Update source protocol on rockspec

Update rockspec
Update version number
2025-07-18 06:49:49 +02:00 · 2022-04-13 10:46:36 -03:00 · 2022-04-13 10:38:18 -03:00 · 2022-04-13 10:35:06 -03:00 · 2022-04-04 15:48:22 -03:00 · 2022-01-05 09:35:10 -03:00
21 changed files with 124 additions and 468 deletions
--- a/19
+++ b/19
@ -1,3 +1,22 @@
 --------------------------------------------------------------------------------
 LuaSec 1.1.0
 ---------------
 This version includes:
 * Fix missing DANE flag
 * Remove unused parameter in https.lua
 --------------------------------------------------------------------------------
 LuaSec 1.0.2
 ---------------
 This version includes:
 * Fix handle SSL_send SYSCALL error without errno
 * Fix off by one in cert:validat(notafter)
 * Fix meth_get_{sinagure => signature}_name function name
 * Fix update the Lua state reference on the selected SSL context after SNI
 * Fix ignore SSL_OP_BIT(n) macro and update option.c
 --------------------------------------------------------------------------------
 LuaSec 1.0.1
 ---------------
--- a/4
+++ b/4
@ -1,9 +1,9 @@
-LuaSec 1.0.1
+LuaSec 1.1.0
 ------------
 * OpenSSL options:
-    By default, this version includes options for OpenSSL 1.1.1.
+    By default, this version includes options for OpenSSL 3.0.0 beta2
    If you need to generate the options for a different version of OpenSSL:
--- a/4
+++ b/4
@ -1,5 +1,5 @@
-LuaSec 1.0.1 license
+LuaSec 1.1.0 license
-Copyright (C) 2006-2021 Bruno Silvestre, UFG
+Copyright (C) 2006-2022 Bruno Silvestre, UFG
 Permission is hereby granted, free  of charge, to any person obtaining
 a  copy  of this  software  and  associated  documentation files  (the
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-LuaSec 1.0.1
+LuaSec 1.1.0
 ===============
 LuaSec depends  on OpenSSL, and  integrates with LuaSocket to  make it
 easy to add secure connections to any Lua applications or scripts.
--- a/luasec-1.1.0-1.rockspec
+++ b/luasec-1.1.0-1.rockspec
@ -1,8 +1,8 @@
 package = "LuaSec"
-version = "1.0.1-1"
+version = "1.1.0-1"
 source = {
-  url = "git://github.com/brunoos/luasec",
+  url = "git+https://github.com/brunoos/luasec",
-  tag = "v1.0.1",
+  tag = "v1.1.0",
 }
 description = {
   summary = "A binding for OpenSSL library to provide TLS/SSL communication over LuaSocket.",
--- a/samples/ocsp/client.lua
+++ b/samples/ocsp/client.lua
@ -1,54 +0,0 @@
 --
 -- Public domain
 --
 local socket = require("socket")
 local ssl    = require("ssl")
 local ocsp   = ssl.ocsp
 -- Parameters
 --   * status:
 --     * nil                          (no status was sent by server)
 --     * ocsp.status.successful
 --     * ocsp.status.malformedrequest
 --     * ocsp.status.internalerror
 --     * ocsp.status.trylater
 --     * ocsp.status.sigrequired
 --     * ocsp.status.unauthorized
 --
 -- Returns
 --   * nil: on error
 --   * true: status was accepted (continue the handshake)
 --   * false: status not accepted (handshake stops with error)
 --
 local callback = function(status)
  print("Status: ", status)
  print("---")
  if status == nil then
    print("[WARN] No OCSP response")
    return true
  end
  return (status == ocsp.status.successful)
 end
 local params = {
   mode     = "client",
   protocol = "tlsv1_2",
   verify   = "none",
   options  = "all",
   ocsp     = callback,
 }
 while true do
  local peer = socket.tcp()
  peer:connect("127.0.0.1", 8443)
  peer = assert(ssl.wrap(peer, params))
  assert(peer:dohandshake())
  print(peer:receive())
  print("------------")
  peer:close()
 end
--- a/samples/ocsp/server.lua
+++ b/samples/ocsp/server.lua
@ -1,89 +0,0 @@
 --
 -- Public domain
 --
 local socket = require("socket")
