Bruno Silvestre
cdcf5fdb30
Off by one in cert:validat(notafter) #173
2021-06-23 13:35:49 -03:00
Bruno Silvestre
bdbc67b188
Move the fix of SSL_get_error() in OpenSSL 1.1.1
...
Moving to lsec_socket_error() coverts better 'errno == 0' with SSL_ERROR_SYSCALL.
2021-05-29 10:11:02 -03:00
Bruno Silvestre
359151144b
Merge pull request #172 from edzius/master
...
Handle SSL_send SYSCALL error without errno
https://www.openssl.org/docs/man1.1.1/man3/SSL_get_error.html
2021-05-29 09:38:29 -03:00
Edvinas Stunžėnas
d6b2fd7d35
Handle SSL_send SYSCALL error without errno
...
Either intentionaly or due to bug in openssl in some marginal
cases SSL_send reports SYSCALL error whilst errno is set to 0.
This either could mean that SSL_send did not made any system
call or errno were prematurely reset with consequent syscalls.
And in consequence sendraw() is not propagate correct errno
ends up in infinite loop trying to send same data.
Such behaviour was usually observed after third consequential
failed SSL send attempt which application was not aware of.
First send failed with syscall errno 32 (Broken pipe) second
one with SSL error 0x1409e10f (bad length) and lastly next
send attemt results with SYSCALL error and errno 0.
Tested using:
* OpenSSL v1.1.1
* musl v1.1.20 (c50985d5c8e316c5c464f352e79eeebfed1121a9)
* Linux 4.4.60+yocto armv7l
2021-05-21 21:20:19 +03:00
Bruno Silvestre
d5df315617
Update version and rockspec
2021-04-26 09:16:05 -03:00
Bruno Silvestre
34252fb10a
Set parameter 2 and 3 to none before luaL_buffinit()
2021-04-26 08:37:09 -03:00
Bruno Silvestre
711a98b760
Update rockspec
2021-01-30 10:32:28 -03:00
Bruno Silvestre
4894c2f6a4
Update version number
2021-01-30 10:29:53 -03:00
Bruno Silvestre
ae774258c5
Merge pull request #164 from murillopaula/master
...
feature: getsignaturename
2021-01-16 10:13:29 -03:00
Murillo Paula
de393417b7
feature: getsignaturename
2021-01-12 10:49:27 -03:00
Bruno Silvestre
22eadbd20e
Merge pull request #156 from Petr-kk/upstream
...
SOCKET_INVALID pushed as integer, not as number
2020-03-06 13:44:42 -03:00
Petr Kristan
63e35c161f
SOCKET_INVALID pushed as integer, not as number
...
winsock define INVALID_SOCKET as (UINT_PTR)(~0)
in win64 it is 0xffffffffffffffff
if pushed by lua_pushnumber, then ssl.core.SOCKET_INVALID is 1.84467440737096E19
tested in win32/64, linux32/64 lua5.1 and lua5.3
2020-03-04 17:05:06 +01:00
Bruno Silvestre
c6704919bd
Typo
2019-10-31 11:43:53 -03:00
Bruno Silvestre
d7ccfad97f
Fix source in rockspec
2019-10-31 11:39:37 -03:00
Bruno Silvestre
43feb51c5e
Update 0.8 -> 0.9
2019-10-31 11:34:27 -03:00
Bruno Silvestre
860b2a8b5f
Use a more generic form
2019-10-19 10:22:21 -03:00
Bruno Silvestre
caeaa5ffda
Use a more generic form
2019-10-19 10:12:20 -03:00
Bruno Silvestre
9d84469912
Use a more generic form
2019-10-19 10:04:30 -03:00
Bruno Silvestre
87e51d99ea
Add __close metamethod
2019-10-15 13:25:12 -03:00
Bruno Silvestre
7898bd2043
Remove warning from cast.
2019-10-14 10:00:47 -03:00
Bruno Silvestre
c810df6839
Cleanup of #if expression
2019-10-13 22:21:05 -03:00
Bruno Silvestre
1e2f342006
Using same form to ifdefs
2019-10-13 22:11:55 -03:00
Bruno Silvestre
8ef33e33cf
Some adjusts to OpenSSL 1.1.1 with --api=1.1.0
2019-10-13 22:10:03 -03:00
Bruno Silvestre
3490d8d1c0
Merge pull request #126 from neheb/master
...
