lua/lua-luasec
SHA256
10
0
Fork 0
forked from pool/lua-luasec
Code Pull Requests Activity

Accepting request 745028 from home:mcepl:branches:devel:languages:lua

Browse Source 
- Update to luasec 0.9. Too many changes to enlist here,
  CHANGELOG file is included in the package.

OBS-URL: https://build.opensuse.org/request/show/745028
OBS-URL: https://build.opensuse.org/package/show/devel:languages:lua/lua-luasec?expand=0&rev=12
This commit is contained in:
Matej Cepl
2019-11-03 18:46:02 +00:00
committed by Git OBS Bridge
parent e7e73aa67c
commit ac48c45299
5 changed files with 20 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lua-luasec.changes
View File

@@ -1,3 +1,9 @@
-------------------------------------------------------------------
Sun Nov 3 16:48:48 CET 2019 - Matej Cepl <mcepl@suse.com>
- Update to luasec 0.9. Too many changes to enlist here,
CHANGELOG file is included in the package.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Oct 30 14:45:32 UTC 2017 - jmatejek@suse.com Mon Oct 30 14:45:32 UTC 2017 - jmatejek@suse.com

25
lua-luasec.spec
View File

@@ -1,7 +1,7 @@
# #
# spec file for package lua-luasec # spec file for package lua-luasec
# #
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@@ -12,31 +12,28 @@
# license that conforms to the Open Source Definition (Version 1.9) # license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative. # published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/ # Please submit bugfixes or comments via https://bugs.opensuse.org/
# #
%define flavor @BUILD_FLAVOR@ %define flavor @BUILD_FLAVOR@
%define mod_name luasec %define modname luasec
Version: 0.6 Version: 0.9
Release: 0 Release: 0
Summary: A Lua binding for OpenSSL Summary: A Lua binding for OpenSSL
License: MIT License: MIT
Group: Productivity/Networking/Other URL: https://github.com/brunoos/luasec
Url: https://github.com/brunoos/luasec Source: https://github.com/brunoos/%{modname}/archive/v%{version}/%{modname}-%{version}.tar.gz
Source: https://github.com/brunoos/luasec/archive/%{mod_name}-%{version}.tar.gz
# PATCH-FIX-UPSTREAM build with openssl 1.1.0 (taken from Fedora)
Patch0: lua-sec-0.6-openssl_110.patch
BuildRequires: %{flavor}-devel BuildRequires: %{flavor}-devel
BuildRequires: %{flavor}-luasocket BuildRequires: %{flavor}-luasocket
BuildRequires: libopenssl-devel BuildRequires: libopenssl-devel
Requires: %{flavor} Requires: %{flavor}
Requires: %{flavor}-luasocket Requires: %{flavor}-luasocket
%if "%{flavor}" == "" %if "%{flavor}" == ""
Name: lua-%{mod_name} Name: lua-%{modname}
ExclusiveArch: do_not_build ExclusiveArch: do_not_build
%else %else
Name: %{flavor}-%{mod_name} Name: %{flavor}-%{modname}
%endif %endif
%description %description
@@ -45,8 +42,7 @@ It takes an already established TCP connection and creates a secure
session between the peers. session between the peers.
%prep %prep
%setup -q -n luasec-luasec-%{version} %setup -q -n %{modname}-%{version}
%patch0 -p1
%build %build
make %{?_smp_mflags} linux \ make %{?_smp_mflags} linux \
@@ -56,7 +52,8 @@ make %{?_smp_mflags} linux \
%make_install LUAPATH=%{lua_noarchdir} LUACPATH=%{lua_archdir} %make_install LUAPATH=%{lua_noarchdir} LUACPATH=%{lua_archdir}
%files %files
%doc CHANGELOG LICENSE README.md %license LICENSE
%doc CHANGELOG README.md
%{lua_archdir}/ssl.so %{lua_archdir}/ssl.so
%{lua_noarchdir}/ssl.lua %{lua_noarchdir}/ssl.lua
%{lua_noarchdir}/ssl/ %{lua_noarchdir}/ssl/

