aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>2015-05-21 13:33:49 +0300
committerKaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>2015-05-21 13:33:49 +0300
commit3681f34c0d3bd9b6d30a7817989a862e29ab4fe4 (patch)
tree37c7682cc82c2aeb40dbae3f254d0443098adf34
parent4612138ae56728c821ba01850d8e0f36aa5ce2a3 (diff)
downloadaports-3681f34c0d3bd9b6d30a7817989a862e29ab4fe4.tar.bz2
aports-3681f34c0d3bd9b6d30a7817989a862e29ab4fe4.tar.xz
main/lua-ossl: various extension-related improvements
-rw-r--r--main/lua-ossl/0001-get-digest-for-certificate-s-public-key.patch51
-rw-r--r--main/lua-ossl/0002-CRL-extensions.patch43
-rw-r--r--main/lua-ossl/0003-get-named-extension-from-certificate.patch62
-rw-r--r--main/lua-ossl/0004-get-extension-data-in-DER-format.patch40
-rw-r--r--main/lua-ossl/0005-initialize-extension-data-in-DER-format-without-inte.patch63
-rw-r--r--main/lua-ossl/APKBUILD28
6 files changed, 283 insertions, 4 deletions
diff --git a/main/lua-ossl/0001-get-digest-for-certificate-s-public-key.patch b/main/lua-ossl/0001-get-digest-for-certificate-s-public-key.patch
new file mode 100644
index 0000000000..68ca2cec8b
--- /dev/null
+++ b/main/lua-ossl/0001-get-digest-for-certificate-s-public-key.patch
@@ -0,0 +1,51 @@
+From 85d74658b5ad93a3e2788639dff5ffb210b0e04b Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 14 May 2015 11:44:14 +0300
+Subject: [PATCH 1/5] get digest for certificate's public key
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The digest may be used in key identifier extensions. See RFC 5280
+ยง4.2.1.2.
+---
+ src/openssl.c | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+diff --git a/src/openssl.c b/src/openssl.c
+index aa01cbc..4f89859 100644
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -3693,6 +3693,21 @@ static int xc_setPublicKey(lua_State *L) {
+ } /* xc_setPublicKey() */
+
+
++static int xc_getPublicKeyDigest(lua_State *L) {
++ ASN1_BIT_STRING *pk = ((X509 *) checksimple(L, 1, X509_CERT_CLASS))->cert_info->key->public_key;
++
++ unsigned char digest[EVP_MAX_MD_SIZE];
++ unsigned int len;
++
++ if (!EVP_Digest(pk->data, pk->length, digest, &len, EVP_sha1(), NULL))
++ return auxL_error(L, auxL_EOPENSSL, "x509.cert:getPublicKeyDigest");
++
++ lua_pushlstring(L, (char *) digest, len);
++
++ return 1;
++} /* xc_setPublicKeyDigest() */
++
++
+ static const EVP_MD *xc_signature(lua_State *L, int index, EVP_PKEY *key) {
+ const char *id;
+ const EVP_MD *md;
+@@ -3853,6 +3868,7 @@ static const luaL_Reg xc_methods[] = {
+ { "isIssuedBy", &xc_isIssuedBy },
+ { "getPublicKey", &xc_getPublicKey },
+ { "setPublicKey", &xc_setPublicKey },
++ { "getPublicKeyDigest", &xc_getPublicKeyDigest },
+ { "sign", &xc_sign },
+ { "text", &xc_text },
+ { "tostring", &xc__tostring },
+--
+2.1.0
+
diff --git a/main/lua-ossl/0002-CRL-extensions.patch b/main/lua-ossl/0002-CRL-extensions.patch
new file mode 100644
index 0000000000..3a8182e2d8
--- /dev/null
+++ b/main/lua-ossl/0002-CRL-extensions.patch
@@ -0,0 +1,43 @@
+From 4994ce80890d6a1af30bb539085bd02ff8e7e68a Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 14 May 2015 11:59:20 +0300
+Subject: [PATCH 2/5] CRL extensions
+
+---
+ src/openssl.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/src/openssl.c b/src/openssl.c
