Skip to content

Instantly share code, notes, and snippets.

@gkatev
Forked from bzed/ssl_c_pem.lua
Last active September 22, 2021 20:31
Show Gist options
  • Save gkatev/2f9657970276ff8cb10c1908968dbcde to your computer and use it in GitHub Desktop.
Save gkatev/2f9657970276ff8cb10c1908968dbcde to your computer and use it in GitHub Desktop.
haproxy pem formatted ssl client cert fetch - ssl_c_pem & ssl_c_pem_escaped - like ssl_c_der
local basexx = require("basexx")
core.register_fetches("ssl_c_pem", function(txn)
local der = txn.f:ssl_c_der()
if not der then return "" end
local envelope = "-----BEGIN %s-----\n%s\n-----END %s-----"
local typ = "CERTIFICATE";
local wrap = ('.'):rep(64)
local der64 = basexx.to_base64(der)
local pem = string.format(envelope, typ, der64:gsub(wrap, '%0\n'), typ)
return pem
end)
--[[
Similar to nginx's $ssl_client_escaped_cert? Put together according to
syncthing's discovery server code. (GO's url.QueryEscape) ]]
core.register_fetches("ssl_c_pem_escaped", function(txn)
local der = txn.f:ssl_c_der()
if not der then return "" end
local envelope = "-----BEGIN %s-----\n%s\n-----END %s-----"
local typ = "CERTIFICATE";
local wrap = ('.'):rep(64)
local der64 = basexx.to_base64(der)
local pem = string.format(envelope, typ, der64:gsub(wrap, '%0\n'), typ)
pem = pem:gsub('=', '%%3D')
pem = pem:gsub('\n', '%%0A')
pem = pem:gsub('/', '%%2F')
pem = pem:gsub('+', '%%2B')
pem = pem:gsub(' ', '+')
return pem
end)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment