Added LuaSec (including binary Windows package from http://www.inf.pu…

…c-rio.br/~brunoos/luasec/) to provide SSL/HTTPS support for the socket library (needed for gist/github integration)
pkulchenko · Apr 20, 2012 · 0d8e6b0 · 0d8e6b0
1 parent 16d7239
commit 0d8e6b0
Show file tree

Hide file tree

Showing 3 changed files with 231 additions and 0 deletions.
diff --git a/bin/clibs/ssl.dll b/bin/clibs/ssl.dll
diff --git a/lualibs/ssl.lua b/lualibs/ssl.lua
@@ -0,0 +1,93 @@
+------------------------------------------------------------------------------
+-- LuaSec 0.4.1
+-- Copyright (C) 2006-2011 Bruno Silvestre
+--
+------------------------------------------------------------------------------
+
+module("ssl", package.seeall)
+
+require("ssl.core")
+require("ssl.context")
+
+
+_VERSION   = "0.4.1"
+_COPYRIGHT = "LuaSec 0.4.1 - Copyright (C) 2006-2011 Bruno Silvestre\n" .. 
+             "LuaSocket 2.0.2 - Copyright (C) 2004-2007 Diego Nehab"
+
+-- Export functions
+rawconnection = core.rawconnection
+rawcontext    = context.rawcontext
+
+--
+--
+--
+local function optexec(func, param, ctx)
+  if param then
+    if type(param) == "table" then
+      return func(ctx, unpack(param))
+    else
+      return func(ctx, param)
+    end
+  end
+  return true
+end
+
+--
+--
+--
+function newcontext(cfg)
+   local succ, msg, ctx
+   -- Create the context
+   ctx, msg = context.create(cfg.protocol)
+   if not ctx then return nil, msg end
+   -- Mode
+   succ, msg = context.setmode(ctx, cfg.mode)
+   if not succ then return nil, msg end
+   -- Load the key
+   if cfg.key then
+      succ, msg = context.loadkey(ctx, cfg.key, cfg.password)
+      if not succ then return nil, msg end
+   end
+   -- Load the certificate
+   if cfg.certificate then
+      succ, msg = context.loadcert(ctx, cfg.certificate)
+      if not succ then return nil, msg end
+   end
+   -- Load the CA certificates
+   if cfg.cafile or cfg.capath then
+      succ, msg = context.locations(ctx, cfg.cafile, cfg.capath)
+      if not succ then return nil, msg end
+   end
+   -- Set the verification options
+   succ, msg = optexec(context.setverify, cfg.verify, ctx)
+   if not succ then return nil, msg end
+   -- Set SSL options
+   succ, msg = optexec(context.setoptions, cfg.options, ctx)
+   if not succ then return nil, msg end
+   -- Set the depth for certificate verification
+   if cfg.depth then
+      succ, msg = context.setdepth(ctx, cfg.depth)
+      if not succ then return nil, msg end
+   end
+   return ctx
+end
+
+--
+--
+--
+function wrap(sock, cfg)
+   local ctx, msg
+   if type(cfg) == "table" then
+      ctx, msg = newcontext(cfg)
+      if not ctx then return nil, msg end
+   else
+      ctx = cfg
+   end
+   local s, msg = core.create(ctx)
+   if s then
+      core.setfd(s, sock:getfd())
+      sock:setfd(core.invalidfd)
+      return s
+   end
+   return nil, msg 
+end
diff --git a/lualibs/ssl/https.lua b/lualibs/ssl/https.lua
@@ -0,0 +1,138 @@
+----------------------------------------------------------------------------
+-- LuaSec 0.4.1
+-- Copyright (C) 2009-2011 PUC-Rio
+--
+-- Author: Pablo Musa
+-- Author: Tomas Guisasola
+---------------------------------------------------------------------------
+
+local socket = require("socket")
+local ssl    = require("ssl")
+local ltn12  = require("ltn12")
+local http   = require("socket.http")
+local url    = require("socket.url")
+
+local table  = require("table")
+local string = require("string")
+
+local try          = socket.try
+local type         = type
+local pairs        = pairs
+local getmetatable = getmetatable
+
+module("ssl.https")
+
+_VERSION   = "0.4.1"
+_COPYRIGHT = "LuaSec 0.4.1 - Copyright (C) 2009-2011 PUC-Rio"
+
+-- Default settings
+PORT = 443
+
+local cfg = {
+  protocol = "tlsv1",
+  options  = "all",
+  verify   = "none",
+}
+
+--------------------------------------------------------------------
+-- Auxiliar Functions
+--------------------------------------------------------------------
+
+-- Insert default HTTPS port.
+local function default_https_port(u)
+   return url.build(url.parse(u, {port = PORT}))
+end
+
+-- Convert an URL to a table according to Luasocket needs.
+local function urlstring_totable(url, body, result_table)
+   url = {
+      url = default_https_port(url),
+      method = body and "POST" or "GET",
+      sink = ltn12.sink.table(result_table)
+   }
+   if body then
+      url.source = ltn12.source.string(body)
+      url.headers = {
+         ["content-length"] = #body,
+         ["content-type"] = "application/x-www-form-urlencoded",
+      }
+   end
+   return url
+end
+
+-- Forward calls to the real connection object.
+local function reg(conn)
+   local mt = getmetatable(conn.sock).__index
+   for name, method in pairs(mt) do
+      if type(method) == "function" then
+         conn[name] = function (self, ...)
+                         return method(self.sock, ...)
+                      end
+      end
+   end
+end
+
+-- Return a function which performs the SSL/TLS connection.
+local function tcp(params)
+   params = params or {}
+   -- Default settings
+   for k, v in pairs(cfg) do 
+      params[k] = params[k] or v
+   end
+   -- Force client mode
+   params.mode = "client"
+   -- 'create' function for LuaSocket
+   return function ()
+      local conn = {}
+      conn.sock = try(socket.tcp())
+      local st = getmetatable(conn.sock).__index.settimeout
+      function conn:settimeout(...)
+         return st(self.sock, ...)
+      end
+      -- Replace TCP's connection function
+      function conn:connect(host, port)
+         try(self.sock:connect(host, port))
+         self.sock = try(ssl.wrap(self.sock, params))
+         try(self.sock:dohandshake())
+         reg(self, getmetatable(self.sock))
+         return 1
+      end
+      return conn
+  end
+end
+
+--------------------------------------------------------------------
+-- Main Function
+--------------------------------------------------------------------
+
+-- Make a HTTP request over secure connection.  This function receives
+--  the same parameters of LuaSocket's HTTP module (except 'proxy' and
+--  'redirect') plus LuaSec parameters.
+--
+-- @param url mandatory (string or table)
+-- @param body optional (string)
+-- @return (string if url == string or 1), code, headers, status
+--
+function request(url, body)
+  local result_table = {}
+  local stringrequest = type(url) == "string"
+  if stringrequest then
+    url = urlstring_totable(url, body, result_table)
+  else
+    url.url = default_https_port(url.url)
+  end
+  if http.PROXY or url.proxy then
+    return nil, "proxy not supported"
+  elseif url.redirect then
+    return nil, "redirect not supported"
+  elseif url.create then
+    return nil, "create function not permitted"
+  end
+  -- New 'create' function to establish a secure connection
+  url.create = tcp(url)
+  local res, code, headers, status = http.request(url)
+  if res and stringrequest then
+    return table.concat(result_table), code, headers, status
+  end
+  return res, code, headers, status
+end