+index 4f89859..941da9b 100644
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -4334,6 +4334,18 @@ error:
+ } /* xx_add() */
+
+
++static int xx_addExtension(lua_State *L) {
++ X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
++ X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS);
++
++ if (!X509_CRL_add_ext(crl, ext, -1))
++ return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension");
++
++ lua_pushboolean(L, 1);
++
++ return 1;
++} /* xx_addExtension() */
++
+ static int xx_sign(lua_State *L) {
+ X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+ EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
+@@ -4412,6 +4424,7 @@ static const luaL_Reg xx_methods[] = {
+ { "getIssuer", &xx_getIssuer },
+ { "setIssuer", &xx_setIssuer },
+ { "add", &xx_add },
++ { "addExtension", &xx_addExtension },
+ { "sign", &xx_sign },
+ { "text", &xx_text },
+ { "tostring", &xx__tostring },
+--
+2.1.0
+
diff --git a/main/lua-ossl/0003-get-named-extension-from-certificate.patch b/main/lua-ossl/0003-get-named-extension-from-certificate.patch
new file mode 100644
index 0000000000..d1da746a2e
--- /dev/null
+++ b/main/lua-ossl/0003-get-named-extension-from-certificate.patch
@@ -0,0 +1,62 @@
+From 1da611092ca5d925020ce4e51aa9e603646ff79f Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 14 May 2015 14:28:00 +0300
+Subject: [PATCH 3/5] get named extension from certificate
+
+---
+ src/openssl.c | 32 ++++++++++++++++++++++++++++++++
+ 1 file changed, 32 insertions(+)
+
+diff --git a/src/openssl.c b/src/openssl.c
+index 941da9b..8564ce1 100644
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -3632,6 +3632,37 @@ static int xc_addExtension(lua_State *L) {
+ } /* xc_addExtension() */
+
+
++static int xc_getExtension(lua_State *L) {
++ X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
++ const char *name = luaL_checkstring(L, 2);
++
++ X509_EXTENSION *ext, **ud;
++ ASN1_OBJECT *obj = NULL;
++
++ if (!(obj = OBJ_txt2obj(name, 0)))
++ goto error;
++
++ int i = X509_get_ext_by_OBJ(crt, obj, -1);
++ if (i > -1) {
++ ud = prepsimple(L, X509_EXT_CLASS);
++ if (!(ext = X509_get_ext(crt, i)))
++ goto error;
++ if (!(*ud = X509_EXTENSION_dup(ext)))
++ goto error;
++ }
++ else lua_pushnil(L);
++
++ ASN1_OBJECT_free(obj);
++ return 1;
++
++error:
++ if (obj)
++ ASN1_OBJECT_free(obj);
++
++ return auxL_error(L, auxL_EOPENSSL, "x509.cert:getExtension");
++} /* xc_getExtension() */
++
++
+ static int xc_isIssuedBy(lua_State *L) {
+ X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+ X509 *issuer = checksimple(L, 2, X509_CERT_CLASS);
+@@ -3865,6 +3896,7 @@ static const luaL_Reg xc_methods[] = {
+ { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },
+ { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },
+ { "addExtension", &xc_addExtension },
++ { "getExtension", &xc_getExtension },
+ { "isIssuedBy", &xc_isIssuedBy },
+ { "getPublicKey", &xc_getPublicKey },
+ { "setPublicKey", &xc_setPublicKey },
+--
+2.1.0
+
diff --git a/main/lua-ossl/0004-get-extension-data-in-DER-format.patch b/main/lua-ossl/0004-get-extension-data-in-DER-format.patch
new file mode 100644
index 0000000000..0a2df91b6f
--- /dev/null
+++ b/main/lua-ossl/0004-get-extension-data-in-DER-format.patch
@@ -0,0 +1,40 @@
