4903e2f2c1
Export 'config' table ( #149 )
...
Avoid duplicating variable 'ssl_options'.
2019-10-09 14:49:58 -03:00
2480572bdf
Merge pull request #147 from Zash/issue146
...
Special case listing of TLS 1.3 EC curves
2019-08-28 11:10:37 -03:00
c26513f4f7
Special case listing of TLS 1.3 EC curves ( fixes #146 )
2019-08-21 20:58:01 +02:00
f64e660de0
Disable DANE for LibreSSL
2019-07-11 11:19:21 -03:00
8722f83e8f
Fix check for error in DANE functions
2019-07-11 10:20:53 -03:00
a2dcfffcfa
Enable DANE only for OpenSSL 1.1.0 or higher
2019-07-11 10:09:39 -03:00
18fa0118be
Merge pull request #122 from Zash/dane
...
DANE support
2019-07-11 09:50:25 -03:00
9f3a97e397
Merge pull request #144 from Zash/fix-general-name-leak
...
Fix general_name leak in cert:extensions()
2019-07-11 09:42:23 -03:00
daf728fec2
Fix general_name leak in cert:extensions()
...
Thanks to @zeen for identifying and @horazont for providing test
environment.
2019-07-07 23:03:54 +02:00
041a37874b
Inform OpenSSL 1.0.2 dependency
2019-04-22 10:31:32 -03:00
d6ba8d21da
Update version to 0.8, new rock file
2019-04-16 14:01:52 -03:00
f8b2968e79
Declare variable "key" before use it.
2019-04-16 10:48:15 -03:00
1efa37087e
Add 'ciphersuites' property for TLS 1.3
2019-03-22 11:34:33 -03:00
1c9401ae54
README for samples updated
2019-02-26 16:06:17 -03:00
ea8ccc3113
Update sample of multiple certificates
2019-02-26 15:52:02 -03:00
c0cb85d77f
Do not create 'certificates' on 'cfg' if it does not exist
2019-02-26 15:49:51 -03:00
1c3bf23551
Merge pull request #133 from quickdudley/multi-certs
...
Enable multiple SSL certificates
2019-02-26 14:42:47 -03:00
31237195a3
Fix invalid section
2019-02-26 13:37:12 -03:00
c72dc02ecb
Sample for multiple certificates.
2019-02-26 10:52:53 +13:00
143ccf1323
PR feedback (Data structure)
2019-02-26 10:51:44 +13:00
5e2b27fa71
Merge pull request #132 from ewestbrook/prc-expose-tcp
...
Expose tcp() for use by LuaSocket
2019-02-25 15:25:20 -03:00
ff868e4a06
Enable multiple SSL certificates (issue 27)
2019-02-22 13:42:44 +13:00
ef342a7cda
Merge pull request #125 from horazont/feature/fix-memleak
...
Fix memory leak in meth_extensions
2019-01-10 10:03:25 -02:00
569d12dc64
Merge pull request #124 from horazont/feature/modernize-certs
...
Modernize certificate generation
2019-01-10 10:02:22 -02:00
81c38864d4
Fix memory leak in meth_extensions
2018-11-19 16:00:30 +01:00
0775d5744f
Make memory leak reproducible in loop sample
2018-11-19 16:00:20 +01:00
8bcabff0c1
Modernize certificate generation
...
- Use 2048 bit keys (required for modern OpenSSL)
- Use SHA256 instead of SHA1 (required for modern OpenSSL)
- Add a SubjectAltName to be able to trigger certain edge-cases
- Add all.sh to conveniently re-generate certificates
2018-11-19 15:56:42 +01:00
3f38f0929c
Expose src/https.lua:tcp() for use by e.g. luasocket redirects
2018-10-13 07:31:38 -06:00
5ffe22e98e
Add sample DANE usage
2018-10-06 19:37:43 +02:00
6359275c5f
Add support for setting DANE TLSA information
2018-09-29 21:38:18 +02:00
550777a9d6
Merge pull request #120 from narcistesa/update-tls-cfg
...
Disable TLSv1 protocol by default in https module
2018-09-29 10:26:08 -03:00
4c5996a499
Disable TLSv1 to fix *received tlsv1 alert protocol version from* errors with certain websites
2018-09-19 16:25:39 -04:00
421c897dd3
Support for TLS 1.3 from OpenSSL 1.1.1
...
Based on PR #97 from @wmark.
2018-09-12 19:08:19 -03:00
2ecf239cfe
Suppress warning with OpenSSL 1.1.0 and 1.1.1
2018-09-12 18:43:44 -03:00
113331fa0c
Assuming that TLS 1.1 and TLS 1.2 are available
2018-09-12 18:27:43 -03:00
8440bc3d59
Assuming curves list is available if EC is available
2018-09-12 18:26:19 -03:00
5ece6049e5
Fix constant: OPENSS_NO_ECDH -> OPENSSL_NO_EC
2018-09-12 18:24:12 -03:00
9883782102
Fix constant: OPENSS_NO_ECDH -> OPENSSL_NO_EC
2018-09-12 18:17:19 -03:00
661d08e5f3
Removing OpenSSL 0.9.8 code
2018-09-12 18:08:19 -03:00
5514c4a06e
Assuming that TLS 1.1 and TLS 1.2 are available
...
Fix some #if's also.
2018-09-12 18:03:37 -03:00
f42c171d55
This mode is available in new versions of OpenSSL, no more check
2018-09-12 17:45:13 -03:00
706e0f0281
New version of LibreSSL already implement these functions
2018-09-12 17:41:03 -03:00
d4ea2d12f3
Update reference to Lua state prior to handshake
...
The Lua thread that creates the context is saved to be used for
accessing callback related data. However that thread may become garbage
and its memory could be overwritten with anything if the handshake
happens later, in a different thread.
Fixes #75
Thanks @Zash
2018-09-10 10:49:18 -03:00
dea60edf4f
Add ALPN support based on PR #64 from xnyhps
2018-08-27 15:10:18 -03:00
fdb2fa5f59
Let the library choose the min and max versions
...
Some protocols can be disable with 'options'.
2018-07-26 11:25:57 -03:00
93e0e8cc64
Force a cipher that use DH parameter
2018-07-26 11:22:24 -03:00
d9d0cd620d
Free DH parameter right after handshake
2018-07-26 11:21:54 -03:00
953a363a59
Add timeout to https module
...
Glocal attribute https.TIMEOUT controls connection tiemout.
Sample:
https.TIMEOUT = 5 -- seconds
https.request()
2018-07-02 10:40:14 -03:00
28e247dbc5
Removing deprecated methods to select the protocol
...
Using TLS_method(), SSL_set_min_proto_version() and
SSL_set_max_proto_version().
2018-07-02 10:31:45 -03:00
89bdc6148c
Removing SSLv3 support
2018-06-29 14:06:51 -03:00
