Commit Graph

278 Commits

Author SHA1 Message Date
0f0e07eb41 usocket.c: place EAI_OVERFLOW inside macro, unbreak build on <10.7 2023-04-09 20:20:36 +08:00
fddde111f7 Release 1.3.1 v1.3.1 2023-03-19 11:55:08 -03:00
6405645155 Check if PSK is available 2023-03-19 11:48:56 -03:00
e01c6e63cd Fix: check if PSK is available 2023-03-19 11:43:09 -03:00
c297c5204c Update version number v1.3.0 2023-03-14 10:43:47 -03:00
e42bc358e2 Remove Windows libraries sufix 2023-03-14 10:42:51 -03:00
f72457bbf9 Remove Windows libraries sufix 2023-03-14 10:37:42 -03:00
361813c0da Update options to OpenSSL 3.0.8 2023-03-14 09:36:06 -03:00
e53caaad73 Merge branch 'tls-psk' into dev 2023-02-20 09:57:04 -03:00
0e669f6c82 Add identity hint to PSK 2023-02-19 08:56:24 -03:00
c3f12b8c4d Use lua_tolstring instead luaL_checklstring 2023-02-16 22:07:55 -03:00
38bb3edfb4 Fix checklstring, pop(3), identity_len 2023-02-16 11:27:52 -03:00
50431ed511 Fix identity indexing 2023-02-16 10:53:41 -03:00
b321ba8fab Fix PSK samples 2023-02-16 10:52:05 -03:00
6708ccc381 Do not wrap the PSK callbacks 2023-02-16 10:37:59 -03:00
4f28db9f53 Format 2023-02-16 10:31:06 -03:00
dd8ba1fc92 Fix PSK client callback 2023-02-16 10:28:34 -03:00
9b09c93249 Return '0' from callback on size error 2023-02-16 10:13:54 -03:00
0f793b73c0 Format 2023-02-16 09:43:44 -03:00
7b60dc4794 Fix psk_len type, do not check string again 2023-02-16 09:41:35 -03:00
4f6aec07f6 Return the value from Lua's callback, fixes 2023-02-16 09:37:09 -03:00
c87fe7d5ea Do not need two PSK registry 2023-02-16 09:33:29 -03:00
842380caf6 feat: tls-psk 2023-02-16 09:52:18 +09:00
b47bfff382 Some minor adjusts in parameters and script 2022-12-12 18:19:37 -03:00
480aef1626 Merge pull request #192 from mwild1/conn-local-cert-methods
ssl: Add :getlocalchain() + :getlocalcertificate() to mirror peer methods
2022-10-06 16:48:57 -03:00
4cecbb2783 ssl: Add :getlocalchain() + :getlocalcertificate() to mirror the peer methods
These methods mirror the existing methods that fetch the peer certificate and
chain. Due to various factors (SNI, multiple key types, etc.) it is not always
trivial for an application to determine what certificate was presented to the
client. However there are various use-cases where this is needed, such as
tls-server-end-point channel binding and OCSP stapling.

Requires OpenSSL 1.0.2+ (note: SSL_get_certificate() has existed for a very
long time, but was lacking documentation until OpenSSL 3.0).
2022-09-21 18:40:10 +01:00
d9215ee00f Update rockspec v1.2.0 2022-07-30 08:42:53 -03:00
03e03140cd Update version number 2022-07-30 08:41:46 -03:00
8b3b2318d2 Merge pull request #188 from mckaygerhard/patch-1
backguard compat for openssl on providers, like LTS linuxes
2022-07-29 11:42:21 -03:00
2c248947df Adjust some types and casts 2022-07-20 17:52:01 -03:00
f22b3ea609 Code format 2022-07-20 17:39:20 -03:00
c9539bca86 Fix variable shadowing 2022-07-20 17:36:27 -03:00
afb2d44b0e Merge pull request #187 from Zash/exporter
Add key material export method
2022-07-20 17:32:02 -03:00
f9afada3d1 backguard compat for openssl on providers, like LTS linuxes
* The commit de393417b7 introduces high dependency due raices requirement to openssl 1.1.0l+
* The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.
* This patch makes luasec runs on all kind of embebed systems that cannot be upgraded due vendors limitations
2022-06-24 01:09:44 -04:00
371abcf718 Add key material export method 2022-06-01 16:26:35 +02:00
df27c62f4c Update source protocol on rockspec v1.1.0 2022-04-13 10:46:36 -03:00
09691fe782 Update rockspec 2022-04-13 10:38:18 -03:00
3a71559e13 Update version number 2022-04-13 10:35:06 -03:00
3f04fd7529 Removing useless code 2022-04-04 15:48:22 -03:00
d7161ca026 Merge pull request #179 from Zash/dane_no_hostname
Support passing DANE flags
2022-01-05 09:35:10 -03:00
65ee83275b Support passing DANE flags
The only flag at the moment is one that disables name checks, which is
needed for certain protocols such as XMPP.
2022-01-01 19:42:09 +01:00
ef14b27a2c Update CHANGELOG v1.0.2 2021-08-14 10:28:09 -03:00
316bea078c Update version to LuaSec 1.0.2 2021-08-14 10:16:35 -03:00
79bbc0bc3e Ignore SSL_OP_BIT(n) macro and update option.c #178 2021-08-02 17:02:44 -03:00
8cba350f37 Update the Lua state reference on the selected SSL context after SNI
Thanks Kim Alvefur
2021-08-02 16:13:12 -03:00
eedebb2477 Merge pull request #176 from linusg/fix-method-name
Fix meth_get_{sinagure => signature}_name function name
2021-07-14 13:05:09 -03:00
c1e28e9132 Fix meth_get_{sinagure => signature}_name function name 2021-07-10 12:47:53 +01:00
cdcf5fdb30 Off by one in cert:validat(notafter) #173 2021-06-23 13:35:49 -03:00
bdbc67b188 Move the fix of SSL_get_error() in OpenSSL 1.1.1
Moving to lsec_socket_error() coverts better 'errno == 0' with SSL_ERROR_SYSCALL.
2021-05-29 10:11:02 -03:00
359151144b Merge pull request #172 from edzius/master
Handle SSL_send SYSCALL error without errno
https://www.openssl.org/docs/man1.1.1/man3/SSL_get_error.html
2021-05-29 09:38:29 -03:00