Version number -> 0.5.

This commit is contained in:
Bruno Silvestre 2014-01-29 18:43:33 -02:00
parent 89375f495a
commit 21aefcf67d
17 changed files with 148 additions and 74 deletions

View File

@ -1,3 +1,39 @@
--------------------------------------------------------------------------------
LuaSec 0.5
------------
LuaSec depends on OpenSSL, and integrates with LuaSocket to make it
easy to add secure connections to any Lua applications or scripts.
This version includes:
* A new certificate (X509) API, which supports:
- Reading the subject (identity) and issuer of the certificate.
- Reading various X509 extensions, including email and dnsName.
- Converting certificates to and from the standard ASCII PEM
format.
- Generating the fingerprint/digest of a certificate (using SHA1,
SHA256 or SHA512).
- Reading the certificate's expiration, serial number, and other
info.
* The ability to get more detailed information from OpenSSL about
why a certificate failed verification, for each certificate in the
chain.
* Flags to force acceptance of invalid certificates, e.g. to allow
the use of self-signed certificates in a Trust On First Use model.
* Flags to control checking CRLs for certificate revocation status.
* Support for ECDH cipher suites.
* An API to get the TLS 'finished' messages used for SASL channel
binding (e.g. the SCRAM PLUS mechanisms).
The work in this release was undertaken by Kim Alvefur, Paul Aurich,
Tobias Markmann, Bruno Silvestre and Matthew Wild.
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
LuaSec 0.4.1 LuaSec 0.4.1
------------ ------------

15
INSTALL
View File

@ -1,6 +1,17 @@
LuaSec 0.4.1 LuaSec 0.5
------------ ------------
* OpenSSL options:
By default, LuaSec 0.5 includes options for OpenSSL 1.0.1e.
If you need to generate the options for a different version of OpenSSL:
$ cd src
$ lua options.lua -g /usr/include/openssl/ssl.h > options.h
--------------------------------------------------------------------------------
* On Linux, BSD, and Mac OS X: * On Linux, BSD, and Mac OS X:
- Edit 'Makefile' - Edit 'Makefile'
@ -15,6 +26,8 @@ LuaSec 0.4.1
- Use 'make install' to install the modules. - Use 'make install' to install the modules.
--------------------------------------------------------------------------------
* On Windows: * On Windows:
- Use the Visual C++ project to compile the library. - Use the Visual C++ project to compile the library.

28
LICENSE
View File

@ -1,5 +1,5 @@
LuaSec 0.4.1 license LuaSec 0.5 license
Copyright (C) 2006-2011 Bruno Silvestre, PUC-Rio Copyright (C) 2006-2013 Bruno Silvestre, UFG
Permission is hereby granted, free of charge, to any person obtaining Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the a copy of this software and associated documentation files (the
@ -19,27 +19,3 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
----------------------------------------------------------------------
LuaSocket 2.0.2 license
Copyright © 2004-2007 Diego Nehab
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

View File

@ -1,28 +1,34 @@
luasec-prosody LuaSec 0.5
====== ==========
This is a (hopefully temporary) fork of LuaSec, an SSL and crypto library for Lua. LuaSec depends on OpenSSL, and integrates with LuaSocket to make it
easy to add secure connections to any Lua applications or scripts.
LuaSec depends on OpenSSL, and integrates with LuaSocket to make it easy to add secure connections to any Lua applications or scripts. This version includes:
This version includes major new work undertaken by the Prosody community to expand LuaSec's capabilities, the changes are not yet available in an official LuaSec release. The additions include:
* A new certificate (X509) API, which supports: * A new certificate (X509) API, which supports:
- Reading the subject (identity) and issuer of the certificate.
- Reading the subject (identity) and issuer of the certificate - Reading various X509 extensions, including email and dnsName.
- Reading various X509 extensions, including email and dnsName - Converting certificates to and from the standard ASCII PEM
- Converting certificates to and from the standard ASCII PEM format format.
- Generating the fingerprint/digest of a certificate (using SHA1, SHA256 or SHA512) - Generating the fingerprint/digest of a certificate (using SHA1,
- Reading the certificate's expiration, serial number, and other info SHA256 or SHA512).
- Reading the certificate's expiration, serial number, and other
info.
* The ability to get more detailed information from OpenSSL about why a certificate failed verification, for each certificate in the chain * The ability to get more detailed information from OpenSSL about
why a certificate failed verification, for each certificate in the
chain.
* Flags to force acceptance of invalid certificates, e.g. to allow the use of self-signed certificates in a Trust On First Use model * Flags to force acceptance of invalid certificates, e.g. to allow
the use of self-signed certificates in a Trust On First Use model.
* Flags to control checking CRLs for certificate revocation status * Flags to control checking CRLs for certificate revocation status.
* Support for ECDH cipher suites * Support for ECDH cipher suites.
* An API to get the TLS 'finished' messages used for SASL channel binding (e.g. the SCRAM PLUS mechanisms) * An API to get the TLS 'finished' messages used for SASL channel
binding (e.g. the SCRAM PLUS mechanisms).
The work in this release was undertaken by Kim Alvefur, Paul Aurich, Tobias Markmann, Bruno Silvestre and Matthew Wild. The work in this release was undertaken by Kim Alvefur, Paul Aurich,
Tobias Markmann, Bruno Silvestre and Matthew Wild.