+From 38d2781a958901109eef34abc5826d2d25fb42b5 Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 14 May 2015 14:50:22 +0300
+Subject: [PATCH 4/5] get extension data in DER format
+
+---
+ src/openssl.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/src/openssl.c b/src/openssl.c
+index 8564ce1..89be6b5 100644
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -2889,6 +2889,13 @@ static int xe_interpose(lua_State *L) {
+ } /* xe_interpose() */
+
+
++static int xe_getData(lua_State *L) {
++ ASN1_STRING *data = X509_EXTENSION_get_data(checksimple(L, 1, X509_EXT_CLASS));
++ lua_pushlstring(L, (char *) ASN1_STRING_data(data), ASN1_STRING_length(data));
++ return 1;
++} /* xe_getData() */
++
++
+ static int xe__gc(lua_State *L) {
+ X509_EXTENSION **ud = luaL_checkudata(L, 1, X509_EXT_CLASS);
+
+@@ -2902,7 +2909,8 @@ static int xe__gc(lua_State *L) {
+
+
+ static const luaL_Reg xe_methods[] = {
+- { NULL, NULL },
++ { "getData", &xe_getData },
++ { NULL, NULL },
+ };
+
+ static const luaL_Reg xe_metatable[] = {
+--
+2.1.0
+
diff --git a/main/lua-ossl/0005-initialize-extension-data-in-DER-format-without-inte.patch b/main/lua-ossl/0005-initialize-extension-data-in-DER-format-without-inte.patch
new file mode 100644
index 0000000000..331720254d
--- /dev/null
+++ b/main/lua-ossl/0005-initialize-extension-data-in-DER-format-without-inte.patch
@@ -0,0 +1,63 @@
+From 7ca611d113b05016ad91920120e537712e036983 Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 14 May 2015 15:24:05 +0300
+Subject: [PATCH 5/5] initialize extension data in DER format without
+ intermediate hex encoding
+
+---
+ src/openssl.c | 27 ++++++++++++++++++++++++++-
+ 1 file changed, 26 insertions(+), 1 deletion(-)
+
+diff --git a/src/openssl.c b/src/openssl.c
+index 89be6b5..55f9aaa 100644
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -2841,12 +2841,31 @@ static int xe_new(lua_State *L) {
+ const char *name = luaL_checkstring(L, 1);
+ const char *value = luaL_checkstring(L, 2);
+
++ ASN1_OBJECT *obj = NULL;
++ ASN1_STRING *oct = NULL;
+ CONF *conf = NULL;
+ X509V3_CTX cbuf = { 0 }, *ctx = NULL;
+ X509_EXTENSION *ext = NULL;
+
+ if (!lua_isnil(L, 3)) {
+- const char *cdata = luaL_checkstring(L, 3);
++ size_t len;
++ const char *cdata = luaL_checklstring(L, 3, &len);
++ int crit = !strcmp(value, "critical,DER");
++
++ if (crit || !strcmp(value, "DER")) {
++ if (!(obj = OBJ_txt2obj(name, 0)))
++ goto error;
++ if (!(oct = ASN1_STRING_new()))
++ goto error;
++ if (!ASN1_STRING_set(oct, cdata, len))
++ goto error;
++ if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct)))
++ goto error;
++ ASN1_OBJECT_free(obj);
++ ASN1_STRING_free(oct);
++ return 1;
++ }
++
+ BIO *bio = getbio(L);
+ if (BIO_puts(bio, cdata) < 0)
+ goto error;
+@@ -2877,6 +2896,12 @@ static int xe_new(lua_State *L) {
+
+ return 1;
+ error:
++ if (obj)
++ ASN1_OBJECT_free(obj);
++
++ if (oct)
++ ASN1_STRING_free(oct);
++
+ if (conf)
+ NCONF_free(conf);
+
+--
+2.1.0
+
diff --git a/main/lua-ossl/APKBUILD b/main/lua-ossl/APKBUILD
index 359e214d87..9ffcf06e31 100644
--- a/main/lua-ossl/APKBUILD
+++ b/main/lua-ossl/APKBUILD
@@ -5,7 +5,7 @@ _luaversions="5.1 5.2 5.3"
pkgname=lua-ossl
pkgver=20150504
_ver=${pkgver%_git*}
-pkgrel=0
+pkgrel=1
pkgdesc="comprehensive OpenSSL Lua module"
