[Minor] Lua_tcp: Add starttls implementation

author: Vsevolod Stakhov <vsevolod@highsecure.ru> 2019-05-30 16:20:45 +0100
committer: Vsevolod Stakhov <vsevolod@highsecure.ru> 2019-05-30 16:20:45 +0100
commit: 0b4e01b39ed800d77452b6721122c84f8139daa6 (patch)
tree: 2df8d73d7cbc363d9ff05863f78738f167b0f07f /src/lua/lua_tcp.c
parent: 29bbc293d32fab155089fb0d3cfaca4ee11e0a8a (diff)
download: rspamd-0b4e01b39ed800d77452b6721122c84f8139daa6.tar.gz
rspamd-0b4e01b39ed800d77452b6721122c84f8139daa6.zip
1 files changed, 28 insertions, 0 deletions
diff --git a/src/lua/lua_tcp.c b/src/lua/lua_tcp.c
index 1e19efd97..d0def9ac2 100644
--- a/src/lua/lua_tcp.c
+++ b/src/lua/lua_tcp.c
@@ -2345,6 +2345,34 @@ lua_tcp_sync_shutdown (lua_State *L)
 static gint
 lua_tcp_starttls (lua_State * L)
 {
+	LUA_TRACE_POINT;
+	struct lua_tcp_cbdata *cbd = lua_check_tcp (L, 1);
+	gpointer ssl_ctx;
+	gboolean verify_peer;
+
+	if (cbd == NULL || cbd->ssl_conn != NULL) {
+		return luaL_error (L, "invalid arguments");
+	}
+
+	if (cbd->flags & LUA_TCP_FLAG_SSL_NOVERIFY) {
+		ssl_ctx = cbd->cfg->libs_ctx->ssl_ctx_noverify;
+		verify_peer = FALSE;
+	}
+	else {
+		ssl_ctx = cbd->cfg->libs_ctx->ssl_ctx;
+		verify_peer = TRUE;
+	}
+
+	event_base_set (cbd->ev_base, &cbd->ev);
+	cbd->ssl_conn =
+			rspamd_ssl_connection_new (ssl_ctx, cbd->ev_base, verify_peer);
+
+	if (!rspamd_ssl_connect_fd (cbd->ssl_conn, cbd->fd, cbd->hostname, &cbd->ev,
+			&cbd->tv, lua_tcp_handler, lua_tcp_ssl_on_error, cbd)) {
+		lua_tcp_push_error (cbd, TRUE, "ssl connection failed: %s",
+				strerror (errno));
+	}
+
 	return 0;
 }
author	Vsevolod Stakhov <vsevolod@highsecure.ru>	2019-05-30 16:20:45 +0100
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>	2019-05-30 16:20:45 +0100
commit	0b4e01b39ed800d77452b6721122c84f8139daa6 (patch)
tree	2df8d73d7cbc363d9ff05863f78738f167b0f07f /src/lua/lua_tcp.c
parent	29bbc293d32fab155089fb0d3cfaca4ee11e0a8a (diff)
download	rspamd-0b4e01b39ed800d77452b6721122c84f8139daa6.tar.gz rspamd-0b4e01b39ed800d77452b6721122c84f8139daa6.zip