Export 'config' table (#149)

Avoid duplicating variable 'ssl_options'.
2019-10-09 14:49:58 -03:00 · 2019-10-09 14:49:58 -03:00 · 4903e2f2c1
parent 2480572bdf
commit 4903e2f2c1
10 changed files with 197 additions and 179 deletions
--- a/4
+++ b/4
@ -3,12 +3,12 @@ LuaSec 0.8

 * OpenSSL options:

-    By default, LuaSec 0.8 includes options for OpenSSL 1.1.0g.
+    By default, LuaSec 0.8 includes options for OpenSSL 1.1.1.

    If you need to generate the options for a different version of OpenSSL:

      $ cd src
-      $ lua options.lua -g /usr/include/openssl/ssl.h > options.h
+      $ lua options.lua -g /usr/include/openssl/ssl.h > options.c

 --------------------------------------------------------------------------------

--- a/luasec-0.8-1.rockspec
+++ b/luasec-0.8-1.rockspec
@ -58,7 +58,7 @@ build = {
                  "ssl", "crypto"
               },
               sources = {
-                  "src/config.c", "src/ec.c", 
+                  "src/options.c", "src/config.c", "src/ec.c", 
                  "src/x509.c", "src/context.c", "src/ssl.c", 
                  "src/luasocket/buffer.c", "src/luasocket/io.c",
                  "src/luasocket/timeout.c", "src/luasocket/usocket.c"
@ -93,7 +93,7 @@ build = {
                  "$(OPENSSL_INCDIR)", "src/", "src/luasocket"
               },
               sources = {
-                  "src/config.c", "src/ec.c", 
+                  "src/options.c", "src/config.c", "src/ec.c", 
                  "src/x509.c", "src/context.c", "src/ssl.c", 
                  "src/luasocket/buffer.c", "src/luasocket/io.c",
                  "src/luasocket/timeout.c", "src/luasocket/wsocket.c"
--- a/luasec.vcxproj
+++ b/luasec.vcxproj
@ -107,6 +107,7 @@
    <ClCompile Include="src\luasocket\io.c" />
    <ClCompile Include="src\luasocket\timeout.c" />
    <ClCompile Include="src\luasocket\wsocket.c" />
+    <ClCompile Include="src\options.c" />
    <ClCompile Include="src\ssl.c" />
    <ClCompile Include="src\x509.c" />
  </ItemGroup>
@ -127,4 +128,4 @@
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
  <ImportGroup Label="ExtensionTargets">
  </ImportGroup>
-</Project>
+</Project>
--- a/src/Makefile
+++ b/src/Makefile
@ -2,6 +2,7 @@ CMOD=ssl.so
 LMOD=ssl.lua

 OBJS= \
+ options.o \
 x509.o    \
 context.o \
 ssl.o     \
@ -57,8 +58,9 @@ clean:
 	cd luasocket && $(MAKE) clean
 	rm -f $(OBJS) $(CMOD)

+options.o: options.h options.c
 ec.o: ec.c ec.h
 x509.o: x509.c x509.h compat.h
-context.o: context.c context.h ec.h compat.h
+context.o: context.c context.h ec.h compat.h options.h
 ssl.o: ssl.c ssl.h context.h x509.h compat.h
 config.o: config.c ec.h options.h compat.h
--- a/src/config.c
+++ b/src/config.c
@ -14,14 +14,14 @@
 */
 LSEC_API int luaopen_ssl_config(lua_State *L)
 {
-  ssl_option_t *opt;
+  lsec_ssl_option_t *opt;

  lua_newtable(L);

  // Options
  lua_pushstring(L, "options");
  lua_newtable(L);
-  for (opt = ssl_options; opt->name; opt++) {
+  for (opt = lsec_get_ssl_options(); opt->name; opt++) {
    lua_pushstring(L, opt->name);
    lua_pushboolean(L, 1);
    lua_rawset(L, -3);
--- a/src/context.c
+++ b/src/context.c
@ -50,8 +50,8 @@ static p_context testctx(lua_State *L, int idx)
 */
 static int set_option_flag(const char *opt, unsigned long *flag)
 {
-  ssl_option_t *p;
-  for (p = ssl_options; p->name; p++) {
+  lsec_ssl_option_t *p;
+  for (p = lsec_get_ssl_options(); p->name; p++) {
    if (!strcmp(opt, p->name)) {
      *flag |= p->code;
      return 1;
--- a/src/options.c
+++ b/src/options.c
@ -0,0 +1,167 @@
+/*--------------------------------------------------------------------------
+ * LuaSec 0.8
+ *
+ * Copyright (C) 2006-2019 Bruno Silvestre
+ *
+ *--------------------------------------------------------------------------*/
+
+#include <openssl/ssl.h>
+
+#include "options.h"
+
+/* If you need to generate these options again, see options.lua */
+
+
+/* 
+  OpenSSL version: OpenSSL 1.1.1
+*/
+
+static lsec_ssl_option_t ssl_options[] = {
+#if defined(SSL_OP_ALL)
+  {"all", SSL_OP_ALL},
+#endif
+#if defined(SSL_OP_ALLOW_NO_DHE_KEX)
+  {"allow_no_dhe_kex", SSL_OP_ALLOW_NO_DHE_KEX},
+#endif
+#if defined(SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)
+  {"allow_unsafe_legacy_renegotiation", SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION},
+#endif
+#if defined(SSL_OP_CIPHER_SERVER_PREFERENCE)
+  {"cipher_server_preference", SSL_OP_CIPHER_SERVER_PREFERENCE},
+#endif
+#if defined(SSL_OP_CISCO_ANYCONNECT)
+  {"cisco_anyconnect", SSL_OP_CISCO_ANYCONNECT},
+#endif
+#if defined(SSL_OP_COOKIE_EXCHANGE)
+  {"cookie_exchange", SSL_OP_COOKIE_EXCHANGE},
+#endif
+#if defined(SSL_OP_CRYPTOPRO_TLSEXT_BUG)
+  {"cryptopro_tlsext_bug", SSL_OP_CRYPTOPRO_TLSEXT_BUG},
+#endif
+#if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
+  {"dont_insert_empty_fragments", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
+#endif
+#if defined(SSL_OP_ENABLE_MIDDLEBOX_COMPAT)
+  {"enable_middlebox_compat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT},
+#endif
+#if defined(SSL_OP_EPHEMERAL_RSA)
+  {"ephemeral_rsa", SSL_OP_EPHEMERAL_RSA},
+#endif
+#if defined(SSL_OP_LEGACY_SERVER_CONNECT)
+  {"legacy_server_connect", SSL_OP_LEGACY_SERVER_CONNECT},
+#endif
+#if defined(SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+  {"microsoft_big_sslv3_buffer", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER},
+#endif
+#if defined(SSL_OP_MICROSOFT_SESS_ID_BUG)
+  {"microsoft_sess_id_bug", SSL_OP_MICROSOFT_SESS_ID_BUG},
+#endif
+#if defined(SSL_OP_MSIE_SSLV2_RSA_PADDING)
+  {"msie_sslv2_rsa_padding", SSL_OP_MSIE_SSLV2_RSA_PADDING},
+#endif
+#if defined(SSL_OP_NETSCAPE_CA_DN_BUG)
+  {"netscape_ca_dn_bug", SSL_OP_NETSCAPE_CA_DN_BUG},
+#endif
+#if defined(SSL_OP_NETSCAPE_CHALLENGE_BUG)
+  {"netscape_challenge_bug", SSL_OP_NETSCAPE_CHALLENGE_BUG},
+#endif
+#if defined(SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
+  {"netscape_demo_cipher_change_bug", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG},
+#endif
+#if defined(SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
+  {"netscape_reuse_cipher_change_bug", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG},
+#endif
+#if defined(SSL_OP_NO_ANTI_REPLAY)
+  {"no_anti_replay", SSL_OP_NO_ANTI_REPLAY},
+#endif
+#if defined(SSL_OP_NO_COMPRESSION)
+  {"no_compression", SSL_OP_NO_COMPRESSION},
+#endif
+#if defined(SSL_OP_NO_DTLS_MASK)
+  {"no_dtls_mask", SSL_OP_NO_DTLS_MASK},
+#endif
+#if defined(SSL_OP_NO_DTLSv1)
+  {"no_dtlsv1", SSL_OP_NO_DTLSv1},
+#endif
+#if defined(SSL_OP_NO_DTLSv1_2)
+  {"no_dtlsv1_2", SSL_OP_NO_DTLSv1_2},
+#endif
+#if defined(SSL_OP_NO_ENCRYPT_THEN_MAC)
+  {"no_encrypt_then_mac", SSL_OP_NO_ENCRYPT_THEN_MAC},
+#endif
+#if defined(SSL_OP_NO_QUERY_MTU)
+  {"no_query_mtu", SSL_OP_NO_QUERY_MTU},
+#endif
+#if defined(SSL_OP_NO_RENEGOTIATION)
+  {"no_renegotiation", SSL_OP_NO_RENEGOTIATION},
+#endif
+#if defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)
+  {"no_session_resumption_on_renegotiation", SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION},
+#endif
+#if defined(SSL_OP_NO_SSL_MASK)
+  {"no_ssl_mask", SSL_OP_NO_SSL_MASK},
+#endif
+#if defined(SSL_OP_NO_SSLv2)
+  {"no_sslv2", SSL_OP_NO_SSLv2},
+#endif
+#if defined(SSL_OP_NO_SSLv3)
+  {"no_sslv3", SSL_OP_NO_SSLv3},
+#endif
+#if defined(SSL_OP_NO_TICKET)
+  {"no_ticket", SSL_OP_NO_TICKET},
+#endif
+#if defined(SSL_OP_NO_TLSv1)
+  {"no_tlsv1", SSL_OP_NO_TLSv1},
+#endif
+#if defined(SSL_OP_NO_TLSv1_1)
+  {"no_tlsv1_1", SSL_OP_NO_TLSv1_1},
+#endif
+#if defined(SSL_OP_NO_TLSv1_2)
+  {"no_tlsv1_2", SSL_OP_NO_TLSv1_2},
+#endif
+#if defined(SSL_OP_NO_TLSv1_3)
+  {"no_tlsv1_3", SSL_OP_NO_TLSv1_3},
+#endif
+#if defined(SSL_OP_PKCS1_CHECK_1)
+  {"pkcs1_check_1", SSL_OP_PKCS1_CHECK_1},
+#endif
+#if defined(SSL_OP_PKCS1_CHECK_2)
+  {"pkcs1_check_2", SSL_OP_PKCS1_CHECK_2},
+#endif
+#if defined(SSL_OP_PRIORITIZE_CHACHA)
+  {"prioritize_chacha", SSL_OP_PRIORITIZE_CHACHA},
+#endif
+#if defined(SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
+  {"safari_ecdhe_ecdsa_bug", SSL_OP_SAFARI_ECDHE_ECDSA_BUG},
+#endif
+#if defined(SSL_OP_SINGLE_DH_USE)
+  {"single_dh_use", SSL_OP_SINGLE_DH_USE},
+#endif
+#if defined(SSL_OP_SINGLE_ECDH_USE)
+  {"single_ecdh_use", SSL_OP_SINGLE_ECDH_USE},
+#endif
+#if defined(SSL_OP_SSLEAY_080_CLIENT_DH_BUG)
+  {"ssleay_080_client_dh_bug", SSL_OP_SSLEAY_080_CLIENT_DH_BUG},
+#endif
+#if defined(SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)
+  {"sslref2_reuse_cert_type_bug", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG},
+#endif
+#if defined(SSL_OP_TLSEXT_PADDING)
+  {"tlsext_padding", SSL_OP_TLSEXT_PADDING},
+#endif
+#if defined(SSL_OP_TLS_BLOCK_PADDING_BUG)
+  {"tls_block_padding_bug", SSL_OP_TLS_BLOCK_PADDING_BUG},
+#endif
+#if defined(SSL_OP_TLS_D5_BUG)
+  {"tls_d5_bug", SSL_OP_TLS_D5_BUG},
+#endif
+#if defined(SSL_OP_TLS_ROLLBACK_BUG)
+  {"tls_rollback_bug", SSL_OP_TLS_ROLLBACK_BUG},
+#endif
+  {NULL, 0L}
+};
+
+LSEC_API lsec_ssl_option_t* lsec_get_ssl_options() {
+  return ssl_options;
+}
+
--- a/src/options.h
+++ b/src/options.h
@ -8,164 +8,15 @@
 *
 *--------------------------------------------------------------------------*/