url="http://25thandclement.com/~william/projects/luaossl.html"
arch="all"
@@ -23,6 +23,11 @@ done
source="luaossl-$_ver.tar.gz::https://github.com/wahern/luaossl/archive/rel-$_ver.tar.gz
musl-fixes.patch
+ 0001-get-digest-for-certificate-s-public-key.patch
+ 0002-CRL-extensions.patch
+ 0003-get-named-extension-from-certificate.patch
+ 0004-get-extension-data-in-DER-format.patch
+ 0005-initialize-extension-data-in-DER-format-without-inte.patch
"
_builddir="$srcdir"/luaossl-rel-$_ver
@@ -71,8 +76,23 @@ for _v in $_luaversions; do
done
md5sums="b35a44550bc25569d7f35a49f19f320c luaossl-20150504.tar.gz
-7d03f360ebc62b60279ff0f2066ed6f6 musl-fixes.patch"
+7d03f360ebc62b60279ff0f2066ed6f6 musl-fixes.patch
+f8453534acdc9911b2196808b7792420 0001-get-digest-for-certificate-s-public-key.patch
+ce2b0d18246b9157458a1bcf52178164 0002-CRL-extensions.patch
+a0c5eb94ea15db8d037f379b5f131176 0003-get-named-extension-from-certificate.patch
+12e8cea5731c41fe60f174c5d8a43dba 0004-get-extension-data-in-DER-format.patch
+32c5a7de631c981bbe3438b384a0814a 0005-initialize-extension-data-in-DER-format-without-inte.patch"
sha256sums="1c6b7c3dd81438431fa0a6c4be18683ccfcb23c1d6c26643863fc9fcaedd982f luaossl-20150504.tar.gz
-49694f9ab7f7a90074471d8e55580f13ff8fc6f7a158a5793f8d55df11147c0e musl-fixes.patch"
+49694f9ab7f7a90074471d8e55580f13ff8fc6f7a158a5793f8d55df11147c0e musl-fixes.patch
+0eba82d31b2a1ad436f5db7bfe09002f7faea31d2cef93fe28307fdf94ac7f08 0001-get-digest-for-certificate-s-public-key.patch
+9a15289fde5efea1cadf3634fe65305e2547f2adf1dc17d6d3f8389ef9af9d47 0002-CRL-extensions.patch
+88b4853f69b878f72112d003b1e40356e9cf16f73cd41706122fa3697f21a949 0003-get-named-extension-from-certificate.patch
+a2f787c4722708c5e18e071cc06b0de9b9eca99a32deb65017f03444b768f972 0004-get-extension-data-in-DER-format.patch
+5eec04be3bef70940a857b1e9a6edd7ae745b0b141c7b211b55a6a7db1ea6433 0005-initialize-extension-data-in-DER-format-without-inte.patch"
sha512sums="97bd085059c0e4773dbf25c1f9c9c282034c900b65d59c6457c0da2b653315fd521e1f52913e580199d322d9ffb2d273badc9761c5104deed6ea5970c1cdda76 luaossl-20150504.tar.gz
-370467081c87c0e4b0c96a72ff81918d3d492dfa90578b34f51004461d9a983ffd486accb44471a34d092b1a08743ad60462c6937096f80f72a39a335ccd81be musl-fixes.patch"
+370467081c87c0e4b0c96a72ff81918d3d492dfa90578b34f51004461d9a983ffd486accb44471a34d092b1a08743ad60462c6937096f80f72a39a335ccd81be musl-fixes.patch
+dfd0de275ac6da33c22f112b26d8e47038e9b81b66663e17f5db6cc653e7820381bdea7a49efa1a2c33e36caf702cf7dd4b3470c966cbad68a16cbe643e06aca 0001-get-digest-for-certificate-s-public-key.patch
+4e30ebabea3279262d46b17f54bee6cdbb2ed2f6f8d81c5a914db9a17608b6f7eb84b08b43fde4ce8cd99fa5c1c1fdcbe60ec82957fe94ca943c26e7c10e6b41 0002-CRL-extensions.patch
+1699362f3ea09824f1c431cc2b4307918cb1e2eaef7336254d89f1b8f1e4d4e7fc469581c677a6cd4852a35d996de66aa8586739e4b0a442cd2ab418e78b94ce 0003-get-named-extension-from-certificate.patch
+45ce28aef661ae8ad9064cb7fe28aea80013b64d4083cc603a11eb0495a129e39fcb8b4e1b8fd1c865eedb130c04a20b0b0ffa7b64acdcfa5484fd896104ad39 0004-get-extension-data-in-DER-format.patch
+04ae5b77fb8c3097515d433dfdadc7c274d400847d773e04ecaf3471f6319e9cbcdba99f5d4572ae8ef04bcd14201189b2cd18c8197e2774cdd4408e02882f10 0005-initialize-extension-data-in-DER-format-without-inte.patch"