Matthew Wild
4cecbb2783
ssl: Add :getlocalchain() + :getlocalcertificate() to mirror the peer methods
...
These methods mirror the existing methods that fetch the peer certificate and
chain. Due to various factors (SNI, multiple key types, etc.) it is not always
trivial for an application to determine what certificate was presented to the
client. However there are various use-cases where this is needed, such as
tls-server-end-point channel binding and OCSP stapling.
Requires OpenSSL 1.0.2+ (note: SSL_get_certificate() has existed for a very
long time, but was lacking documentation until OpenSSL 3.0).
2022-09-21 18:40:10 +01:00
Bruno Silvestre
860b2a8b5f
Use a more generic form
2019-10-19 10:22:21 -03:00
Bruno Silvestre
caeaa5ffda
Use a more generic form
2019-10-19 10:12:20 -03:00
Bruno Silvestre
9d84469912
Use a more generic form
2019-10-19 10:04:30 -03:00
Bruno Silvestre
18fa0118be
Merge pull request #122 from Zash/dane
...
DANE support
2019-07-11 09:50:25 -03:00
Bruno Silvestre
1c9401ae54
README for samples updated
2019-02-26 16:06:17 -03:00
Bruno Silvestre
ea8ccc3113
Update sample of multiple certificates
2019-02-26 15:52:02 -03:00
Bruno Silvestre
1c3bf23551
Merge pull request #133 from quickdudley/multi-certs
...
Enable multiple SSL certificates
2019-02-26 14:42:47 -03:00
Bruno Silvestre
31237195a3
Fix invalid section
2019-02-26 13:37:12 -03:00
Jeremy List
c72dc02ecb
Sample for multiple certificates.
2019-02-26 10:52:53 +13:00
Bruno Silvestre
ef342a7cda
Merge pull request #125 from horazont/feature/fix-memleak
...
Fix memory leak in meth_extensions
2019-01-10 10:03:25 -02:00
Jonas Schäfer
0775d5744f
Make memory leak reproducible in loop sample
2018-11-19 16:00:20 +01:00
Jonas Schäfer
8bcabff0c1
Modernize certificate generation
...
- Use 2048 bit keys (required for modern OpenSSL)
- Use SHA256 instead of SHA1 (required for modern OpenSSL)
- Add a SubjectAltName to be able to trigger certain edge-cases
- Add all.sh to conveniently re-generate certificates
2018-11-19 15:56:42 +01:00
Kim Alvefur
5ffe22e98e
Add sample DANE usage
2018-10-06 19:37:43 +02:00
Bruno Silvestre
dea60edf4f
Add ALPN support based on PR #64 from xnyhps
2018-08-27 15:10:18 -03:00
Bruno Silvestre
93e0e8cc64
Force a cipher that use DH parameter
2018-07-26 11:22:24 -03:00
daurnimator
64f11f515d
Add example of luaossl integration
...
Based on 'info' sample
2017-04-04 13:07:48 +10:00
Bruno Silvestre
9c41eaf09a
Merge pull request #74 from ka7/spelling
...
spelling fixes, as seen on lintian.debian.org
2017-03-31 14:50:19 -03:00
Mark Kubacki
231563682a
Add support for the new curve selection API.
...
Signed-off-by: W-Mark Kubacki <wmark@hurrikane.de>
2017-02-26 00:16:24 +01:00
klemens
d45c03a1ad
spelling fixes, as seen on lintian.debian.org
2016-07-11 21:57:50 +02:00
Gleydson Soares
5561ddfa3c
update protocol samples(bring "tlsv1_2" to clients and "any" to servers)
2015-11-17 20:39:05 -03:00
Bruno Silvestre
64faf6322e
Update samples (using 'tlsv1').
2015-11-12 19:04:37 -02:00
Bruno Silvestre
dd9688cf12
Merge pull request #39 from Tieske/win-certs
...
added batch files to generate sample certs on Windows
2015-04-17 09:51:35 -03:00
Thijs Schreijer
7c02208590
added batch files to generate sample certs on Windows
2015-04-03 23:51:16 +02:00
Bruno Silvestre
84cb83b92f
- Add a parameter to server:sni(), so that we can accept an unknown name, using the initial context.
...
- Add the method :getsniname() to retrieve the SNI hostname used.
2014-09-09 21:48:26 -03:00
Bruno Silvestre
cc2fb8ee75
SNI support.
2014-04-21 13:18:20 -03:00
Bruno Silvestre
89375f495a
Examples update.
2014-01-29 17:47:27 -02:00
Bruno Silvestre
063e8a8a5c
- using buffer from luasocket 3.0.
...
- adding getstats() and setstats().
2013-06-20 13:03:58 -03:00
Matthew Wild
77ac210283
LuaSec 20120616 (unofficial) + patches
2013-03-30 12:21:40 +00:00
Bruno Silvestre
67e5176b6b
LuaSec 0.4
2012-09-02 11:32:26 -03:00
Bruno Silvestre
1c95a077ee
LuaSec 0.3
2012-09-02 11:22:22 -03:00
Bruno Silvestre
36e94ee40d
LuaSec 0.2
2012-09-02 11:15:49 -03:00