dany/luasec
1
0
Fork 0
mirror of https://github.com/brunoos/luasec.git synced 2024-07-05 20:59:47 +02:00
Code Issues Packages Projects Releases Wiki Activity
283 Commits 6 Branches 25 Tags 1.4 MiB
4c06287052
Commit Graph

283 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bruno Silvestre
ef342a7cda
Merge pull request #125 from horazont/feature/fix-memleak 
Fix memory leak in meth_extensions
 2019-01-10 10:03:25 -02:00
Bruno Silvestre
569d12dc64
Merge pull request #124 from horazont/feature/modernize-certs 
Modernize certificate generation
 2019-01-10 10:02:22 -02:00
Rosen Penev
79c629956e Get rid of some deprecation warnings with OpenSSL 1.1 2018-11-20 20:12:39 -08:00
Jonas Schäfer
81c38864d4 Fix memory leak in meth_extensions 2018-11-19 16:00:30 +01:00
Jonas Schäfer
0775d5744f Make memory leak reproducible in loop sample 2018-11-19 16:00:20 +01:00
Jonas Schäfer
8bcabff0c1 Modernize certificate generation 
- Use 2048 bit keys (required for modern OpenSSL)
- Use SHA256 instead of SHA1 (required for modern OpenSSL)
- Add a SubjectAltName to be able to trigger certain edge-cases
- Add all.sh to conveniently re-generate certificates
 2018-11-19 15:56:42 +01:00
E. Westbrook
3f38f0929c Expose src/https.lua:tcp() for use by e.g. luasocket redirects 2018-10-13 07:31:38 -06:00
Kim Alvefur
5ffe22e98e Add sample DANE usage 2018-10-06 19:37:43 +02:00
Kim Alvefur
6359275c5f Add support for setting DANE TLSA information 2018-09-29 21:38:18 +02:00
Bruno Silvestre
550777a9d6
Merge pull request #120 from narcistesa/update-tls-cfg 
Disable TLSv1 protocol by default in https module
 2018-09-29 10:26:08 -03:00
Narcis Tesa
4c5996a499 Disable TLSv1 to fix *received tlsv1 alert protocol version from* errors with certain websites 2018-09-19 16:25:39 -04:00
Bruno Silvestre
421c897dd3 Support for TLS 1.3 from OpenSSL 1.1.1 
Based on PR #97 from @wmark.
 2018-09-12 19:08:19 -03:00
Bruno Silvestre
2ecf239cfe Suppress warning with OpenSSL 1.1.0 and 1.1.1 2018-09-12 18:43:44 -03:00
Bruno Silvestre
113331fa0c Assuming that TLS 1.1 and TLS 1.2 are available 2018-09-12 18:27:43 -03:00
Bruno Silvestre
8440bc3d59 Assuming curves list is available if EC is available 2018-09-12 18:26:19 -03:00
Bruno Silvestre
5ece6049e5 Fix constant: OPENSS_NO_ECDH -> OPENSSL_NO_EC 2018-09-12 18:24:12 -03:00
Bruno Silvestre
9883782102 Fix constant: OPENSS_NO_ECDH -> OPENSSL_NO_EC 2018-09-12 18:17:19 -03:00
Bruno Silvestre
661d08e5f3 Removing OpenSSL 0.9.8 code 2018-09-12 18:08:19 -03:00
Bruno Silvestre
5514c4a06e Assuming that TLS 1.1 and TLS 1.2 are available 
Fix some #if's also.
 2018-09-12 18:03:37 -03:00
Bruno Silvestre
f42c171d55 This mode is available in new versions of OpenSSL, no more check 2018-09-12 17:45:13 -03:00
Bruno Silvestre
706e0f0281 New version of LibreSSL already implement these functions 2018-09-12 17:41:03 -03:00
Bruno Silvestre
d4ea2d12f3 Update reference to Lua state prior to handshake 
The Lua thread that creates the context is saved to be used for
accessing callback related data. However that thread may become garbage
and its memory could be overwritten with anything if the handshake
happens later, in a different thread.

