httpclient: HTTPS support
axTLS: enable diagnostic mode
return nil, -1, "unable to parse URI"
end
return nil, -1, "unable to parse URI"
end
+ if pr ~= "http" and pr ~= "https" then
return nil, -2, "protocol not supported"
end
return nil, -2, "protocol not supported"
end
- port = #port > 0 and port or "80"
+ port = #port > 0 and port or (pr == "https" and "443" or "80")
path = #path > 0 and path or "/"
options.depth = options.depth or 10
path = #path > 0 and path or "/"
options.depth = options.depth or 10
sock:setsockopt("socket", "sndtimeo", options.sndtimeo or 15)
sock:setsockopt("socket", "rcvtimeo", options.rcvtimeo or 15)
sock:setsockopt("socket", "sndtimeo", options.sndtimeo or 15)
sock:setsockopt("socket", "rcvtimeo", options.rcvtimeo or 15)
+ if pr == "https" then
+ local tls = options.tls_context or nixio.tls()
+ sock = tls:create(sock)
+ local stat, code, error = sock:connect()
+ if not stat then
+ return stat, code, error
+ end
+ end
+
-- Pre assemble fixes
if protocol == "HTTP/1.1" then
headers.Host = headers.Host or host
-- Pre assemble fixes
if protocol == "HTTP/1.1" then
headers.Host = headers.Host or host
+.depend
+.config.*
+_stage
#
# CONFIG_SSL_SERVER_ONLY is not set
# CONFIG_SSL_CERT_VERIFICATION is not set
#
# CONFIG_SSL_SERVER_ONLY is not set
# CONFIG_SSL_CERT_VERIFICATION is not set
-CONFIG_SSL_ENABLE_CLIENT=y
-# CONFIG_SSL_FULL_MODE is not set
+# CONFIG_SSL_ENABLE_CLIENT is not set
+CONFIG_SSL_FULL_MODE=y
# CONFIG_SSL_SKELETON_MODE is not set
# CONFIG_SSL_PROT_LOW is not set
CONFIG_SSL_PROT_MEDIUM=y
# CONFIG_SSL_SKELETON_MODE is not set
# CONFIG_SSL_PROT_LOW is not set
CONFIG_SSL_PROT_MEDIUM=y
*/
#undef CONFIG_SSL_SERVER_ONLY
#undef CONFIG_SSL_CERT_VERIFICATION
*/
#undef CONFIG_SSL_SERVER_ONLY
#undef CONFIG_SSL_CERT_VERIFICATION
-#define CONFIG_SSL_ENABLE_CLIENT 1
-#undef CONFIG_SSL_FULL_MODE
+#undef CONFIG_SSL_ENABLE_CLIENT
+#define CONFIG_SSL_FULL_MODE 1
#undef CONFIG_SSL_SKELETON_MODE
#undef CONFIG_SSL_PROT_LOW
#define CONFIG_SSL_PROT_MEDIUM 1
#undef CONFIG_SSL_SKELETON_MODE
#undef CONFIG_SSL_PROT_LOW
#define CONFIG_SSL_PROT_MEDIUM 1
#
# CONFIG_SSL_SERVER_ONLY is not set
# CONFIG_SSL_CERT_VERIFICATION is not set
#
# CONFIG_SSL_SERVER_ONLY is not set
# CONFIG_SSL_CERT_VERIFICATION is not set
-CONFIG_SSL_ENABLE_CLIENT=y
-# CONFIG_SSL_FULL_MODE is not set
+# CONFIG_SSL_ENABLE_CLIENT is not set
+CONFIG_SSL_FULL_MODE=y
# CONFIG_SSL_SKELETON_MODE is not set
# CONFIG_SSL_PROT_LOW is not set
CONFIG_SSL_PROT_MEDIUM=y
# CONFIG_SSL_SKELETON_MODE is not set
# CONFIG_SSL_PROT_LOW is not set
CONFIG_SSL_PROT_MEDIUM=y
*/
#undef CONFIG_SSL_SERVER_ONLY
#undef CONFIG_SSL_CERT_VERIFICATION
*/
#undef CONFIG_SSL_SERVER_ONLY
#undef CONFIG_SSL_CERT_VERIFICATION
-#define CONFIG_SSL_ENABLE_CLIENT 1
-#undef CONFIG_SSL_FULL_MODE
+#undef CONFIG_SSL_ENABLE_CLIENT
+#define CONFIG_SSL_FULL_MODE 1
#undef CONFIG_SSL_SKELETON_MODE
#undef CONFIG_SSL_PROT_LOW
#define CONFIG_SSL_PROT_MEDIUM 1
#undef CONFIG_SSL_SKELETON_MODE
#undef CONFIG_SSL_PROT_LOW
#define CONFIG_SSL_PROT_MEDIUM 1
local table = require "table"
local nixio = require "nixio"
local table = require "table"
local nixio = require "nixio"
-local setmetatable, assert = setmetatable, assert
+local getmetatable, assert = getmetatable, assert
local socket = nixio.socket_meta
local tls_socket = nixio.tls_socket_meta
local socket = nixio.socket_meta
