_server = 0; 1.141 handle = luaL_checkudata(L, 1, MOONBR_IO_HANDLE_MT_REGKEY); 1.142 if (lua_type(L, 2) == LUA_TTABLE) { 1.143 lua_pushcfunction(L, moonbr_io_tlsconf); 1.144 @@ -1936,26 +1903,16 @@ 1.145 if (handle->readbufin || handle->writebufin) { 1.146 return luaL_error(L, "Attempt to start TLS on an I/O handle with non-empty buffers"); 1.147 } 1.148 - lua_getfield(L, 2, "mode"); 1.149 - mode = lua_tostring(L, -1); 1.150 - if (mode && !strcmp(mode, "server")) { 1.151 - lua_pop(L, 1); 1.152 - tls = tls_server(); 1.153 - is_server = 1; 1.154 - } else if (mode && !strcmp(mode, "client")) { 1.155 - lua_pop(L, 1); 1.156 + if (tlsconf->server) tls = tls_server(); 1.157 + else { 1.158 servername = luaL_checkstring(L, 3); 1.159 tls = tls_client(); 1.160 - } else { 1.161 - /* shouldn't happen unless table has been modified */ 1.162 - lua_pop(L, 1); 1.163 - return luaL_error(L, "Field \"mode\" of TLS configuration is neither set to \"server\" nor \"client\""); 1.164 } 1.165 if (!tls) { 1.166 return luaL_error(L, "Could not allocate memory for TLS context"); 1.167 } 1.168 - if (tls_configure(tls, tlsconf)) goto moonbr_io_starttls_error; 1.169 - if (is_server) { 1.170 + if (tls_configure(tls, tlsconf->config)) goto moonbr_io_starttls_error; 1.171 + if (tlsconf->server) { 1.172 if (tls_accept_socket(tls, &tls2, handle->fd)) goto moonbr_io_starttls_error; 1.173 handle->servertls = tls; 1.174 handle->tls = tls2; 1.175 @@ -2053,7 +2010,6 @@ 1.176 1.177 #ifdef MOONBR_IO_USE_TLS 1.178 static const struct luaL_Reg moonbr_io_tlsconf_metamethods[] = { 1.179 - {"__index", moonbr_io_tlsconfindex}, 1.180 {"__gc", moonbr_io_tlsconfgc}, 1.181 {NULL, NULL} 1.182 };