dany/luasec
1
0
Fork 0
mirror of https://github.com/brunoos/luasec.git synced 2025-04-06 08:46:45 +02:00
Code Issues Packages Projects Releases Wiki Activity
247 Commits 6 Branches 25 Tags
Commit Graph

64 Commits

Author SHA1 Message Date
Bruno Silvestre
f22b3ea609 Code format 2022-07-20 17:39:20 -03:00
Bruno Silvestre
c9539bca86 Fix variable shadowing 2022-07-20 17:36:27 -03:00
Kim Alvefur
371abcf718 Add key material export method 2022-06-01 16:26:35 +02:00
Bruno Silvestre
3a71559e13 Update version number 2022-04-13 10:35:06 -03:00
Bruno Silvestre
316bea078c Update version to LuaSec 1.0.2 2021-08-14 10:16:35 -03:00
Bruno Silvestre
8cba350f37 Update the Lua state reference on the selected SSL context after SNI 
Thanks Kim Alvefur
 2021-08-02 16:13:12 -03:00
Bruno Silvestre
bdbc67b188 Move the fix of SSL_get_error() in OpenSSL 1.1.1 
Moving to lsec_socket_error() coverts better 'errno == 0' with SSL_ERROR_SYSCALL.
 2021-05-29 10:11:02 -03:00
Edvinas Stunžėnas
d6b2fd7d35 Handle SSL_send SYSCALL error without errno 
Either intentionaly or due to bug in openssl in some marginal
cases SSL_send reports SYSCALL error whilst errno is set to 0.
This either could mean that SSL_send did not made any system
call or errno were prematurely reset with consequent syscalls.
And in consequence sendraw() is not propagate correct errno
ends up in infinite loop trying to send same data.

Such behaviour was usually observed after third consequential
failed SSL send attempt which application was not aware of.
First send failed with syscall errno 32 (Broken pipe) second
one with SSL error 0x1409e10f (bad length) and lastly next
send attemt results with SYSCALL error and errno 0.

Tested using:
* OpenSSL v1.1.1
* musl v1.1.20 (c50985d5c8e316c5c464f352e79eeebfed1121a9)
* Linux 4.4.60+yocto armv7l
 2021-05-21 21:20:19 +03:00
Bruno Silvestre
d5df315617 Update version and rockspec 2021-04-26 09:16:05 -03:00
Bruno Silvestre
4894c2f6a4 Update version number 2021-01-30 10:29:53 -03:00
Petr Kristan
63e35c161f SOCKET_INVALID pushed as integer, not as number 
winsock define INVALID_SOCKET as (UINT_PTR)(~0)
in win64 it is 0xffffffffffffffff
if pushed by lua_pushnumber, then ssl.core.SOCKET_INVALID is 1.84467440737096E19

tested in win32/64, linux32/64 lua5.1 and lua5.3
 2020-03-04 17:05:06 +01:00
Bruno Silvestre
43feb51c5e Update 0.8 -> 0.9 2019-10-31 11:34:27 -03:00
Bruno Silvestre
87e51d99ea Add __close metamethod 2019-10-15 13:25:12 -03:00
Bruno Silvestre
7898bd2043 Remove warning from cast. 2019-10-14 10:00:47 -03:00
Bruno Silvestre
8ef33e33cf Some adjusts to OpenSSL 1.1.1 with --api=1.1.0 2019-10-13 22:10:03 -03:00
Bruno Silvestre
3490d8d1c0
Merge pull request #126 from neheb/master 
Get rid of some deprecation warnings with OpenSSL 1.1
 2019-10-13 19:42:19 -03:00
Bruno Silvestre
f64e660de0 Disable DANE for LibreSSL 2019-07-11 11:19:21 -03:00
Bruno Silvestre
8722f83e8f Fix check for error in DANE functions 2019-07-11 10:20:53 -03:00
Bruno Silvestre
a2dcfffcfa Enable DANE only for OpenSSL 1.1.0 or higher 2019-07-11 10:09:39 -03:00
Bruno Silvestre
18fa0118be
Merge pull request #122 from Zash/dane 
DANE support
 2019-07-11 09:50:25 -03:00
Bruno Silvestre
d6ba8d21da Update version to 0.8, new rock file 2019-04-16 14:01:52 -03:00
Rosen Penev
79c629956e Get rid of some deprecation warnings with OpenSSL 1.1 2018-11-20 20:12:39 -08:00
Kim Alvefur
6359275c5f Add support for setting DANE TLSA information 2018-09-29 21:38:18 +02:00
Bruno Silvestre
f42c171d55 This mode is available in new versions of OpenSSL, no more check 2018-09-12 17:45:13 -03:00
Bruno Silvestre
706e0f0281 New version of LibreSSL already implement these functions 2018-09-12 17:41:03 -03:00
Bruno Silvestre
d4ea2d12f3 Update reference to Lua state prior to handshake 
The Lua thread that creates the context is saved to be used for
accessing callback related data. However that thread may become garbage
and its memory could be overwritten with anything if the handshake
happens later, in a different thread.