-#include <openssl/ssl.h>
+#include "compat.h"

-/* If you need to generate these options again, see options.lua */
-
-/* 
-  OpenSSL version: OpenSSL 1.1.1b
-*/
-
-struct ssl_option_s {
+struct lsec_ssl_option_s {
  const char *name;
  unsigned long code;
 };
-typedef struct ssl_option_s ssl_option_t;

-static ssl_option_t ssl_options[] = {
-#if defined(SSL_OP_ALL)
-  {"all", SSL_OP_ALL},
-#endif
-#if defined(SSL_OP_ALLOW_NO_DHE_KEX)
-  {"allow_no_dhe_kex", SSL_OP_ALLOW_NO_DHE_KEX},
-#endif
-#if defined(SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)
-  {"allow_unsafe_legacy_renegotiation", SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION},
-#endif
-#if defined(SSL_OP_CIPHER_SERVER_PREFERENCE)
-  {"cipher_server_preference", SSL_OP_CIPHER_SERVER_PREFERENCE},
-#endif
-#if defined(SSL_OP_CISCO_ANYCONNECT)
-  {"cisco_anyconnect", SSL_OP_CISCO_ANYCONNECT},
-#endif
-#if defined(SSL_OP_COOKIE_EXCHANGE)
-  {"cookie_exchange", SSL_OP_COOKIE_EXCHANGE},
-#endif
-#if defined(SSL_OP_CRYPTOPRO_TLSEXT_BUG)
-  {"cryptopro_tlsext_bug", SSL_OP_CRYPTOPRO_TLSEXT_BUG},
-#endif
-#if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
-  {"dont_insert_empty_fragments", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
-#endif
-#if defined(SSL_OP_ENABLE_MIDDLEBOX_COMPAT)
-  {"enable_middlebox_compat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT},
-#endif
-#if defined(SSL_OP_EPHEMERAL_RSA)
-  {"ephemeral_rsa", SSL_OP_EPHEMERAL_RSA},
-#endif
-#if defined(SSL_OP_LEGACY_SERVER_CONNECT)
-  {"legacy_server_connect", SSL_OP_LEGACY_SERVER_CONNECT},
-#endif
-#if defined(SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-  {"microsoft_big_sslv3_buffer", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER},
-#endif
-#if defined(SSL_OP_MICROSOFT_SESS_ID_BUG)
-  {"microsoft_sess_id_bug", SSL_OP_MICROSOFT_SESS_ID_BUG},
-#endif
-#if defined(SSL_OP_MSIE_SSLV2_RSA_PADDING)
-  {"msie_sslv2_rsa_padding", SSL_OP_MSIE_SSLV2_RSA_PADDING},
-#endif
-#if defined(SSL_OP_NETSCAPE_CA_DN_BUG)
-  {"netscape_ca_dn_bug", SSL_OP_NETSCAPE_CA_DN_BUG},
-#endif
-#if defined(SSL_OP_NETSCAPE_CHALLENGE_BUG)
-  {"netscape_challenge_bug", SSL_OP_NETSCAPE_CHALLENGE_BUG},
-#endif
-#if defined(SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
-  {"netscape_demo_cipher_change_bug", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG},
-#endif
-#if defined(SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
-  {"netscape_reuse_cipher_change_bug", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG},
-#endif
-#if defined(SSL_OP_NO_ANTI_REPLAY)
-  {"no_anti_replay", SSL_OP_NO_ANTI_REPLAY},
-#endif
-#if defined(SSL_OP_NO_COMPRESSION)
-  {"no_compression", SSL_OP_NO_COMPRESSION},
