diff --git a/CHANGELOG b/CHANGELOG index 4b4867e..f6571d6 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,39 @@ +-------------------------------------------------------------------------------- +LuaSec 0.5 +------------ + +LuaSec depends on OpenSSL, and integrates with LuaSocket to make it +easy to add secure connections to any Lua applications or scripts. + +This version includes: + + * A new certificate (X509) API, which supports: + - Reading the subject (identity) and issuer of the certificate. + - Reading various X509 extensions, including email and dnsName. + - Converting certificates to and from the standard ASCII PEM + format. + - Generating the fingerprint/digest of a certificate (using SHA1, + SHA256 or SHA512). + - Reading the certificate's expiration, serial number, and other + info. + + * The ability to get more detailed information from OpenSSL about + why a certificate failed verification, for each certificate in the + chain. + + * Flags to force acceptance of invalid certificates, e.g. to allow + the use of self-signed certificates in a Trust On First Use model. + + * Flags to control checking CRLs for certificate revocation status. + + * Support for ECDH cipher suites. + + * An API to get the TLS 'finished' messages used for SASL channel + binding (e.g. the SCRAM PLUS mechanisms). + +The work in this release was undertaken by Kim Alvefur, Paul Aurich, +Tobias Markmann, Bruno Silvestre and Matthew Wild. + -------------------------------------------------------------------------------- LuaSec 0.4.1 ------------ diff --git a/INSTALL b/INSTALL index b65aa7e..f5181b1 100644 --- a/INSTALL +++ b/INSTALL @@ -1,6 +1,17 @@ -LuaSec 0.4.1 +LuaSec 0.5 ------------ +* OpenSSL options: + + By default, LuaSec 0.5 includes options for OpenSSL 1.0.1e. + + If you need to generate the options for a different version of OpenSSL: + + $ cd src + $ lua options.lua -g /usr/include/openssl/ssl.h > options.h + +-------------------------------------------------------------------------------- + * On Linux, BSD, and Mac OS X: - Edit 'Makefile' @@ -15,6 +26,8 @@ LuaSec 0.4.1 - Use 'make install' to install the modules. +-------------------------------------------------------------------------------- + * On Windows: - Use the Visual C++ project to compile the library. diff --git a/LICENSE b/LICENSE index ec56917..2f164d9 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,5 @@ -LuaSec 0.4.1 license -Copyright (C) 2006-2011 Bruno Silvestre, PUC-Rio +LuaSec 0.5 license +Copyright (C) 2006-2013 Bruno Silvestre, UFG Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -19,27 +19,3 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - ----------------------------------------------------------------------- - -LuaSocket 2.0.2 license -Copyright © 2004-2007 Diego Nehab - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index 890c9f8..919825a 100644 --- a/README.md +++ b/README.md @@ -1,28 +1,34 @@ -luasec-prosody -====== +LuaSec 0.5 +========== -This is a (hopefully temporary) fork of LuaSec, an SSL and crypto library for Lua. +LuaSec depends on OpenSSL, and integrates with LuaSocket to make it +easy to add secure connections to any Lua applications or scripts. -LuaSec depends on OpenSSL, and integrates with LuaSocket to make it easy to add secure connections to any Lua applications or scripts. - -This version includes major new work undertaken by the Prosody community to expand LuaSec's capabilities, the changes are not yet available in an official LuaSec release. The additions include: +This version includes: * A new certificate (X509) API, which supports: - - - Reading the subject (identity) and issuer of the certificate - - Reading various X509 extensions, including email and dnsName - - Converting certificates to and from the standard ASCII PEM format - - Generating the fingerprint/digest of a certificate (using SHA1, SHA256 or SHA512) - - Reading the certificate's expiration, serial number, and other info + - Reading the subject (identity) and issuer of the certificate. + - Reading various X509 extensions, including email and dnsName. + - Converting certificates to and from the standard ASCII PEM + format. + - Generating the fingerprint/digest of a certificate (using SHA1, + SHA256 or SHA512). + - Reading the certificate's expiration, serial number, and other + info. - * The ability to get more detailed information from OpenSSL about why a certificate failed verification, for each certificate in the chain + * The ability to get more detailed information from OpenSSL about + why a certificate failed verification, for each certificate in the + chain. - * Flags to force acceptance of invalid certificates, e.g. to allow the use of self-signed certificates in a Trust On First Use model + * Flags to force acceptance of invalid certificates, e.g. to allow + the use of self-signed certificates in a Trust On First Use model. - * Flags to control checking CRLs for certificate revocation status - - * Support for ECDH cipher suites - - * An API to get the TLS 'finished' messages used for SASL channel binding (e.g. the SCRAM PLUS mechanisms) + * Flags to control checking CRLs for certificate revocation status. + + * Support for ECDH cipher suites. + + * An API to get the TLS 'finished' messages used for SASL channel + binding (e.g. the SCRAM PLUS mechanisms). -The work in this release was undertaken by Kim Alvefur, Paul Aurich, Tobias Markmann, Bruno Silvestre and Matthew Wild. +The work in this release was undertaken by Kim Alvefur, Paul Aurich, +Tobias Markmann, Bruno Silvestre and Matthew Wild. diff --git a/src/config.h b/src/config.h index 0e1b5e7..43fe5e2 100644 --- a/src/config.h +++ b/src/config.h @@ -1,3 +1,9 @@ +/*-------------------------------------------------------------------------- + * LuaSec 0.5 + * Copyright (C) 2006-2014 Bruno Silvestre + * + *--------------------------------------------------------------------------*/ + #ifndef LSEC_CONFIG_H #define LSEC_CONFIG_H diff --git a/src/context.c b/src/context.c index 1afebaa..cafc222 100644 --- a/src/context.c +++ b/src/context.c @@ -1,6 +1,9 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2006-2011 Bruno Silvestre + * LuaSec 0.5 + * + * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann, + * Matthew Wild. + * Copyright (C) 2006-2014 Bruno Silvestre. * *--------------------------------------------------------------------------*/ diff --git a/src/context.h b/src/context.h index 2ad322f..293f615 100644 --- a/src/context.h +++ b/src/context.h @@ -2,8 +2,8 @@ #define LSEC_CONTEXT_H /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2006-2011 Bruno Silvestre + * LuaSec 0.5 + * Copyright (C) 2006-2014 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff --git a/src/ec.h b/src/ec.h index e343c4c..921359e 100644 --- a/src/ec.h +++ b/src/ec.h @@ -1,3 +1,9 @@ +/*-------------------------------------------------------------------------- + * LuaSec 0.5 + * Copyright (C) 2006-2014 Bruno Silvestre + * + *--------------------------------------------------------------------------*/ + #ifndef LSEC_EC_H #define LSEC_EC_H diff --git a/src/https.lua b/src/https.lua index 00a7e5b..bdfc17d 100644 --- a/src/https.lua +++ b/src/https.lua @@ -1,6 +1,6 @@ ---------------------------------------------------------------------------- --- LuaSec 0.4.1 --- Copyright (C) 2009-2011 PUC-Rio +-- LuaSec 0.5 +-- Copyright (C) 2009-2014 PUC-Rio -- -- Author: Pablo Musa -- Author: Tomas Guisasola @@ -22,8 +22,8 @@ local getmetatable = getmetatable module("ssl.https") -_VERSION = "0.4.1" -_COPYRIGHT = "LuaSec 0.4.1 - Copyright (C) 2009-2011 PUC-Rio" +_VERSION = "0.5" +_COPYRIGHT = "LuaSec 0.5 - Copyright (C) 2009-2014 PUC-Rio" -- Default settings PORT = 443 diff --git a/src/luasocket/LICENSE b/src/luasocket/LICENSE new file mode 100644 index 0000000..eadb747 --- /dev/null +++ b/src/luasocket/LICENSE @@ -0,0 +1,21 @@ +LuaSocket 3.0-RC1 license +Copyright (C) 2004-2013 Diego Nehab + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/src/options.h b/src/options.h index fade1e6..57fb934 100644 --- a/src/options.h +++ b/src/options.h @@ -2,8 +2,8 @@ #define LSEC_OPTIONS_H /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2006-2011 Bruno Silvestre + * LuaSec 0.5 + * Copyright (C) 2006-2014 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff --git a/src/options.lua b/src/options.lua index 6669db8..26c49c4 100644 --- a/src/options.lua +++ b/src/options.lua @@ -21,8 +21,8 @@ local function generate(options, version) #define LSEC_OPTIONS_H /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2006-2011 Bruno Silvestre + * LuaSec 0.5 + * Copyright (C) 2006-2014 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff --git a/src/ssl.c b/src/ssl.c index 4fe2599..2fa6ede 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1,6 +1,9 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2006-2011 Bruno Silvestre + * LuaSec 0.5 + * + * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann, + * Matthew Wild. + * Copyright (C) 2006-2014 Bruno Silvestre. * *--------------------------------------------------------------------------*/ @@ -652,9 +655,9 @@ static int meth_info(lua_State *L) static int meth_copyright(lua_State *L) { - lua_pushstring(L, "LuaSec 0.4.1 - Copyright (C) 2006-2011 Bruno Silvestre" + lua_pushstring(L, "LuaSec 0.5 - Copyright (C) 2006-2011 Bruno Silvestre" #if defined(WITH_LUASOCKET) - "\nLuaSocket 2.0.2 - Copyright (C) 2004-2007 Diego Nehab" + "\nLuaSocket 3.0-RC1 - Copyright (C) 2004-2013 Diego Nehab" #endif ); return 1; diff --git a/src/ssl.h b/src/ssl.h index 5d381ce..b357196 100644 --- a/src/ssl.h +++ b/src/ssl.h @@ -2,8 +2,8 @@ #define LSEC_SSL_H /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2006-2011 Bruno Silvestre + * LuaSec 0.5 + * Copyright (C) 2006-2014 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff --git a/src/ssl.lua b/src/ssl.lua index 6adf1d0..64f805b 100644 --- a/src/ssl.lua +++ b/src/ssl.lua @@ -1,6 +1,6 @@ ------------------------------------------------------------------------------ --- LuaSec 0.4.1 --- Copyright (C) 2006-2011 Bruno Silvestre +-- LuaSec 0.5 +-- Copyright (C) 2006-2014 Bruno Silvestre -- ------------------------------------------------------------------------------ diff --git a/src/x509.c b/src/x509.c index 18411c7..5e7a1dd 100644 --- a/src/x509.c +++ b/src/x509.c @@ -1,6 +1,8 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2012 + * LuaSec 0.5 + * + * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann + * Matthew Wild, Bruno Silvestre. * *--------------------------------------------------------------------------*/ diff --git a/src/x509.h b/src/x509.h index 8a65ced..2b32cdd 100644 --- a/src/x509.h +++ b/src/x509.h @@ -1,12 +1,14 @@ -#ifndef LSEC_X509_H -#define LSEC_X509_H - /*-------------------------------------------------------------------------- - * LuaSec 0.4.1 - * Copyright (C) 2012 + * LuaSec 0.5 + * + * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann + * Matthew Wild, Bruno Silvestre. * *--------------------------------------------------------------------------*/ +#ifndef LSEC_X509_H +#define LSEC_X509_H + #include #include