 local ssl    = require("ssl")
 local mime   = require("mime")
 local ltn12  = require("ltn12")
 local http   = require("socket.http")
 local ocsp   = ssl.ocsp
 --------------------------------------------------------------------------------
 local response
 function loadresponse(certfile, cafile)
  local f = io.open(cafile)
  local ca = f:read("*a")
  ca = ssl.loadcertificate(ca)
  f:close()
  f = io.open(certfile)
  local cert = f:read("*a")
  cert = ssl.loadcertificate(cert)
  f:close()
  local res = {}
  local req = ocsp.buildrequest(cert, ca)
  req = mime.b64(req)
  local a, b = http.request {
    url = "http://zerossl.ocsp.sectigo.com/" .. req,
    method = "GET",
    sink = ltn12.sink.table(res),
    header = {
      ["Content-Type"] = "application/ocsp-request",
      ["Host"] = "zerossl.ocsp.sectigo.com",
    },
  }
  response = table.concat(res)
  local thisupd, nextupd = ocsp.responsetime(response)
  print("This update: ", thisupd)
  print("Next update: ", nextupd)
 end
 --------------------------------------------------------------------------------
 local cafile = "ca.pem"
 local certfile = "server.pem"
 -- Remember to update 'response' before 'next update'
 local callback = function()
  if not response then
    loadresponse(certfile, cafile)
  end
  return response
 end
 local params = {
   mode = "server",
   protocol = "any",
   key = "server.key",
   certificate = certfile,
   verify = "none",
   options = "all",
   ocsp = callback,
 }
 --------------------------------------------------------------------------------
 local ctx = assert(ssl.newcontext(params))
 local server = socket.tcp()
 server:setoption('reuseaddr', true)
 assert(server:bind("127.0.0.1", 8443))
 server:listen()
 while true do
  local peer = server:accept()
  peer = assert(ssl.wrap(peer, ctx))
  local succ = peer:dohandshake()
  if succ then
    peer:send("OCSP test\n")
    peer:close()
  end
 end
--- a/src/compat.h
+++ b/src/compat.h
@ -1,7 +1,7 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre
+ * Copyright (C) 2006-2022 Bruno Silvestre
 *
 *--------------------------------------------------------------------------*/
--- a/src/config.c
+++ b/src/config.c
@ -1,7 +1,7 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre.
+ * Copyright (C) 2006-2022 Bruno Silvestre.
 *
 *--------------------------------------------------------------------------*/
@ -77,14 +77,14 @@ LSEC_API int luaopen_ssl_config(lua_State *L)
 #ifdef LSEC_ENABLE_DANE
  // DANE
  lua_pushstring(L, "dane");
 #ifdef DANE_FLAG_NO_DANE_EE_NAMECHECKS
  lua_createtable(L, 0, 1);
  lua_pushstring(L, "no_ee_namechecks");
  lua_pushboolean(L, 1);
  lua_rawset(L, -3);
-#endif
+#else
 #ifndef OPENSSL_NO_OCSP
  // OCSP
  lua_pushstring(L, "ocsp");
  lua_pushboolean(L, 1);
 #endif
  lua_rawset(L, -3);
 #endif
--- a/src/context.c
+++ b/src/context.c
@ -1,9 +1,9 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2014-2021 Kim Alvefur, Paul Aurich, Tobias Markmann, 
+ * Copyright (C) 2014-2022 Kim Alvefur, Paul Aurich, Tobias Markmann, 
 *                         Matthew Wild.
- * Copyright (C) 2006-2021 Bruno Silvestre.
+ * Copyright (C) 2006-2022 Bruno Silvestre.
 *
 *--------------------------------------------------------------------------*/
@ -17,19 +17,15 @@
 #include <openssl/err.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/x509_vfy.h>
 #include <openssl/dh.h>
 #ifndef OPENSSL_NO_OCSP
 #include <openssl/ocsp.h>
 #endif
 #include <lua.h>
 #include <lauxlib.h>
 #include "compat.h"
 #include "context.h"
 #include "options.h"
 #include "x509.h"
 #ifndef OPENSSL_NO_EC
 #include <openssl/ec.h>
@ -712,207 +708,35 @@ static int set_alpn_cb(lua_State *L)
  return 1;
 }