-#endif
-#if defined(SSL_OP_NO_DTLS_MASK)
-  {"no_dtls_mask", SSL_OP_NO_DTLS_MASK},
-#endif
-#if defined(SSL_OP_NO_DTLSv1)
-  {"no_dtlsv1", SSL_OP_NO_DTLSv1},
-#endif
-#if defined(SSL_OP_NO_DTLSv1_2)
-  {"no_dtlsv1_2", SSL_OP_NO_DTLSv1_2},
-#endif
-#if defined(SSL_OP_NO_ENCRYPT_THEN_MAC)
-  {"no_encrypt_then_mac", SSL_OP_NO_ENCRYPT_THEN_MAC},
-#endif
-#if defined(SSL_OP_NO_QUERY_MTU)
-  {"no_query_mtu", SSL_OP_NO_QUERY_MTU},
-#endif
-#if defined(SSL_OP_NO_RENEGOTIATION)
-  {"no_renegotiation", SSL_OP_NO_RENEGOTIATION},
-#endif
-#if defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)
-  {"no_session_resumption_on_renegotiation", SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION},
-#endif
-#if defined(SSL_OP_NO_SSL_MASK)
-  {"no_ssl_mask", SSL_OP_NO_SSL_MASK},
-#endif
-#if defined(SSL_OP_NO_SSLv2)
-  {"no_sslv2", SSL_OP_NO_SSLv2},
-#endif
-#if defined(SSL_OP_NO_SSLv3)
-  {"no_sslv3", SSL_OP_NO_SSLv3},
-#endif
-#if defined(SSL_OP_NO_TICKET)
-  {"no_ticket", SSL_OP_NO_TICKET},
-#endif
-#if defined(SSL_OP_NO_TLSv1)
-  {"no_tlsv1", SSL_OP_NO_TLSv1},
-#endif
-#if defined(SSL_OP_NO_TLSv1_1)
-  {"no_tlsv1_1", SSL_OP_NO_TLSv1_1},
-#endif
-#if defined(SSL_OP_NO_TLSv1_2)
-  {"no_tlsv1_2", SSL_OP_NO_TLSv1_2},
-#endif
-#if defined(SSL_OP_NO_TLSv1_3)
-  {"no_tlsv1_3", SSL_OP_NO_TLSv1_3},
-#endif
-#if defined(SSL_OP_PKCS1_CHECK_1)
-  {"pkcs1_check_1", SSL_OP_PKCS1_CHECK_1},
-#endif
-#if defined(SSL_OP_PKCS1_CHECK_2)
-  {"pkcs1_check_2", SSL_OP_PKCS1_CHECK_2},
-#endif
-#if defined(SSL_OP_PRIORITIZE_CHACHA)
-  {"prioritize_chacha", SSL_OP_PRIORITIZE_CHACHA},
-#endif
-#if defined(SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
-  {"safari_ecdhe_ecdsa_bug", SSL_OP_SAFARI_ECDHE_ECDSA_BUG},
-#endif
-#if defined(SSL_OP_SINGLE_DH_USE)
-  {"single_dh_use", SSL_OP_SINGLE_DH_USE},
-#endif
-#if defined(SSL_OP_SINGLE_ECDH_USE)
-  {"single_ecdh_use", SSL_OP_SINGLE_ECDH_USE},
-#endif
-#if defined(SSL_OP_SSLEAY_080_CLIENT_DH_BUG)
-  {"ssleay_080_client_dh_bug", SSL_OP_SSLEAY_080_CLIENT_DH_BUG},
-#endif
-#if defined(SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)
-  {"sslref2_reuse_cert_type_bug", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG},
-#endif
-#if defined(SSL_OP_TLSEXT_PADDING)
-  {"tlsext_padding", SSL_OP_TLSEXT_PADDING},
-#endif
-#if defined(SSL_OP_TLS_BLOCK_PADDING_BUG)
-  {"tls_block_padding_bug", SSL_OP_TLS_BLOCK_PADDING_BUG},
-#endif
-#if defined(SSL_OP_TLS_D5_BUG)
-  {"tls_d5_bug", SSL_OP_TLS_D5_BUG},
-#endif
-#if defined(SSL_OP_TLS_ROLLBACK_BUG)
-  {"tls_rollback_bug", SSL_OP_TLS_ROLLBACK_BUG},
-#endif
-  {NULL, 0L}
-};
+typedef struct lsec_ssl_option_s lsec_ssl_option_t;
+
+LSEC_API lsec_ssl_option_t* lsec_get_ssl_options();

