Software /
code /
prosody
Changeset
6292:751618071e89
util.sslconfig: Add lib to deal with LuaSec SSL context configs
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 03 Jul 2014 15:27:49 +0200 |
parents | 6291:7a604381d6fc |
children | 6293:851fb5e9fa0c |
files | util/sslconfig.lua |
diffstat | 1 files changed, 87 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/util/sslconfig.lua Thu Jul 03 15:27:49 2014 +0200 @@ -0,0 +1,87 @@ + +local handlers = { }; +local finalisers = { }; +local id = function (v) return v end + +function handlers.options(a, k, b) + local o = a[k] or { }; + if type(b) ~= "table" then b = { b } end + for k,v in pairs(b) do + if v == true or v == false then + o[k] = v; + else + o[v] = true; + end + end + a[k] = o; +end + +handlers.verify = handlers.options; +handlers.verifyext = handlers.options; + +function finalisers.options(a) + local o = {}; + for opt, enable in pairs(a) do + if enable then + o[#o+1] = opt; + end + end + return o; +end + +finalisers.verify = finalisers.options; +finalisers.verifyext = finalisers.options; + +function finalisers.ciphers(a) + if type(a) == "table" then + return table.concat(a, ":"); + end + return a; +end + +local protocols = { "sslv2", "sslv3", "tlsv1", "tlsv1_1", "tlsv1_2" }; +for i = 1, #protocols do protocols[protocols[i] .. "+"] = i - 1; end + +local function protocol(a) + local min_protocol = protocols[a.protocol]; + if min_protocol then + a.protocol = "sslv23"; + for i = 1, min_protocol do + table.insert(a.options, "no_"..protocols[i]); + end + end +end + +local function apply(a, b) + if type(b) == "table" then + for k,v in pairs(b) do + (handlers[k] or rawset)(a, k, v); + end + end +end + +local function final(a) + local f = { }; + for k,v in pairs(a) do + f[k] = (finalisers[k] or id)(v); + end + protocol(f); + return f; +end + +local sslopts_mt = { + __index = { + apply = apply; + final = final; + }; +}; + +local function new() + return setmetatable({options={}}, sslopts_mt); +end + +return { + apply = apply; + final = final; + new = new; +};