03e03140cd
Update version number
2022-07-30 08:41:46 -03:00
8b3b2318d2
Merge pull request #188 from mckaygerhard/patch-1
...
backguard compat for openssl on providers, like LTS linuxes
2022-07-29 11:42:21 -03:00
2c248947df
Adjust some types and casts
2022-07-20 17:52:01 -03:00
f22b3ea609
Code format
2022-07-20 17:39:20 -03:00
c9539bca86
Fix variable shadowing
2022-07-20 17:36:27 -03:00
Герхард PICCORO Lenz McKAY
f9afada3d1
backguard compat for openssl on providers, like LTS linuxes
...
* The commit de393417b7
2022-06-24 01:09:44 -04:00
371abcf718
Add key material export method
2022-06-01 16:26:35 +02:00
3a71559e13
Update version number
2022-04-13 10:35:06 -03:00
3f04fd7529
Removing useless code
2022-04-04 15:48:22 -03:00
65ee83275b
Support passing DANE flags
...
The only flag at the moment is one that disables name checks, which is
needed for certain protocols such as XMPP.
2022-01-01 19:42:09 +01:00
316bea078c
Update version to LuaSec 1.0.2
2021-08-14 10:16:35 -03:00
79bbc0bc3e
Ignore SSL_OP_BIT(n) macro and update option.c #178
2021-08-02 17:02:44 -03:00
8cba350f37
Update the Lua state reference on the selected SSL context after SNI
...
Thanks Kim Alvefur
2021-08-02 16:13:12 -03:00
c1e28e9132
Fix meth_get_{sinagure => signature}_name function name
2021-07-10 12:47:53 +01:00
cdcf5fdb30
Off by one in cert:validat(notafter) #173
2021-06-23 13:35:49 -03:00
bdbc67b188
Move the fix of SSL_get_error() in OpenSSL 1.1.1
...
Moving to lsec_socket_error() coverts better 'errno == 0' with SSL_ERROR_SYSCALL.
2021-05-29 10:11:02 -03:00
d6b2fd7d35
Handle SSL_send SYSCALL error without errno
...
Either intentionaly or due to bug in openssl in some marginal
cases SSL_send reports SYSCALL error whilst errno is set to 0.
This either could mean that SSL_send did not made any system
call or errno were prematurely reset with consequent syscalls.
And in consequence sendraw() is not propagate correct errno
ends up in infinite loop trying to send same data.
Such behaviour was usually observed after third consequential
failed SSL send attempt which application was not aware of.
First send failed with syscall errno 32 (Broken pipe) second
one with SSL error 0x1409e10f (bad length) and lastly next
send attemt results with SYSCALL error and errno 0.
Tested using:
* OpenSSL v1.1.1
* musl v1.1.20 (c50985d5c8e316c5c464f352e79eeebfed1121a9)
* Linux 4.4.60+yocto armv7l
2021-05-21 21:20:19 +03:00
d5df315617
Update version and rockspec
2021-04-26 09:16:05 -03:00
34252fb10a
Set parameter 2 and 3 to none before luaL_buffinit()
2021-04-26 08:37:09 -03:00
4894c2f6a4
Update version number
2021-01-30 10:29:53 -03:00
de393417b7
feature: getsignaturename
2021-01-12 10:49:27 -03:00
63e35c161f
SOCKET_INVALID pushed as integer, not as number
...
winsock define INVALID_SOCKET as (UINT_PTR)(~0)
in win64 it is 0xffffffffffffffff
if pushed by lua_pushnumber, then ssl.core.SOCKET_INVALID is 1.84467440737096E19
tested in win32/64, linux32/64 lua5.1 and lua5.3
2020-03-04 17:05:06 +01:00
43feb51c5e
Update 0.8 -> 0.9
2019-10-31 11:34:27 -03:00
87e51d99ea
Add __close metamethod
2019-10-15 13:25:12 -03:00
7898bd2043
Remove warning from cast.
2019-10-14 10:00:47 -03:00
c810df6839
Cleanup of #if expression
2019-10-13 22:21:05 -03:00
1e2f342006
Using same form to ifdefs
2019-10-13 22:11:55 -03:00
8ef33e33cf
Some adjusts to OpenSSL 1.1.1 with --api=1.1.0
2019-10-13 22:10:03 -03:00
3490d8d1c0
Merge pull request #126 from neheb/master
...
Get rid of some deprecation warnings with OpenSSL 1.1
2019-10-13 19:42:19 -03:00
86c8fa40c9
Merge pull request #134 from neheb/patch-1
...
use $(CC) for LD definition.
2019-10-13 19:11:48 -03:00
4903e2f2c1
Export 'config' table ( #149 )
...
Avoid duplicating variable 'ssl_options'.
2019-10-09 14:49:58 -03:00
c26513f4f7
Special case listing of TLS 1.3 EC curves ( fixes #146 )
2019-08-21 20:58:01 +02:00
f64e660de0
Disable DANE for LibreSSL
2019-07-11 11:19:21 -03:00
8722f83e8f
Fix check for error in DANE functions
2019-07-11 10:20:53 -03:00
a2dcfffcfa
Enable DANE only for OpenSSL 1.1.0 or higher
2019-07-11 10:09:39 -03:00
18fa0118be
Merge pull request #122 from Zash/dane
...
DANE support
2019-07-11 09:50:25 -03:00
daf728fec2
Fix general_name leak in cert:extensions()
...
Thanks to @zeen for identifying and @horazont for providing test
environment.
2019-07-07 23:03:54 +02:00
d6ba8d21da
Update version to 0.8, new rock file
2019-04-16 14:01:52 -03:00
f8b2968e79
Declare variable "key" before use it.
2019-04-16 10:48:15 -03:00
57f2f1363f
Replace LD with CCLD variable
...
When cross compiling, the LD variable typically gets overriden.
2019-04-08 09:45:40 -07:00
1efa37087e
Add 'ciphersuites' property for TLS 1.3
2019-03-22 11:34:33 -03:00
c0cb85d77f
Do not create 'certificates' on 'cfg' if it does not exist
2019-02-26 15:49:51 -03:00
1c3bf23551
Merge pull request #133 from quickdudley/multi-certs
...
Enable multiple SSL certificates
2019-02-26 14:42:47 -03:00
143ccf1323
PR feedback (Data structure)
2019-02-26 10:51:44 +13:00
5e2b27fa71
Merge pull request #132 from ewestbrook/prc-expose-tcp
...
Expose tcp() for use by LuaSocket
2019-02-25 15:25:20 -03:00
ff868e4a06
Enable multiple SSL certificates (issue 27)
2019-02-22 13:42:44 +13:00
79c629956e
Get rid of some deprecation warnings with OpenSSL 1.1
2018-11-20 20:12:39 -08:00
81c38864d4
Fix memory leak in meth_extensions
2018-11-19 16:00:30 +01:00
3f38f0929c
Expose src/https.lua:tcp() for use by e.g. luasocket redirects
2018-10-13 07:31:38 -06:00
6359275c5f
Add support for setting DANE TLSA information
2018-09-29 21:38:18 +02:00
Bruno Silvestre
Bruno Silvestre
Герхард PICCORO Lenz McKAY
Kim Alvefur
Linus Groh
Edvinas Stunžėnas
Bruno Silvestre
Murillo Paula
Petr Kristan
Rosen Penev
Jeremy List
Jonas Schäfer
E. Westbrook