Lua bindings now complete

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@111 9a5d90b5-6617-0410-8a86-bb477d3ed2e3

bindings/generate_SWIG_interface.pl

@@ -356,10 +356,10 @@ SWIG_TYPEMAP_NUM_ARR(uchar,unsigned char);
 
 /* for ssl_client_new() */
 %typemap(in) const unsigned char session_id[] {
-    if(!lua_isnumber(L,\$input))
+    if (lua_isnil(L,\$input))
         \$1 = NULL;
     else
-        \$1 = SWIG_get_uint_num_array_fixed(L,\$input, SSL_SESSION_ID_SIZE);
+        \$1 = SWIG_get_uchar_num_array_fixed(L,\$input, SSL_SESSION_ID_SIZE);
 }
 
 #endif

bindings/lua/Makefile

@@ -39,9 +39,8 @@ include ../../config/makefile.post
 # there are a few static functions that aren't used
 CFLAGS += -funit-at-a-time
 
-# libaxtls has to be linked in as a single object for this (TODO: see if this is completely necessary)
 $(TARGET) : $(OBJ)
-	$(LD) $(LDFLAGS) -L$(CONFIG_LUA_CORE)/lib $(LDSHARED) -o $@ $(OBJ) ../../$(STAGE)/libaxtls.a -llua
+	$(LD) $(LDFLAGS) -L../../$(STAGE) -L$(CONFIG_LUA_CORE)/lib $(LDSHARED) -o $@ $(OBJ) -laxtls -llua
 
 CFLAGS += -I$(CONFIG_HOME) -I$(SSL_HOME) -I $(CONFIG_LUA_CORE)/include
 else

httpd/Makefile

@@ -43,7 +43,7 @@ ifdef CONFIG_HTTP_BUILD_LUA
 lua: kepler-1.1
 
 kepler-1.1:
-	@tar xvfz  kepler-1.1-snapshot-20070420-1741.tar.gz
+	@tar xvfz   kepler-1.1-snapshot-20070521-1825.tar.gz
 	@cat kepler.patch | patch -p0
 	cd kepler-1.1; ./configure --prefix=$(CONFIG_HTTP_LUA_PREFIX) --launcher=cgi --lua-suffix= ; make install
 else

samples/Config.in

@@ -52,5 +52,12 @@ config CONFIG_PERL_SAMPLES
         Build the "Perl" version of axssl. The features enabled are very
         dependent on the build mode ('full' mode will give all features).
 
+config CONFIG_LUA_SAMPLES
+    bool "axssl - Lua version"
+    default y
+    depends on CONFIG_SAMPLES && CONFIG_LUA_BINDINGS
+    help
+        Build the "Lua" version of axssl. The features enabled are very
+        dependent on the build mode ('full' mode will give all features).
 endmenu
 

samples/lua/axssl.lua

@@ -133,7 +133,7 @@ function do_server(build_mode)
     local port = 4433
     local options = axtlsl.SSL_DISPLAY_CERTS
     local quiet = false
-    local password = nil
+    local password = ""
     local private_key_file = nil
     local cert_size = axtlsl.ssl_get_config(axtlsl.SSL_MAX_CERT_CFG_OFFSET)
     local ca_cert_size = axtlsl.
@@ -208,6 +208,9 @@ function do_server(build_mode)
         i = i + 1
     end
 
+    -- Create socket for incoming connections
+    local server_sock = socket.try(socket.bind("*", port))
+
     ---------------------------------------------------------------------------
     -- This is where the interesting stuff happens. Up until now we've
     -- just been setting up sockets etc. Now we do the SSL handshake.
@@ -226,29 +229,26 @@ function do_server(build_mode)
             obj_type = axtlsl.SSL_OBJ_PKCS12 
         end
 
-        if axtlsl.ssl_obj_load(ssl_ctx, obj_type, 
-                                        private_key_file, password) then
+        if axtlsl.ssl_obj_load(ssl_ctx, obj_type, private_key_file, 
+                                        password) ~= axtlsl.SSL_OK then
             error("Private key '" .. private_key_file .. "' is undefined.")
         end
     end
 
     for _, v in ipairs(cert) do
-        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CERT, v, "") 
-                                        ~= axtlsl.SSL_OK then
+        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CERT, v, "") ~= 
+                                        axtlsl.SSL_OK then
             error("Certificate '"..v .. "' is undefined.")
         end
     end
 
     for _, v in ipairs(ca_cert) do
-        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CACERT, v, "") 
-                                        ~= axtlsl.SSL_OK then
+        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CACERT, v, "") ~= 
+                                        axtlsl.SSL_OK then
             error("Certificate '"..v .."' is undefined.")
         end
     end
 