 #ifndef OPENSSL_NO_OCSP
 static int ocsp_server_cb(SSL *ssl, void *arg)
 {
  int len;
  BIO *bio;
  const char *data;
  unsigned char *r = NULL;
  OCSP_RESPONSE *resp = NULL;
  p_context ctx = (p_context)arg;
  lua_State *L = ctx->L;
  // Retrieve the callback
  luaL_getmetatable(L, "SSL:OCSP:Registry");
  lua_pushlightuserdata(L, ctx->context);
  lua_rawget(L, -2);
  lua_call(L, 0, 1);
  if (lua_type(L, -1) != LUA_TSTRING) {
    return SSL_TLSEXT_ERR_NOACK;
  }
  data = lua_tostring(L, -1);
  len  = (int)lua_rawlen(L, -1);
  bio = BIO_new_mem_buf(data, len);
  if (bio == NULL)
    return SSL_TLSEXT_ERR_NOACK;
  resp = d2i_OCSP_RESPONSE_bio(bio, NULL);
  BIO_free(bio);
  if (resp == NULL)
    return SSL_TLSEXT_ERR_NOACK;
  len = i2d_OCSP_RESPONSE(resp, &r);
  if (len <= 0) {
    OCSP_RESPONSE_free(resp);
    return SSL_TLSEXT_ERR_NOACK;
  }
  SSL_set_tlsext_status_ocsp_resp(ssl, r, len);
  OCSP_RESPONSE_free(resp);
  return SSL_TLSEXT_ERR_OK;
 }
 static int ocsp_client_cb(SSL *ssl, void *arg)
 {
  long len;
  const unsigned char *b;
  OCSP_RESPONSE *ocsp = NULL;
  p_context ctx = (p_context)arg;
  lua_State *L = ctx->L;
  // Retrieve the callback
  luaL_getmetatable(L, "SSL:OCSP:Registry");
  lua_pushlightuserdata(L, ctx->context);
  lua_rawget(L, -2);
  len = SSL_get_tlsext_status_ocsp_resp(ssl, &b);
  if (len == -1)
    lua_pushnil(L);
  else {
    ocsp = d2i_OCSP_RESPONSE(NULL, &b, len);
    lua_pushinteger(L, OCSP_response_status(ocsp));
    OCSP_RESPONSE_free(ocsp);
  }
  lua_call(L, 1, 1);
  return (lua_type(L, -1) != LUA_TBOOLEAN) ? -1 : (int)lua_toboolean(L, -1);
 }
 static int set_ocsp_cb(lua_State *L)
 {
  int ret;
  p_context ctx = checkctx(L, 1);
  luaL_getmetatable(L, "SSL:OCSP:Registry");
  lua_pushlightuserdata(L, (void*)ctx->context);
  lua_pushvalue(L, 2);
  lua_settable(L, -3);
  ret = (int)SSL_CTX_set_tlsext_status_type(ctx->context, TLSEXT_STATUSTYPE_ocsp);
  if (ret == 0) {
    lua_pushboolean(L, 0);
    return 1;
  }
  if (ctx->mode == LSEC_MODE_CLIENT)
    ret = (int)SSL_CTX_set_tlsext_status_cb(ctx->context, ocsp_client_cb);
  else
    ret = (int)SSL_CTX_set_tlsext_status_cb(ctx->context, ocsp_server_cb);
  if (ret == 0) {
    lua_pushboolean(L, 0);
    return 1;
  }
  ret = (int)SSL_CTX_set_tlsext_status_arg(ctx->context, ctx);
  lua_pushboolean(L, ret == 1);
  return 1;
 }
 static int ocsp_build_request(lua_State *L)
 {
  long len;
  BIO *bio;
  X509 *cert;
  X509 *issuer;
  OCSP_CERTID *cid;
  OCSP_REQUEST *req;
  char *buf;
  cert = lsec_checkx509(L, 1);
  issuer = lsec_checkx509(L, 2);
  req = OCSP_REQUEST_new();
  if (req == NULL) {
    lua_pushnil(L);
    return 1;
  }
  cid = OCSP_cert_to_id(NULL, cert, issuer);
  if (cid == NULL) {
    lua_pushnil(L);
    return 1;
  }
  if (OCSP_request_add0_id(req, cid) == NULL) {
    lua_pushnil(L);
    return 1;
  }
  bio = BIO_new(BIO_s_mem());
  i2d_OCSP_REQUEST_bio(bio, req);
  len = BIO_get_mem_data(bio, &buf);
  lua_pushlstring(L, buf, len);
  BIO_free(bio);
  OCSP_REQUEST_free(req);
  return 1;
 }
 static int ocsp_response_time(lua_State *L)
 {
  long len;
  BIO *bio;
  char *buf;
  int reason;
  OCSP_BASICRESP *bs;
  OCSP_SINGLERESP *sr;
  OCSP_RESPONSE *res;
  ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd;
  buf = (char*)lua_tostring(L, 1);
  len = (long)lua_rawlen(L, 1);
  res = d2i_OCSP_RESPONSE(NULL, (const unsigned char**)&buf, (int)len);
  if (res == NULL) {
    lua_pushnil(L);
    lua_pushnil(L);
    return 2;
  }
  bs = OCSP_response_get1_basic(res);
  if (bs == NULL) {
    lua_pushnil(L);
    lua_pushnil(L);
    return 2;
  }
  sr = OCSP_resp_get0(bs, 0);
  OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
  bio = BIO_new(BIO_s_mem());
