12951414591

Committed 24 Jan 2025 02:18PM UTC coverage: 88.715% (-4.4%) from 93.088%

Build # 12951414591

Build Type

push

travis-ci

Committed by

zhaozg

Commit Message

ci: with lua-5.4.7

Run Details

9033 of 10182 relevant lines covered (88.72%)

1453.16 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

89.06

/src/callback.c

/*=========================================================================*\
* callback.c
* callback for lua-openssl binding
*
* Author:  george zhao <zhaozg(at)gmail.com>
\*=========================================================================*/
#include "openssl.h"
#include "private.h"
#include <stdint.h>
#include <openssl/ssl.h>

static int verify_cb(int preverify_ok, X509_STORE_CTX *xctx, lua_State*L, SSL* ssl, SSL_CTX* ctx)
{
  int err = X509_STORE_CTX_get_error(xctx);
  int depth = X509_STORE_CTX_get_error_depth(xctx);
  X509 *current = X509_STORE_CTX_get_current_cert(xctx);

  if (L)
  {
    /* get verify_cert state */
    openssl_valueget(L, ssl, "verify_cert");
    if (lua_isnil(L, -1))
    {
      lua_newtable(L);
      openssl_valueset(L, ssl, "verify_cert");
      openssl_valueget(L, ssl, "verify_cert");
    }

    /* create current verify state table */
    lua_newtable(L);
    if (preverify_ok != -1)
    {
      lua_pushboolean(L, preverify_ok);
      lua_setfield(L, -2, "preverify_ok");
    }
    lua_pushinteger(L, err);
    lua_setfield(L, -2, "error");
    lua_pushstring(L, X509_verify_cert_error_string(err));
    lua_setfield(L, -2, "error_string");
    lua_pushinteger(L, X509_STORE_CTX_get_error_depth(xctx));
    lua_setfield(L, -2, "error_depth");
    if (current)
    {
      PUSH_OBJECT(current, "openssl.x509");
      X509_up_ref(current);
      lua_setfield(L, -2, "current_cert");
    }

    openssl_valueget(L, ctx, preverify_ok == -1 ? "cert_verify_cb" : "verify_cb");
    if (lua_isfunction(L, -1))
    {
      /* this is set by  SSL_CTX_set_verify */
      lua_pushvalue(L, -2); /* current verify state */
      if (lua_pcall(L, 1, 1, 0) == 0)
      {
        preverify_ok = lua_toboolean(L, -1);
        lua_pop(L, 1);
      }
      else
        luaL_error(L, lua_tostring(L, -1));
    }
    else
    {
      int always_continue, verify_depth;
      openssl_valueget(L, ctx, "verify_cb_flags");
      /*
      int verify_depth;
      int always_continue;
      */
      if (lua_istable(L, -1))
      {
        lua_getfield(L, -1, "always_continue");
        always_continue = lua_toboolean(L, -1);
        lua_pop(L, 1);

        lua_getfield(L, -1, "verify_depth");
        verify_depth = lua_toboolean(L, -1);
        lua_pop(L, 1);

        if (depth > verify_depth)
        {
          preverify_ok = 0;
          X509_STORE_CTX_set_error(xctx, X509_V_ERR_CERT_CHAIN_TOO_LONG);
        }
        if (always_continue)
          preverify_ok = 1;
      }
      lua_pop(L, 1);
    }

    /* set current state to chain */
    lua_rawseti(L, -2, lua_rawlen(L, -2) + 1);

    /* balance lua stack */
    lua_pop(L, 1);
  }

  return preverify_ok;
}

int openssl_verify_cb(int preverify_ok, X509_STORE_CTX *xctx)
{
  SSL *ssl = X509_STORE_CTX_get_ex_data(xctx,
                                        SSL_get_ex_data_X509_STORE_CTX_idx());
  SSL_CTX *ctx = ssl ? SSL_get_SSL_CTX(ssl) : NULL;
  lua_State *L = ctx ? SSL_CTX_get_app_data(ctx) : NULL;
  if (ssl)
    openssl_newvalue(L, ssl);
  return ctx ? verify_cb(preverify_ok, xctx, L, ssl, ctx) : 0;
};

int openssl_cert_verify_cb(X509_STORE_CTX *xctx, void* u)
{
  int preverify_ok = 0;
  lua_State *L = (lua_State *)u;
  SSL *ssl = X509_STORE_CTX_get_ex_data(xctx,
                                        SSL_get_ex_data_X509_STORE_CTX_idx());
  SSL_CTX *ctx = ssl ? SSL_get_SSL_CTX(ssl) : NULL;
  if (ssl)
    openssl_newvalue(L, ssl);
  preverify_ok = ctx ? verify_cb(-1, xctx, L, ssl, ctx) : 0;
  return preverify_ok == -1 ? 0 : preverify_ok;
};