 #endif
-
--- a/src/options.lua
+++ b/src/options.lua
@ -1,10 +1,10 @@
 local function usage()
  print("Usage:")
  print("* Generate options of your system:")
-  print("  lua options.lua -g /path/to/ssl.h [version] > options.h")
+  print("  lua options.lua -g /path/to/ssl.h [version] > options.c")
  print("* Examples:")
-  print("  lua options.lua -g /usr/include/openssl/ssl.h > options.h\n")
-  print("  lua options.lua -g /usr/include/openssl/ssl.h \"OpenSSL 1.0.1 14\" > options.h\n")
+  print("  lua options.lua -g /usr/include/openssl/ssl.h > options.c\n")
+  print("  lua options.lua -g /usr/include/openssl/ssl.h \"OpenSSL 1.0.1 14\" > options.c\n")

  print("* List options of your system:")
  print("  lua options.lua -l /path/to/ssl.h\n")
@ -17,9 +17,6 @@ end

 local function generate(options, version)
  print([[
-#ifndef LSEC_OPTIONS_H
-#define LSEC_OPTIONS_H
-
 /*--------------------------------------------------------------------------
 * LuaSec 0.8
 *
@ -29,22 +26,19 @@ local function generate(options, version)

 #include <openssl/ssl.h>

+#include "options.h"
+
 /* If you need to generate these options again, see options.lua */
+
 ]])
+
  printf([[
 /* 
  OpenSSL version: %s
 */
 ]], version)
-  print([[
-struct ssl_option_s {
-  const char *name;
-  unsigned long code;
-};
-typedef struct ssl_option_s ssl_option_t;
-]])

-  print([[static ssl_option_t ssl_options[] = {]])
+  print([[static lsec_ssl_option_t ssl_options[] = {]])

  for k, option in ipairs(options) do
    local name = string.lower(string.sub(option, 8))
@ -56,7 +50,9 @@ typedef struct ssl_option_s ssl_option_t;
  print([[
 };

-#endif
+LSEC_API lsec_ssl_option_t* lsec_get_ssl_options() {
+  return ssl_options;
+}
 ]])
 end

--- a/src/ssl.lua
+++ b/src/ssl.lua
@ -273,6 +273,7 @@ core.setmethod("info", info)
 local _M = {
  _VERSION        = "0.8",
  _COPYRIGHT      = core.copyright(),
+  config          = config,
  loadcertificate = x509.load,
  newcontext      = newcontext,
  wrap            = wrap,