Fixes #75

Thanks @Zash
 2018-09-10 10:49:18 -03:00
Bruno Silvestre
dea60edf4f Add ALPN support based on PR #64 from xnyhps 2018-08-27 15:10:18 -03:00
Bruno Silvestre
fdb2fa5f59 Let the library choose the min and max versions 
Some protocols can be disable with 'options'.
 2018-07-26 11:25:57 -03:00
Bruno Silvestre
93e0e8cc64 Force a cipher that use DH parameter 2018-07-26 11:22:24 -03:00
Bruno Silvestre
d9d0cd620d Free DH parameter right after handshake 2018-07-26 11:21:54 -03:00
Bruno Silvestre
953a363a59 Add timeout to https module 
Glocal attribute https.TIMEOUT controls connection tiemout.

Sample:
  https.TIMEOUT = 5  -- seconds
  https.request()
 2018-07-02 10:40:14 -03:00
Bruno Silvestre
28e247dbc5 Removing deprecated methods to select the protocol 
Using TLS_method(), SSL_set_min_proto_version() and
SSL_set_max_proto_version().
 2018-07-02 10:31:45 -03:00
Bruno Silvestre
89bdc6148c Removing SSLv3 support 2018-06-29 14:06:51 -03:00
Bruno Silvestre
8212b89f1a Using 'const SSL_METHOD*' 
This change was introduced in OpenSSL 1.0.0.
Start droping 0.9.8 code.
 2018-06-29 14:02:39 -03:00
Bruno Silvestre
879ba6d4f9
Merge pull request #116 from hishamhm/cross-windows 
Use lowercase Windows header name
 2018-06-29 13:49:01 -03:00
Hisham Muhammad
4d10a5a0c0 Use lowercase Windows header name 
This is necessary for cross-compilation of Windows binaries on non-Windows
platforms (and harmless for Windows).
 2018-06-29 10:21:22 -03:00
Bruno Silvestre
de63f21f63 Change version number to 0.7 2018-06-27 10:36:26 -03:00
Bruno Silvestre
fbbaa866c3 Missing defines in rockspec 2017-12-21 12:33:47 -02:00
Bruno Silvestre
bd87aafaaf Using https instead of git protocol 2017-10-28 10:44:51 -02:00
Bruno Silvestre
be3c6d67e0 Make luaL_testudata() compat function visible for all files 2017-10-28 09:53:28 -02:00
Bruno Silvestre
2f562e1399 Put an error check back 2017-10-28 09:31:40 -02:00
Bruno Silvestre
7934e58b4b
Merge pull request #99 from daurnimator/luaossl-integration 
Allow passing a luaossl context for socket creation/wrapping
 2017-10-28 09:23:07 -02:00
Bruno Silvestre
3a8d6e71c4 Removing some VC files 2017-10-11 20:42:54 -03:00
Bruno Silvestre
3d170e9f9d Add new source files to VC project, new libs name 2017-10-11 20:29:15 -03:00
Bruno Silvestre
ea6a65de84 Rockspec for LuaSec 0.7alpha 2017-09-26 18:24:16 -03:00
Bruno Silvestre
0d01b53461 Version number to 0.7alpha 2017-09-26 18:22:49 -03:00
Bruno Silvestre
8762441cd2 Add popular aliases for commonly used curves 2017-09-26 17:43:00 -03:00
Bruno Silvestre
60f02f7701 LuaJIT 2.1.0 added luaL_newlib() as extension 2017-09-26 17:39:32 -03:00
Bruno Silvestre
fe1fb0b350 Adding 'curveslist' parameter 
LuaSec will try to set 'curveslist' parameter first.
If the parameter is not present or not supported, LuaSec will
try 'curve' parameter.
 2017-08-04 17:00:12 -03:00
Bruno Silvestre
db42a5084a Export configuration (protocols, options, curves, algorithms, capabilities) 2017-06-16 22:53:59 -03:00
Bruno Silvestre
0b99832ec7 Export configuration (protocols, options, curves, algorithms, capabilities) 2017-06-16 22:50:27 -03:00
Bruno Silvestre
fc757e1fd0 Discover curves dynamically 2017-06-16 21:03:10 -03:00
daurnimator
64f11f515d
Add example of luaossl integration 
Based on 'info' sample
 2017-04-04 13:07:48 +10:00
daurnimator
e90a264c93
Allow passing luaossl objects to meth_create() 2017-04-04 13:06:12 +10:00