184
lua-sec-0.6-openssl_110.patch
View File

@@ -1,184 +0,0 @@
git diff 20443861ebc3f6498ee7d9c70fbdaa059bec15e1...98f8872743f3d38bd44cb9eedb2c82e38571fe04
diff --git a/src/Makefile b/src/Makefile
index 727794b..02425af 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -31,10 +31,10 @@ LDFLAGS += $(MYLDFLAGS)
all:
install: $(CMOD) $(LMOD)
- $(INSTALL) -d $(LUAPATH)/ssl $(LUACPATH)
- $(INSTALL) $(CMOD) $(LUACPATH)
- $(INSTALL) -m644 $(LMOD) $(LUAPATH)
- $(INSTALL) -m644 https.lua $(LUAPATH)/ssl
+ $(INSTALL) -d $(DESTDIR)$(LUAPATH)/ssl $(DESTDIR)$(LUACPATH)
+ $(INSTALL) $(CMOD) $(DESTDIR)$(LUACPATH)
+ $(INSTALL) -m644 $(LMOD) $(DESTDIR)$(LUAPATH)
+ $(INSTALL) -m644 https.lua $(DESTDIR)$(LUAPATH)/ssl
linux:
@$(MAKE) $(CMOD) MYCFLAGS="$(LNX_CFLAGS)" MYLDFLAGS="$(LNX_LDFLAGS)" EXTRA="$(EXTRA)"
diff --git a/src/context.c b/src/context.c
index 22f43b7..4187314 100644
--- a/src/context.c
+++ b/src/context.c
@@ -35,10 +35,6 @@ typedef const SSL_METHOD LSEC_SSL_METHOD;
typedef SSL_METHOD LSEC_SSL_METHOD;
#endif
-#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-#define SSLv23_method() TLS_method()
-#endif
-
/*-- Compat - Lua 5.1 --------------------------------------------------------*/
#if (LUA_VERSION_NUM == 501)
diff --git a/src/https.lua b/src/https.lua
index befb72d..7916851 100644
--- a/src/https.lua
+++ b/src/https.lua
@@ -89,6 +89,7 @@ local function tcp(params)
function conn:connect(host, port)
try(self.sock:connect(host, port))
self.sock = try(ssl.wrap(self.sock, params))
+ self.sock:sni(host)
try(self.sock:dohandshake())
reg(self, getmetatable(self.sock))
return 1
diff --git a/src/ssl.c b/src/ssl.c
index d2b495d..d7b7243 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -31,6 +31,13 @@
#include "context.h"
#include "ssl.h"
+
+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER<0x10100000L
+#define SSL_is_server(s) (s->server)
+#define X509_up_ref(c) CRYPTO_add(&c->references, 1, CRYPTO_LOCK_X509)
+#endif
+
+
/**
* Underline socket error.
*/
@@ -191,9 +198,9 @@ static int ssl_recv(void *ctx, char *data, size_t count, size_t *got,
{
int err;
p_ssl ssl = (p_ssl)ctx;
+ *got = 0;
if (ssl->state != LSEC_STATE_CONNECTED)
return IO_CLOSED;
- *got = 0;
for ( ; ; ) {
ERR_clear_error();
err = SSL_read(ssl->ssl, data, (int)count);
@@ -203,7 +210,6 @@ static int ssl_recv(void *ctx, char *data, size_t count, size_t *got,
*got = err;
return IO_DONE;
case SSL_ERROR_ZERO_RETURN:
- *got = err;
return IO_CLOSED;
case SSL_ERROR_WANT_READ:
err = socket_waitfd(&ssl->sock, WAITFD_R, tm);
@@ -461,7 +467,7 @@ static int meth_getpeercertificate(lua_State *L)
/* In a server-context, the stack doesn't contain the peer cert,
* so adjust accordingly.
*/
- if (ssl->ssl->server)
+ if (SSL_is_server(ssl->ssl))
--n;
certs = SSL_get_peer_cert_chain(ssl->ssl);
if (n >= sk_X509_num(certs)) {
@@ -471,7 +477,7 @@ static int meth_getpeercertificate(lua_State *L)