View File

@ -1,3 +1,9 @@
/*--------------------------------------------------------------------------
* LuaSec 0.5
* Copyright (C) 2006-2014 Bruno Silvestre
*
*--------------------------------------------------------------------------*/
#ifndef LSEC_CONFIG_H #ifndef LSEC_CONFIG_H
#define LSEC_CONFIG_H #define LSEC_CONFIG_H

View File

@ -1,6 +1,9 @@
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2006-2011 Bruno Silvestre *
* Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann,
* Matthew Wild.
* Copyright (C) 2006-2014 Bruno Silvestre.
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/

View File

@ -2,8 +2,8 @@
#define LSEC_CONTEXT_H #define LSEC_CONTEXT_H
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2006-2011 Bruno Silvestre * Copyright (C) 2006-2014 Bruno Silvestre
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/

View File

@ -1,3 +1,9 @@
/*--------------------------------------------------------------------------
* LuaSec 0.5
* Copyright (C) 2006-2014 Bruno Silvestre
*
*--------------------------------------------------------------------------*/
#ifndef LSEC_EC_H #ifndef LSEC_EC_H
#define LSEC_EC_H #define LSEC_EC_H

View File

@ -1,6 +1,6 @@
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
-- LuaSec 0.4.1 -- LuaSec 0.5
-- Copyright (C) 2009-2011 PUC-Rio -- Copyright (C) 2009-2014 PUC-Rio
-- --
-- Author: Pablo Musa -- Author: Pablo Musa
-- Author: Tomas Guisasola -- Author: Tomas Guisasola
@ -22,8 +22,8 @@ local getmetatable = getmetatable
module("ssl.https") module("ssl.https")
_VERSION = "0.4.1" _VERSION = "0.5"
_COPYRIGHT = "LuaSec 0.4.1 - Copyright (C) 2009-2011 PUC-Rio" _COPYRIGHT = "LuaSec 0.5 - Copyright (C) 2009-2014 PUC-Rio"
-- Default settings -- Default settings
PORT = 443 PORT = 443

21
src/luasocket/LICENSE Normal file
View File

@ -0,0 +1,21 @@
LuaSocket 3.0-RC1 license
Copyright (C) 2004-2013 Diego Nehab
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

View File

@ -2,8 +2,8 @@
#define LSEC_OPTIONS_H #define LSEC_OPTIONS_H
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2006-2011 Bruno Silvestre * Copyright (C) 2006-2014 Bruno Silvestre
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/

View File

@ -21,8 +21,8 @@ local function generate(options, version)
#define LSEC_OPTIONS_H #define LSEC_OPTIONS_H
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2006-2011 Bruno Silvestre * Copyright (C) 2006-2014 Bruno Silvestre
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/

View File

@ -1,6 +1,9 @@
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2006-2011 Bruno Silvestre *
* Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann,
* Matthew Wild.
* Copyright (C) 2006-2014 Bruno Silvestre.
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/
@ -652,9 +655,9 @@ static int meth_info(lua_State *L)
static int meth_copyright(lua_State *L) static int meth_copyright(lua_State *L)
{ {
lua_pushstring(L, "LuaSec 0.4.1 - Copyright (C) 2006-2011 Bruno Silvestre" lua_pushstring(L, "LuaSec 0.5 - Copyright (C) 2006-2011 Bruno Silvestre"
#if defined(WITH_LUASOCKET) #if defined(WITH_LUASOCKET)
"\nLuaSocket 2.0.2 - Copyright (C) 2004-2007 Diego Nehab" "\nLuaSocket 3.0-RC1 - Copyright (C) 2004-2013 Diego Nehab"
#endif #endif
); );
return 1; return 1;

View File

@ -2,8 +2,8 @@
#define LSEC_SSL_H #define LSEC_SSL_H
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2006-2011 Bruno Silvestre * Copyright (C) 2006-2014 Bruno Silvestre
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/

View File

@ -1,6 +1,6 @@
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
-- LuaSec 0.4.1 -- LuaSec 0.5
-- Copyright (C) 2006-2011 Bruno Silvestre -- Copyright (C) 2006-2014 Bruno Silvestre
-- --
------------------------------------------------------------------------------ ------------------------------------------------------------------------------

View File

@ -1,6 +1,8 @@
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2012 *
* Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann
* Matthew Wild, Bruno Silvestre.
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/

View File

@ -1,12 +1,14 @@
#ifndef LSEC_X509_H
#define LSEC_X509_H
/*-------------------------------------------------------------------------- /*--------------------------------------------------------------------------
* LuaSec 0.4.1 * LuaSec 0.5
* Copyright (C) 2012 *
* Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann
* Matthew Wild, Bruno Silvestre.
* *
*--------------------------------------------------------------------------*/ *--------------------------------------------------------------------------*/
#ifndef LSEC_X509_H
#define LSEC_X509_H
#include <openssl/x509v3.h> #include <openssl/x509v3.h>
#include <lua.h> #include <lua.h>