-    -- Create socket for incoming connections
-    local server_sock = socket.try(socket.bind("*", port))
-
     while true do
         if not quiet then print("ACCEPT") end
         local client_sock = server_sock:accept();
@@ -306,7 +306,7 @@ function do_client(build_mode)
     local private_key_file = nil
     local reconnect = 0
     local quiet = false
-    local password = nil
+    local password = ""
     local session_id = {}
     local host = "127.0.0.1"
     local cert_size = axtlsl.ssl_get_config(axtlsl.SSL_MAX_CERT_CFG_OFFSET)
@@ -379,6 +379,16 @@ function do_client(build_mode)
         i = i + 1
     end
 
+    local client_sock = socket.try(socket.connect(host, port))
+    local ssl
+    local res
+
+    if not quiet then print("CONNECTED") end
+
+    ---------------------------------------------------------------------------
+    -- This is where the interesting stuff happens. Up until now we've
+    -- just been setting up sockets etc. Now we do the SSL handshake.
+    ---------------------------------------------------------------------------
     local ssl_ctx = axtlsl.ssl_ctx_new(options, axtlsl.SSL_DEFAULT_CLNT_SESS)
 
     if ssl_ctx == nil then 
@@ -396,45 +406,35 @@ function do_client(build_mode)
             obj_type = axtlsl.SSL_OBJ_PKCS12 
         end
 
-        if axtlsl.ssl_obj_load(ssl_ctx, obj_type, 
-                                    private_key_file, password) then
+        if axtlsl.ssl_obj_load(ssl_ctx, obj_type, private_key_file, 
+                                        password) ~= axtlsl.SSL_OK then
             error("Private key '"..private_key_file.."' is undefined.")
         end
     end
 
     for _, v in ipairs(cert) do
-        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CERT, v, "") 
-                                        ~= axtlsl.SSL_OK then
+        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CERT, v, "") ~= 
+                                        axtlsl.SSL_OK then
             error("Certificate '"..v .. "' is undefined.")
         end
     end
 
     for _, v in ipairs(ca_cert) do
-        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CACERT, v, "") 
-                                        ~= axtlsl.SSL_OK then
+        if axtlsl.ssl_obj_load(ssl_ctx, axtlsl.SSL_OBJ_X509_CACERT, v, "") ~= 
+                                        axtlsl.SSL_OK then
             error("Certificate '"..v .."' is undefined.")
         end
     end
 
-    ---------------------------------------------------------------------------
-    -- This is where the interesting stuff happens. Up until now we've
-    -- just been setting up sockets etc. Now we do the SSL handshake.
-    ---------------------------------------------------------------------------
-    local client_sock = assert(socket.connect(host, port))
-    local ssl
-    local res
-
-    if not quiet then print("CONNECTED") end
-
     -- Try session resumption?
-    if reconnect > 0 then
+    if reconnect ~= 0 then
         local session_id = nil
-        while reconnect do
+        while reconnect > 0 do
             reconnect = reconnect - 1
             ssl = axtlsl.ssl_client_new(ssl_ctx, 
                     client_sock:getfd(), session_id)
 
-            res = ssl_handshake_status(ssl)
+            res = axtlsl.ssl_handshake_status(ssl)
             if res ~= axtlsl.SSL_OK then
                 if not quiet then axtlsl.ssl_display_error(res) end
                 axtlsl.ssl_free(ssl)
@@ -444,11 +444,12 @@ function do_client(build_mode)
             display_session_id(ssl)
             session_id = axtlsl.ssl_get_session_id(ssl)
 
-            if reconnect then
-                ssl_free(ssl)
+            if reconnect > 0 then
+                axtlsl.ssl_free(ssl)
                 client_sock:close()
-                client_sock = assert(socket.connect(host, port))
+                client_sock = socket.try(socket.connect(host, port))
             end
+
         end
     else
         ssl = axtlsl.ssl_client_new(ssl_ctx, client_sock:getfd(), nil)
@@ -456,7 +457,6 @@ function do_client(build_mode)
 
     -- check the return status
     res = axtlsl.ssl_handshake_status(ssl)
-print("RES: "..res)
     if res ~= axtlsl.SSL_OK then
         if not quiet then axtlsl.ssl_display_error(res) end
         os.exit(1)
@@ -475,9 +475,18 @@ print("RES: "..res)
     end
 
     while true do
-        local x = { 65, 66, 67, 10, 0 }
         local line = io.read()
-        res = axtlsl.ssl_write(ssl, x, #x)
+    if line == nil then break end
+        local bytes = {}
+
+        for i = 1, #line do
+            bytes[i] = line.byte(line, i)
+        end
+
+        bytes[#line+1] = 10      -- add carriage return, null
+        bytes[#line+2] = 0
+
+        res = axtlsl.ssl_write(ssl, bytes, #bytes)
         if res < axtlsl.SSL_OK then
             if not quiet then axtlsl.ssl_display_error(res) end
             break
@@ -513,7 +522,7 @@ end
 --
 function display_session_id(ssl)
     local session_id = axtlsl.ssl_get_session_id(ssl)
-    local i, v
+    local v
 