1	/=========================================================================\
2	* callback.c
3	* callback for lua-openssl binding
4	*
5	* Author: george zhao <zhaozg(at)gmail.com>
6	\=========================================================================/
7	#include "openssl.h"
8	#include "private.h"
9	#include <stdint.h>
10	#include <openssl/ssl.h>
11
12	static int verify_cb(int preverify_ok, X509_STORE_CTX xctx, lua_StateL, SSL* ssl, SSL_CTX* ctx)	6✔
13	{
14	int err = X509_STORE_CTX_get_error(xctx);	6✔
15	int depth = X509_STORE_CTX_get_error_depth(xctx);	6✔
16	X509 *current = X509_STORE_CTX_get_current_cert(xctx);	6✔
17
18	if (L)	6✔
19	{
20	/* get verify_cert state */
21	openssl_valueget(L, ssl, "verify_cert");	6✔
22	if (lua_isnil(L, -1))	6✔
23	{
24	lua_newtable(L);	5✔
25	openssl_valueset(L, ssl, "verify_cert");	5✔
26	openssl_valueget(L, ssl, "verify_cert");	5✔
27	}
28
29	/* create current verify state table */
30	lua_newtable(L);	6✔
31	if (preverify_ok != -1)	6✔
32	{
33	lua_pushboolean(L, preverify_ok);	1✔
34	lua_setfield(L, -2, "preverify_ok");	1✔
35	}
36	lua_pushinteger(L, err);	6✔
37	lua_setfield(L, -2, "error");	6✔
38	lua_pushstring(L, X509_verify_cert_error_string(err));	6✔
39	lua_setfield(L, -2, "error_string");	6✔
40	lua_pushinteger(L, X509_STORE_CTX_get_error_depth(xctx));	6✔
41	lua_setfield(L, -2, "error_depth");	6✔
42	if (current)	6✔
43	{
44	PUSH_OBJECT(current, "openssl.x509");	1✔
45	X509_up_ref(current);	1✔
46	lua_setfield(L, -2, "current_cert");	1✔
47	}
48
49	openssl_valueget(L, ctx, preverify_ok == -1 ? "cert_verify_cb" : "verify_cb");	6✔
50	if (lua_isfunction(L, -1))	6✔
51	{
52	/* this is set by SSL_CTX_set_verify */
53	lua_pushvalue(L, -2); /* current verify state */	×
54	if (lua_pcall(L, 1, 1, 0) == 0)	×
55	{
56	preverify_ok = lua_toboolean(L, -1);	×
57	lua_pop(L, 1);	×
58	}
59	else
60	luaL_error(L, lua_tostring(L, -1));	×
61	}
62	else
63	{
64	int always_continue, verify_depth;
65	openssl_valueget(L, ctx, "verify_cb_flags");	6✔
66	/*
67	int verify_depth;
68	int always_continue;
69	*/
70	if (lua_istable(L, -1))	6✔
71	{
72	lua_getfield(L, -1, "always_continue");	5✔
73	always_continue = lua_toboolean(L, -1);	5✔
74	lua_pop(L, 1);	5✔
75
76	lua_getfield(L, -1, "verify_depth");	5✔
77	verify_depth = lua_toboolean(L, -1);	5✔
78	lua_pop(L, 1);	5✔
79
80	if (depth > verify_depth)	5✔
81	{
82	preverify_ok = 0;	×
83	X509_STORE_CTX_set_error(xctx, X509_V_ERR_CERT_CHAIN_TOO_LONG);	×
84	}
85	if (always_continue)	5✔
86	preverify_ok = 1;	5✔
87	}
88	lua_pop(L, 1);	6✔
89	}
90
91	/* set current state to chain */
92	lua_rawseti(L, -2, lua_rawlen(L, -2) + 1);	6✔
93
94	/* balance lua stack */
95	lua_pop(L, 1);	6✔
96	}
97
98	return preverify_ok;	6✔
99	}
100
101	int openssl_verify_cb(int preverify_ok, X509_STORE_CTX *xctx)	1✔
102	{
103	SSL *ssl = X509_STORE_CTX_get_ex_data(xctx,	1✔
104	SSL_get_ex_data_X509_STORE_CTX_idx());
105	SSL_CTX *ctx = ssl ? SSL_get_SSL_CTX(ssl) : NULL;	1✔
106	lua_State *L = ctx ? SSL_CTX_get_app_data(ctx) : NULL;	1✔
107	if (ssl)	1✔
108	openssl_newvalue(L, ssl);	1✔
109	return ctx ? verify_cb(preverify_ok, xctx, L, ssl, ctx) : 0;	1✔
110	};
111
112	int openssl_cert_verify_cb(X509_STORE_CTX xctx, void u)	5✔
113	{
114	int preverify_ok = 0;	5✔
115	lua_State L = (lua_State )u;	5✔
116	SSL *ssl = X509_STORE_CTX_get_ex_data(xctx,	5✔
117	SSL_get_ex_data_X509_STORE_CTX_idx());
118	SSL_CTX *ctx = ssl ? SSL_get_SSL_CTX(ssl) : NULL;	5✔
119	if (ssl)	5✔
120	openssl_newvalue(L, ssl);	5✔
121	preverify_ok = ctx ? verify_cb(-1, xctx, L, ssl, ctx) : 0;	5✔
122	return preverify_ok == -1 ? 0 : preverify_ok;	5✔
123	};
124

zhaozg / lua-openssl / 12951414591

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous