diff --git a/CHANGELOG b/CHANGELOG index 1cb7e79..0a55435 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,7 +1,36 @@ -------------------------------------------------------------------------------- LuaSec 0.6a ------------ -TBD +LuaSec depends on OpenSSL, and integrates with LuaSocket to make it +easy to add secure connections to any Lua applications or scripts. + +Documentation: https://github.com/brunoos/luasec/wiki + +This version includes: + +* Lua 5.2 and 5.3 compatibility + +* Context module: + - Add ctx:checkkey() + +* SSL module: + - Add conn:sni() and conn:getsniname() + +* Context options: + - Add "any" protocol ("sslv23" is deprecated) + +* HTTPS module: + - Using "any" protocol without SSLv2/SSLv3, by default + +* X509 module: + - Human readable IP address + - Add cert:issued() + - Add cert:pubkey() + +* Some bug fixes + + +=> Thanks to everyone who collaborate with LuaSec <= -------------------------------------------------------------------------------- LuaSec 0.5 diff --git a/README.md b/README.md index 1f1b815..524fced 100644 --- a/README.md +++ b/README.md @@ -1,38 +1,32 @@ LuaSec 0.6a ========== -Alpha version to address Lua 5.2 and 5.3 compatibility. - -LuaSec 0.5 -========== - LuaSec depends on OpenSSL, and integrates with LuaSocket to make it easy to add secure connections to any Lua applications or scripts. -This version includes: +Documentation: https://github.com/brunoos/luasec/wiki - * A new certificate (X509) API, which supports: - - Reading the subject (identity) and issuer of the certificate. - - Reading various X509 extensions, including email and dnsName. - - Converting certificates to and from the standard ASCII PEM - format. - - Generating the fingerprint/digest of a certificate (using SHA1, - SHA256 or SHA512). - - Reading the certificate's expiration, serial number, and other - info. +This version includes: - * The ability to get more detailed information from OpenSSL about - why a certificate failed verification, for each certificate in the - chain. - - * Flags to force acceptance of invalid certificates, e.g. to allow - the use of self-signed certificates in a Trust On First Use model. +* Lua 5.2 and 5.3 compatibility - * Flags to control checking CRLs for certificate revocation status. - - * Support for ECDH cipher suites. - - * An API to get the TLS 'finished' messages used for SASL channel - binding (e.g. the SCRAM PLUS mechanisms). +* Context module: + - Add ctx:checkkey() -The work in this release was undertaken by Kim Alvefur, Paul Aurich, -Tobias Markmann, Bruno Silvestre and Matthew Wild. +* SSL module: + - Add conn:sni() and conn:getsniname() + +* Context options: + - Add "any" protocol ("sslv23" is deprecated) + +* HTTPS module: + - Using "any" protocol without SSLv2/SSLv3, by default + +* X509 module: + - Human readable IP address + - Add cert:issued() + - Add cert:pubkey() + +* Some bug fixes + + +=> Thanks to everyone who collaborate with LuaSec <=