cert = sk_X509_value(certs, n);
/* Increment the reference counting of the object. */
/* See SSL_get_peer_certificate() source code. */
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cert);
lsec_pushx509(L, cert);
return 1;
}
@@ -493,7 +499,7 @@ static int meth_getpeerchain(lua_State *L)
return 2;
}
lua_newtable(L);
- if (ssl->ssl->server) {
+ if (SSL_is_server(ssl->ssl)) {
lsec_pushx509(L, SSL_get_peer_certificate(ssl->ssl));
lua_rawseti(L, -2, idx++);
}
@@ -503,7 +509,7 @@ static int meth_getpeerchain(lua_State *L)
cert = sk_X509_value(certs, i);
/* Increment the reference counting of the object. */
/* See SSL_get_peer_certificate() source code. */
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cert);
lsec_pushx509(L, cert);
lua_rawseti(L, -2, idx++);
}
diff --git a/src/x509.c b/src/x509.c
index 49f9a5f..0042fc4 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -32,6 +32,17 @@
#include "x509.h"
+
+/*
+ * ASN1_STRING_data is deprecated in OpenSSL 1.1.0
+ */
+#if OPENSSL_VERSION_NUMBER>=0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER)
+#define LSEC_ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
+#else
+#define LSEC_ASN1_STRING_data(x) ASN1_STRING_data(x)
+#endif
+
+
static const char* hex_tab = "0123456789abcdef";
/**
@@ -146,7 +157,7 @@ static void push_asn1_string(lua_State* L, ASN1_STRING *string, int encode)
}
switch (encode) {
case LSEC_AI5_STRING:
- lua_pushlstring(L, (char*)ASN1_STRING_data(string),
+ lua_pushlstring(L, (char*)LSEC_ASN1_STRING_data(string),
ASN1_STRING_length(string));
break;
case LSEC_UTF8_STRING:
@@ -182,7 +193,7 @@ static void push_asn1_ip(lua_State *L, ASN1_STRING *string)
{
int af;
char dst[INET6_ADDRSTRLEN];
- unsigned char *ip = ASN1_STRING_data(string);
+ unsigned char *ip = (unsigned char*)LSEC_ASN1_STRING_data(string);
switch(ASN1_STRING_length(string)) {
case 4:
af = AF_INET;
@@ -293,11 +304,11 @@ int meth_extensions(lua_State* L)
break;
/* Push ret[oid] */
- push_asn1_objname(L, extension->object, 1);
+ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 1);
push_subtable(L, -2);
/* Set ret[oid].name = name */
- push_asn1_objname(L, extension->object, 0);
+ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 0);
lua_setfield(L, -2, "name");
n_general_names = sk_GENERAL_NAME_num(values);
@@ -404,7 +415,7 @@ static int meth_pubkey(lua_State* L)
bytes = BIO_get_mem_data(bio, &data);
if (bytes > 0) {
lua_pushlstring(L, data, bytes);
- switch(EVP_PKEY_type(pkey->type)) {
+ switch(EVP_PKEY_base_id(pkey)) {
case EVP_PKEY_RSA:
lua_pushstring(L, "RSA");
break;

3
luasec-0.6.tar.gz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cef3a35c18beb8a54d9c8ce6260a4cabbd9a386de8711320d084daffad0aed5d
size 51071

3
luasec-0.9.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6b6b94e8517bf6baf545fad29a2112f9ac7957ad85b4aae8e0727bec77d7a325
size 52163