Bart van Strien
2fc8a85bec
Unexport meth_extensions
2015-06-05 17:11:54 +02:00
Bart van Strien
6a828b33e5
Make https request fail if hostname does not match
2015-06-05 16:49:11 +02:00
Bart van Strien
cde151739e
Add ssl.checkhostname and conn:checkhostname
...
Convenient (and important!) methods that allow checking for hostnames
against a (peer) certificate. Deals with wildcards and alternative names
(via the dnsnames extension).
2015-06-05 15:54:50 +02:00
Bart van Strien
88fa9b8bc2
Document the context module
2015-06-05 15:03:06 +02:00
Bart van Strien
4658af30b5
Document certs
2015-06-05 13:16:21 +02:00
Bart van Strien
4f714ed56f
Document core module
2015-06-05 12:29:46 +02:00
Bart van Strien
9420dcda40
Document connection object
2015-06-05 12:16:35 +02:00
Bart van Strien
9d6e35b2ac
Add simple inotify-based script to update doc html files
2015-06-04 13:42:37 +02:00
Bart van Strien
31228677b2
Ignore html files too
2015-06-04 13:42:11 +02:00
Bart van Strien
d84a0a911c
Document functions of 'ssl' module
2015-06-04 13:30:32 +02:00
Bart van Strien
54db93c530
Create list of functions and methods to be documented
2015-06-04 13:03:19 +02:00
Bart van Strien
7ca7890368
Add indentation settings to .vimrc file for people with exrc set
2015-06-04 13:01:07 +02:00
Bart van Strien
7663d9ea00
Add gitignore file
2015-06-04 13:00:47 +02:00
Bruno Silvestre
dd9688cf12
Merge pull request #39 from Tieske/win-certs
...
added batch files to generate sample certs on Windows
2015-04-17 09:51:35 -03:00
Thijs Schreijer
7c02208590
added batch files to generate sample certs on Windows
2015-04-03 23:51:16 +02:00
Bruno Silvestre
3862e76df9
Fix inet_ntop() on Windows.
2015-03-12 17:05:53 -03:00
Bruno Silvestre
1ab6fac919
Don't set globals from C.
2015-02-12 16:32:54 -02:00
Bruno Silvestre
91d378a86e
Fix unpack().
2015-02-12 16:29:02 -02:00
Bruno Silvestre
356e03a64d
Stop using module().
2015-02-06 18:07:29 -02:00
Bruno Silvestre
97b1974039
Change to luaL_newlib().
2015-02-06 17:44:08 -02:00
Bruno Silvestre
9cb5220759
Remove luaL_optint() and luaL_checkint().
2015-02-06 16:53:34 -02:00
Bruno Silvestre
acbf575420
BSD headers.
2015-01-28 16:38:00 -02:00
Bruno Silvestre
a9b81b1c10
Merge pull request #21 from Zash/zash/iPAddress-fix
...
iPAddress encoding
2015-01-28 16:24:02 -02:00
Bruno Silvestre
ab42d4ec86
Stop if we don't have a string.
2015-01-28 16:19:19 -02:00
Bruno Silvestre
12e1b1f1d9
Merge pull request #30 from lluixhi/master
...
Fix for LibreSSL/OPENSSL_NO_COMP
2015-01-28 15:07:07 -02:00
Lluixhi Scura
5240c02f3d
Changed for strict compiles.
2015-01-16 09:12:14 -08:00
Lluixhi Scura
4c7339cace
Fix for LibreSSL/OPENSSL_NO_COMP
2015-01-16 08:55:22 -08:00
Bruno Silvestre
f514e9fb1b
Problem on Win64, since double does not represent SOCKET_INVALID exactly.
2014-09-10 14:41:09 -03:00
Bruno Silvestre
84cb83b92f
- Add a parameter to server:sni(), so that we can accept an unknown name, using the initial context.
...
- Add the method :getsniname() to retrieve the SNI hostname used.
2014-09-09 21:48:26 -03:00
Kim Alvefur
f13aee5dac
Encode iPAddress fields in human readable form
2014-06-08 13:20:47 +02:00
Kim Alvefur
b83d2c6a91
Don't try to encode IP addresses as UTF-8
2014-06-08 12:47:58 +02:00
Kim Alvefur
c276e9ff60
Return early if ASN1 string is invalid
2014-06-08 12:41:20 +02:00
Kim Alvefur
1ade1542d7
Push nil if unable to encode ASN1 string as UTF-8
2014-06-08 12:38:52 +02:00
Bruno Silvestre
903efaf3b1
SNI support.
2014-04-21 13:20:17 -03:00
Bruno Silvestre
cc2fb8ee75
SNI support.
2014-04-21 13:18:20 -03:00
brunoos
77637e9d3c
Merge pull request #17 from Zash/zash/checkkey
...
Verify that certificate and key belong together
2014-04-21 13:07:38 -03:00
brunoos
a481015217
Merge pull request #19 from Zash/zash/pubkey
...
Zash/pubkey
2014-04-21 11:52:40 -03:00
Kim Alvefur
11eaec6520
Add cert:pubkey() to methods registry
2014-04-19 23:11:32 +02:00
Bruno Silvestre
8fd31f3ad2
Wrong type.
2014-04-18 22:50:40 -03:00
Kim Alvefur
55d45f0542
Check if private key matches cert only if both key and cert are set
2014-02-05 16:51:30 +01:00
Kim Alvefur
8e5bcefbb6
Check that certificate matches private key
2014-02-05 01:48:58 +01:00
Kim Alvefur
eb8cb33160
Add method for extracting public key, type and size from x509 objects
2014-02-05 01:39:30 +01:00
Bruno Silvestre
21aefcf67d
Version number -> 0.5.
2014-01-29 18:43:33 -02:00
Bruno Silvestre
89375f495a
Examples update.
2014-01-29 17:47:27 -02:00
Bruno Silvestre
46d6078e82
Merge branch 'master' of https://github.com/brunoos/luasec
2013-10-23 13:53:43 -02:00
Bruno Silvestre
ce504d3554
Add x509:setencode() function to change the encode of ASN.1 string.
2013-10-23 13:42:34 -02:00
brunoos
4a95102cc8
Merge pull request #8 from xnyhps/protocol_version
...
Report the actual TLS version used, not the version the cipher belongs to.
2013-09-16 09:25:39 -07:00
brunoos
fe782fde14
Merge pull request #10 from darkrain42/master
...
Various minor fixes (build on Fedora/RH, memory leaks)
2013-09-16 09:17:58 -07:00
Paul Aurich
1d920fc13c
context: Don't leak DH* in dhparam_cb
...
==1429== 336 (144 direct, 192 indirect) bytes in 1 blocks are definitely lost in loss record 567 of 611
...
==1429== by 0x5ECCBC7: PEM_ASN1_read_bio (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0)
==1429== by 0x4E39D8F: dhparam_cb (context.c:184)
==1429== by 0x5B679D3: ??? (in /lib/x86_64-linux-gnu/libssl.so.1.0.0)
==1429== by 0x5B6A6EE: ??? (in /lib/x86_64-linux-gnu/libssl.so.1.0.0)
==1429== by 0x4E3C00D: meth_handshake (ssl.c:103)
...
2013-09-11 21:55:25 -07:00
Paul Aurich
0dab860770
context: Link SSL_CTX to p_context (not lua_State)
...
This is needed because the p_context is going to cache DH (and eventually
EC_KEY) objects, to plug a leak in the dhparam callback.
2013-09-11 21:55:25 -07:00