     print("-----BEGIN SSL SESSION PARAMETERS-----")
     for _, v in ipairs(session_id) do
@@ -532,4 +541,5 @@ end
 
 local build_mode = axtlsl.ssl_get_config(axtlsl.SSL_BUILD_MODE)
 _ = arg[1] == "s_server" and do_server(build_mode) or do_client(build_mode)
+os.exit(0)
 

ssl/os_port.h

@@ -70,6 +70,8 @@ extern "C" {
 #define SOCKET_READ(A,B,C)      recv(A,B,C,0)
 #define SOCKET_WRITE(A,B,C)     send(A,B,C,0)
 #define SOCKET_CLOSE(A)         closesocket(A)
+#define SOCKET_BLOCK(A)         u_long argp = 0; \
+                                ioctlsocket(A, FIONBIO, &argp)
 #define srandom(A)              srand(A)
 #define random()                rand()
 #define getpid()                _getpid()
@@ -139,6 +141,8 @@ EXP_FUNC int STDCALL strcasecmp(const char *s1, const char *s2);
 #define SOCKET_READ(A,B,C)      read(A,B,C)
 #define SOCKET_WRITE(A,B,C)     write(A,B,C)
 #define SOCKET_CLOSE(A)         close(A)
+#define SOCKET_BLOCK(A)         int fd = fcntl(A, F_GETFL, NULL); \
+                                fcntl(A, F_SETFL, fd & ~O_NONBLOCK)
 #define TTY_FLUSH()
 
 #endif  /* Not Win32 */

ssl/test/test_axssl.sh

@@ -30,12 +30,14 @@ if grep "CONFIG_PLATFORM_WIN32=y" "../config/.config"  > /dev/null; then
     KILL_CSHARP="kill %1"
     KILL_PERL="kill %1"
     KILL_JAVA="kill %1"
+    KILL_LUA="kill %1"
 else
     if grep "CONFIG_PLATFORM_CYGWIN=y" "../config/.config"  > /dev/null; then
         # no .net or java on cygwin
         PERL_BIN=/usr/bin/perl
         KILL_AXSSL="killall axssl"
         KILL_PERL="killall /usr/bin/perl"
+        KILL_LUA="killall /usr/local/bin/lua"
     else     # Linux
         JAVA_EXE=/usr/java/default/bin/java
         PERL_BIN=/usr/bin/perl
@@ -44,6 +46,7 @@ else
         KILL_PERL="killall /usr/bin/perl"
         RUN_CSHARP="mono"
         KILL_JAVA="killall $JAVA_EXE"
+        KILL_LUA="killall /usr/local/bin/lua"
     fi
 fi
 
@@ -129,4 +132,18 @@ sleep 1
 echo "### Perl tests complete"
 fi
 
+if [ -f ./axssl.lua ]; then
+echo "########################## LUA SAMPLE ###########################"
+./axssl.lua $SERVER_ARGS &
+echo "Lua Test passed" | ./axssl.lua $CLIENT_ARGS
+$KILL_LUA
+sleep 1
+
+./axssl.lua $SERVER_PEM_ARGS &
+echo "Lua Test passed" | ./axssl.lua $CLIENT_PEM_ARGS
+$KILL_LUA
+sleep 1
+echo "### Lua tests complete"
+fi
+
 echo "########################## ALL TESTS COMPLETE ###########################"

ssl/tls1_clnt.c

@@ -37,8 +37,11 @@ static int send_cert_verify(SSL *ssl);
  */
 EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const uint8_t *session_id)
 {
+    SSL *ssl;
     int ret;
-    SSL *ssl = ssl_new(ssl_ctx, client_fd);
+
+    SOCKET_BLOCK(client_fd);    /* ensure blocking mode */
+    ssl = ssl_new(ssl_ctx, client_fd);
 
     if (session_id && ssl_ctx->num_sessions)
     {

ssl/tls1_svr.c

@@ -39,7 +39,9 @@ static int process_cert_verify(SSL *ssl);
  */
 EXP_FUNC SSL * STDCALL ssl_server_new(SSL_CTX *ssl_ctx, int client_fd)
 {
-    SSL *ssl = ssl_new(ssl_ctx, client_fd);
+    SSL *ssl;
+
+    ssl = ssl_new(ssl_ctx, client_fd);
     ssl->next_state = HS_CLIENT_HELLO;
 
 #ifdef CONFIG_SSL_FULL_MODE