Fixes #75

Thanks @Zash
 2018-09-10 10:49:18 -03:00
Bruno Silvestre
dea60edf4f Add ALPN support based on PR #64 from xnyhps 2018-08-27 15:10:18 -03:00
Bruno Silvestre
d9d0cd620d Free DH parameter right after handshake 2018-07-26 11:21:54 -03:00
Hisham Muhammad
4d10a5a0c0 Use lowercase Windows header name 
This is necessary for cross-compilation of Windows binaries on non-Windows
platforms (and harmless for Windows).
 2018-06-29 10:21:22 -03:00
Bruno Silvestre
de63f21f63 Change version number to 0.7 2018-06-27 10:36:26 -03:00
Bruno Silvestre
2f562e1399 Put an error check back 2017-10-28 09:31:40 -02:00
Bruno Silvestre
7934e58b4b
Merge pull request #99 from daurnimator/luaossl-integration 
Allow passing a luaossl context for socket creation/wrapping
 2017-10-28 09:23:07 -02:00
Bruno Silvestre
0d01b53461 Version number to 0.7alpha 2017-09-26 18:22:49 -03:00
daurnimator
e90a264c93
Allow passing luaossl objects to meth_create() 2017-04-04 13:06:12 +10:00
Bruno Silvestre
31b7a4744b Merge pull request #63 from gleydsonsoares/tweak-OPENSSL_NO_COMP 
simplify OPENSSL_NO_COMP guard
 2017-03-31 14:48:19 -03:00
Bruno Silvestre
6b82fa6104 LuaRocks workaround 2017-03-31 14:40:09 -03:00
Bruno Silvestre
9f6d623ccb proper socket invalidation #70 2017-03-31 14:32:35 -03:00
Bruno Silvestre
4889830d53 Compatibility with OpenSSL 1.1.0 
Defining macros X509_up_ref() and SSL_is_server to use the same
API of OpenSSL 1.1.0.
 2016-09-14 17:47:09 -03:00
Bruno Silvestre
4101af103e Return the number of data read and remove a useless line. 2016-08-03 14:56:07 -03:00
Perry Clarke
5a98bb6adb Fix crash related to incorrect buffer size 
The number of bytes received by ssl_recv() is being passed to luaL_addlstring() (in recvall()) but it was being left either uninitialized or being set to an error code.  The crashing case I found was when the state was not LSEC_STATE_CONNECTED (e.g. when dohandshake() has failed) and ssl_recv() returned immediately without setting "got".
 2016-05-03 16:37:47 -07:00
Bruno Silvestre
20443861eb Update version number and rock file. 2016-03-03 16:11:46 -03:00
Gleydson
27fbd70424 tweak OPENSSL_NO_COMP 2015-11-20 13:22:00 -03:00
Bruno Silvestre
d1fb889547 Version number -> 0.6 alpha 2015-08-21 11:21:16 -03:00
Bruno Silvestre
1ab6fac919 Don't set globals from C. 2015-02-12 16:32:54 -02:00
Bruno Silvestre
97b1974039 Change to luaL_newlib(). 2015-02-06 17:44:08 -02:00
Bruno Silvestre
9cb5220759 Remove luaL_optint() and luaL_checkint(). 2015-02-06 16:53:34 -02:00
Lluixhi Scura
5240c02f3d Changed for strict compiles. 2015-01-16 09:12:14 -08:00
Lluixhi Scura
4c7339cace Fix for LibreSSL/OPENSSL_NO_COMP 2015-01-16 08:55:22 -08:00
Bruno Silvestre
f514e9fb1b Problem on Win64, since double does not represent SOCKET_INVALID exactly. 2014-09-10 14:41:09 -03:00
Bruno Silvestre
84cb83b92f - Add a parameter to server:sni(), so that we can accept an unknown name, using the initial context. 
- Add the method :getsniname() to retrieve the SNI hostname used.
 2014-09-09 21:48:26 -03:00