local tls_socket = nixio.tls_socket_meta
+function socket.is_socket(self)
+ return (getmetatable(self) == socket)
+end
+tls_socket.is_socket = socket.is_socket
+
+function socket.is_tls_socket(self)
+ return (getmetatable(self) == tls_socket)
+end
+tls_socket.is_tls_socket = socket.is_tls_socket
+
function socket.recvall(self, len)
local block, code, msg = self:recv(len)
function socket.recvall(self, len)
local block, code, msg = self:recv(len)
-tls_socket.blocksource = socket.blocksource
\ No newline at end of file
+tls_socket.blocksource = socket.blocksource
+
+function tls_socket.close(self)
+ self:shutdown()
+ return self.socket:close()
+end
\ No newline at end of file
int SSL_get_error(const SSL *ssl, int ret)
{
ssl_display_error(ret);
int SSL_get_error(const SSL *ssl, int ret)
{
ssl_display_error(ret);
- return 0; /* TODO: return proper return code */
+ return ret; /* TODO: return proper return code */
}
void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option) {}
}
void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option) {}
SSL_CTX *ctx = nixio__checktlsctx(L);
int fd = nixio__checkfd(L, 2);
SSL_CTX *ctx = nixio__checktlsctx(L);
int fd = nixio__checkfd(L, 2);
+ lua_createtable(L, 0, 3);
nixio_tls_sock *sock = lua_newuserdata(L, sizeof(nixio_tls_sock));
if (!sock) {
return luaL_error(L, "out of memory");
nixio_tls_sock *sock = lua_newuserdata(L, sizeof(nixio_tls_sock));
if (!sock) {
return luaL_error(L, "out of memory");
/* create userdata */
luaL_getmetatable(L, NIXIO_TLS_SOCK_META);
/* create userdata */
luaL_getmetatable(L, NIXIO_TLS_SOCK_META);
- lua_setmetatable(L, -2);
+ lua_pushvalue(L, -1);
+ lua_setmetatable(L, -3);
sock->socket = SSL_new(ctx);
if (!sock->socket) {
sock->socket = SSL_new(ctx);
if (!sock->socket) {
return nixio__tls_perror(L, 0);
}
return nixio__tls_perror(L, 0);
}
+ /* save context and socket to prevent GC from collecting them */
+ lua_setmetatable(L, -3);
+ lua_setfield(L, -2, "connection");
+
+ lua_pushvalue(L, 1);
+ lua_setfield(L, -2, "context");
+
+ lua_pushvalue(L, 2);
+ lua_setfield(L, -2, "socket");
+
static int nixio__tls_sock_perror(lua_State *L, SSL *sock, int code) {
lua_pushnil(L);
static int nixio__tls_sock_perror(lua_State *L, SSL *sock, int code) {
lua_pushnil(L);
- lua_pushinteger(L, code);
lua_pushinteger(L, SSL_get_error(sock, code));
lua_pushinteger(L, SSL_get_error(sock, code));
}
static int nixio__tls_sock_pstatus(lua_State *L, SSL *sock, int code) {
}
static int nixio__tls_sock_pstatus(lua_State *L, SSL *sock, int code) {
}
static SSL* nixio__checktlssock(lua_State *L) {
}
static SSL* nixio__checktlssock(lua_State *L) {
+ if (lua_istable(L, 1)) {
+ lua_getfield(L, 1, "connection");
+ lua_replace(L, 1);
+ }
nixio_tls_sock *sock = luaL_checkudata(L, 1, NIXIO_TLS_SOCK_META);
luaL_argcheck(L, sock->socket, 1, "invalid context");
return sock->socket;
nixio_tls_sock *sock = luaL_checkudata(L, 1, NIXIO_TLS_SOCK_META);
luaL_argcheck(L, sock->socket, 1, "invalid context");
return sock->socket;
static int nixio_tls_sock__tostring(lua_State *L) {
SSL *sock = nixio__checktlssock(L);
static int nixio_tls_sock__tostring(lua_State *L) {
SSL *sock = nixio__checktlssock(L);
- lua_pushfstring(L, "nixio TLS socket: %p", sock);
+ lua_pushfstring(L, "nixio TLS connection: %p", sock);
projects / project / luci.git / commitdiff