Get rid of some deprecation warnings with OpenSSL 1.1
2019-10-13 19:42:19 -03:00
Bruno Silvestre
86c8fa40c9
Merge pull request #134 from neheb/patch-1
...
use $(CC) for LD definition.
2019-10-13 19:11:48 -03:00
Bruno Silvestre
4903e2f2c1
Export 'config' table ( #149 )
...
Avoid duplicating variable 'ssl_options'.
2019-10-09 14:49:58 -03:00
Bruno Silvestre
2480572bdf
Merge pull request #147 from Zash/issue146
...
Special case listing of TLS 1.3 EC curves
2019-08-28 11:10:37 -03:00
Kim Alvefur
c26513f4f7
Special case listing of TLS 1.3 EC curves ( fixes #146 )
2019-08-21 20:58:01 +02:00
Bruno Silvestre
f64e660de0
Disable DANE for LibreSSL
2019-07-11 11:19:21 -03:00
Bruno Silvestre
8722f83e8f
Fix check for error in DANE functions
2019-07-11 10:20:53 -03:00
Bruno Silvestre
a2dcfffcfa
Enable DANE only for OpenSSL 1.1.0 or higher
2019-07-11 10:09:39 -03:00
Bruno Silvestre
18fa0118be
Merge pull request #122 from Zash/dane
...
DANE support
2019-07-11 09:50:25 -03:00
Bruno Silvestre
9f3a97e397
Merge pull request #144 from Zash/fix-general-name-leak
...
Fix general_name leak in cert:extensions()
2019-07-11 09:42:23 -03:00
Kim Alvefur
daf728fec2
Fix general_name leak in cert:extensions()
...
Thanks to @zeen for identifying and @horazont for providing test
environment.
2019-07-07 23:03:54 +02:00
Bruno Silvestre
041a37874b
Inform OpenSSL 1.0.2 dependency
2019-04-22 10:31:32 -03:00
Bruno Silvestre
d6ba8d21da
Update version to 0.8, new rock file
2019-04-16 14:01:52 -03:00
Bruno Silvestre
f8b2968e79
Declare variable "key" before use it.
2019-04-16 10:48:15 -03:00
Rosen Penev
57f2f1363f
Replace LD with CCLD variable
...
When cross compiling, the LD variable typically gets overriden.
2019-04-08 09:45:40 -07:00
Bruno Silvestre
1efa37087e
Add 'ciphersuites' property for TLS 1.3
2019-03-22 11:34:33 -03:00
Bruno Silvestre
1c9401ae54
README for samples updated
2019-02-26 16:06:17 -03:00
Bruno Silvestre
ea8ccc3113
Update sample of multiple certificates
2019-02-26 15:52:02 -03:00
Bruno Silvestre
c0cb85d77f
Do not create 'certificates' on 'cfg' if it does not exist
2019-02-26 15:49:51 -03:00
Bruno Silvestre
1c3bf23551
Merge pull request #133 from quickdudley/multi-certs
...
Enable multiple SSL certificates
2019-02-26 14:42:47 -03:00
Bruno Silvestre
31237195a3
Fix invalid section
2019-02-26 13:37:12 -03:00
Jeremy List
c72dc02ecb
Sample for multiple certificates.
2019-02-26 10:52:53 +13:00
Jeremy List
143ccf1323
PR feedback (Data structure)
2019-02-26 10:51:44 +13:00
Bruno Silvestre
5e2b27fa71
Merge pull request #132 from ewestbrook/prc-expose-tcp
...
Expose tcp() for use by LuaSocket
2019-02-25 15:25:20 -03:00
Jeremy List
ff868e4a06
Enable multiple SSL certificates (issue 27)
2019-02-22 13:42:44 +13:00
Bruno Silvestre
ef342a7cda
Merge pull request #125 from horazont/feature/fix-memleak
...
Fix memory leak in meth_extensions
2019-01-10 10:03:25 -02:00
Bruno Silvestre
569d12dc64
Merge pull request #124 from horazont/feature/modernize-certs
...
Modernize certificate generation
2019-01-10 10:02:22 -02:00