Commit Graph

210 Commits

Author SHA1 Message Date
Bruno Silvestre
1e2f342006 Using same form to ifdefs 2019-10-13 22:11:55 -03:00
Bruno Silvestre
8ef33e33cf Some adjusts to OpenSSL 1.1.1 with --api=1.1.0 2019-10-13 22:10:03 -03:00
Bruno Silvestre
3490d8d1c0
Merge pull request #126 from neheb/master
Get rid of some deprecation warnings with OpenSSL 1.1
2019-10-13 19:42:19 -03:00
Bruno Silvestre
86c8fa40c9
Merge pull request #134 from neheb/patch-1
use $(CC) for LD definition.
2019-10-13 19:11:48 -03:00
Bruno Silvestre
4903e2f2c1 Export 'config' table (#149)
Avoid duplicating variable 'ssl_options'.
2019-10-09 14:49:58 -03:00
Bruno Silvestre
2480572bdf
Merge pull request #147 from Zash/issue146
Special case listing of TLS 1.3 EC curves
2019-08-28 11:10:37 -03:00
Kim Alvefur
c26513f4f7 Special case listing of TLS 1.3 EC curves (fixes #146) 2019-08-21 20:58:01 +02:00
Bruno Silvestre
f64e660de0 Disable DANE for LibreSSL 2019-07-11 11:19:21 -03:00
Bruno Silvestre
8722f83e8f Fix check for error in DANE functions 2019-07-11 10:20:53 -03:00
Bruno Silvestre
a2dcfffcfa Enable DANE only for OpenSSL 1.1.0 or higher 2019-07-11 10:09:39 -03:00
Bruno Silvestre
18fa0118be
Merge pull request #122 from Zash/dane
DANE support
2019-07-11 09:50:25 -03:00
Bruno Silvestre
9f3a97e397
Merge pull request #144 from Zash/fix-general-name-leak
Fix general_name leak in cert:extensions()
2019-07-11 09:42:23 -03:00
Kim Alvefur
daf728fec2 Fix general_name leak in cert:extensions()
Thanks to @zeen for identifying and @horazont for providing test
environment.
2019-07-07 23:03:54 +02:00
Bruno Silvestre
041a37874b Inform OpenSSL 1.0.2 dependency 2019-04-22 10:31:32 -03:00
Bruno Silvestre
d6ba8d21da Update version to 0.8, new rock file 2019-04-16 14:01:52 -03:00
Bruno Silvestre
f8b2968e79 Declare variable "key" before use it. 2019-04-16 10:48:15 -03:00
Rosen Penev
57f2f1363f
Replace LD with CCLD variable
When cross compiling, the LD variable typically gets overriden.
2019-04-08 09:45:40 -07:00
Bruno Silvestre
1efa37087e Add 'ciphersuites' property for TLS 1.3 2019-03-22 11:34:33 -03:00
Bruno Silvestre
1c9401ae54 README for samples updated 2019-02-26 16:06:17 -03:00
Bruno Silvestre
ea8ccc3113 Update sample of multiple certificates 2019-02-26 15:52:02 -03:00
Bruno Silvestre
c0cb85d77f Do not create 'certificates' on 'cfg' if it does not exist 2019-02-26 15:49:51 -03:00
Bruno Silvestre
1c3bf23551
Merge pull request #133 from quickdudley/multi-certs
Enable multiple SSL certificates
2019-02-26 14:42:47 -03:00
Bruno Silvestre
31237195a3 Fix invalid section 2019-02-26 13:37:12 -03:00
Jeremy List
c72dc02ecb Sample for multiple certificates. 2019-02-26 10:52:53 +13:00
Jeremy List
143ccf1323 PR feedback (Data structure) 2019-02-26 10:51:44 +13:00
Bruno Silvestre
5e2b27fa71
Merge pull request #132 from ewestbrook/prc-expose-tcp
Expose tcp() for use by LuaSocket
2019-02-25 15:25:20 -03:00
Jeremy List
ff868e4a06 Enable multiple SSL certificates (issue 27) 2019-02-22 13:42:44 +13:00
Bruno Silvestre
ef342a7cda
Merge pull request #125 from horazont/feature/fix-memleak
Fix memory leak in meth_extensions
2019-01-10 10:03:25 -02:00
Bruno Silvestre
569d12dc64
Merge pull request #124 from horazont/feature/modernize-certs
Modernize certificate generation
2019-01-10 10:02:22 -02:00
Rosen Penev
79c629956e Get rid of some deprecation warnings with OpenSSL 1.1 2018-11-20 20:12:39 -08:00
Jonas Schäfer
81c38864d4 Fix memory leak in meth_extensions 2018-11-19 16:00:30 +01:00
Jonas Schäfer
0775d5744f Make memory leak reproducible in loop sample 2018-11-19 16:00:20 +01:00
Jonas Schäfer
8bcabff0c1 Modernize certificate generation
- Use 2048 bit keys (required for modern OpenSSL)
- Use SHA256 instead of SHA1 (required for modern OpenSSL)
- Add a SubjectAltName to be able to trigger certain edge-cases
- Add all.sh to conveniently re-generate certificates
2018-11-19 15:56:42 +01:00
E. Westbrook
3f38f0929c Expose src/https.lua:tcp() for use by e.g. luasocket redirects 2018-10-13 07:31:38 -06:00
Kim Alvefur
5ffe22e98e Add sample DANE usage 2018-10-06 19:37:43 +02:00
Kim Alvefur
6359275c5f Add support for setting DANE TLSA information 2018-09-29 21:38:18 +02:00
Bruno Silvestre
550777a9d6
Merge pull request #120 from narcistesa/update-tls-cfg
Disable TLSv1 protocol by default in https module
2018-09-29 10:26:08 -03:00
Narcis Tesa
4c5996a499 Disable TLSv1 to fix *received tlsv1 alert protocol version from* errors with certain websites 2018-09-19 16:25:39 -04:00
Bruno Silvestre
421c897dd3 Support for TLS 1.3 from OpenSSL 1.1.1
Based on PR #97 from @wmark.
2018-09-12 19:08:19 -03:00
Bruno Silvestre
2ecf239cfe Suppress warning with OpenSSL 1.1.0 and 1.1.1 2018-09-12 18:43:44 -03:00
Bruno Silvestre
113331fa0c Assuming that TLS 1.1 and TLS 1.2 are available 2018-09-12 18:27:43 -03:00
Bruno Silvestre
8440bc3d59 Assuming curves list is available if EC is available 2018-09-12 18:26:19 -03:00
Bruno Silvestre
5ece6049e5 Fix constant: OPENSS_NO_ECDH -> OPENSSL_NO_EC 2018-09-12 18:24:12 -03:00
Bruno Silvestre
9883782102 Fix constant: OPENSS_NO_ECDH -> OPENSSL_NO_EC 2018-09-12 18:17:19 -03:00
Bruno Silvestre
661d08e5f3 Removing OpenSSL 0.9.8 code 2018-09-12 18:08:19 -03:00
Bruno Silvestre
5514c4a06e Assuming that TLS 1.1 and TLS 1.2 are available
Fix some #if's also.
2018-09-12 18:03:37 -03:00
Bruno Silvestre
f42c171d55 This mode is available in new versions of OpenSSL, no more check 2018-09-12 17:45:13 -03:00
Bruno Silvestre
706e0f0281 New version of LibreSSL already implement these functions 2018-09-12 17:41:03 -03:00
Bruno Silvestre
d4ea2d12f3 Update reference to Lua state prior to handshake
The Lua thread that creates the context is saved to be used for
accessing callback related data. However that thread may become garbage
and its memory could be overwritten with anything if the handshake
happens later, in a different thread.

Fixes #75

Thanks @Zash
2018-09-10 10:49:18 -03:00
Bruno Silvestre
dea60edf4f Add ALPN support based on PR #64 from xnyhps 2018-08-27 15:10:18 -03:00