  ASN1_GENERALIZEDTIME_print(bio, thisupd);
  len = BIO_get_mem_data(bio, &buf);
  lua_pushlstring(L, buf, len);
  BIO_free(bio);
  bio = BIO_new(BIO_s_mem());
  ASN1_GENERALIZEDTIME_print(bio, nextupd);
  len = BIO_get_mem_data(bio, &buf);
  lua_pushlstring(L, buf, len);
  BIO_free(bio);
  OCSP_BASICRESP_free(bs);
  OCSP_RESPONSE_free(res);
  return 2;
 }
 #endif
 #if defined(LSEC_ENABLE_DANE)
 /*
 * DANE
 */
 static int dane_options[] = {
  /* TODO move into options.c
   * however this symbol is not from openssl/ssl.h but rather from
   * openssl/x509_vfy.h
   * */
 #ifdef DANE_FLAG_NO_DANE_EE_NAMECHECKS
  DANE_FLAG_NO_DANE_EE_NAMECHECKS,
 #endif
  0
 };
 static const char *dane_option_names[] = {
 #ifdef DANE_FLAG_NO_DANE_EE_NAMECHECKS
  "no_ee_namechecks",
 #endif
  NULL
 };
 static int set_dane(lua_State *L)
 {
-  int ret;
+  int ret, i;
  SSL_CTX *ctx = lsec_checkcontext(L, 1);
  ret = SSL_CTX_dane_enable(ctx);
  for (i = 2; ret > 0 && i <= lua_gettop(L); i++) {
    ret = SSL_CTX_dane_set_flags(ctx, dane_options[luaL_checkoption(L, i, NULL, dane_option_names)]);
  }
  lua_pushboolean(L, (ret > 0));
  return 1;
 }
@ -942,9 +766,6 @@ static luaL_Reg funcs[] = {
 #endif
 #if defined(LSEC_ENABLE_DANE)
  {"setdane",         set_dane},
 #endif
 #if !defined(OPENSSL_NO_OCSP)
  {"setocspcb",       set_ocsp_cb},
 #endif
  {NULL, NULL}
 };
@ -971,10 +792,6 @@ static int meth_destroy(lua_State *L)
    lua_pushlightuserdata(L, (void*)ctx->context);
    lua_pushnil(L);
    lua_settable(L, -3);
    luaL_getmetatable(L, "SSL:OCSP:Registry");
    lua_pushlightuserdata(L, (void*)ctx->context);
    lua_pushnil(L);
    lua_settable(L, -3);
    SSL_CTX_free(ctx->context);
    ctx->context = NULL;
@ -1112,55 +929,6 @@ void *lsec_testudata (lua_State *L, int ud, const char *tname) {
 /*------------------------------ Initialization ------------------------------*/
 #ifndef OPENSSL_NO_OCSP
 struct ocsp_status_response_s {
  const char *name;
  int value;
 };
 typedef struct ocsp_status_response_s ocsp_status_response_t;
 static ocsp_status_response_t status_response[] = {
  {"successful",       OCSP_RESPONSE_STATUS_SUCCESSFUL},
  {"malformedrequest", OCSP_RESPONSE_STATUS_MALFORMEDREQUEST},
  {"internalerror",    OCSP_RESPONSE_STATUS_INTERNALERROR},
  {"trylater",         OCSP_RESPONSE_STATUS_TRYLATER},
  {"sigrequired",      OCSP_RESPONSE_STATUS_SIGREQUIRED},
  {"unauthorized",     OCSP_RESPONSE_STATUS_UNAUTHORIZED},
  {NULL, 0}
 };
 static luaL_Reg ocsp_funcs[] = {
  {"buildrequest", ocsp_build_request},
  {"responsetime", ocsp_response_time},
  {NULL, NULL}
 };
 /**
 * OCSP module
 */
 LSEC_API int luaopen_ssl_context_ocsp(lua_State *L)
 {
  ocsp_status_response_t *ptr;
  luaL_newlib(L, ocsp_funcs);
  lua_pushstring(L, "status");
  lua_newtable(L);
  for (ptr = status_response; ptr->name; ptr++) {
    lua_pushstring(L, ptr->name);
    lua_pushinteger(L, ptr->value);
    lua_rawset(L, -3);
  }
  lua_rawset(L, -3);
  return 1;
 }
 #endif
 //------------------------------------------------------------------------------
 /**
 * Registre the module.
 */
@ -1169,7 +937,6 @@ LSEC_API int luaopen_ssl_context(lua_State *L)
  luaL_newmetatable(L, "SSL:DH:Registry");      /* Keep all DH callbacks   */
  luaL_newmetatable(L, "SSL:ALPN:Registry");    /* Keep all ALPN callbacks */
  luaL_newmetatable(L, "SSL:Verify:Registry");  /* Keep all verify flags   */
  luaL_newmetatable(L, "SSL:OCSP:Registry");    /* Keep all OCSP callbacks */
  luaL_newmetatable(L, "SSL:Context");
  setfuncs(L, meta);
--- a/src/context.h
+++ b/src/context.h
@ -2,9 +2,9 @@
 #define LSEC_CONTEXT_H
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre
+ * Copyright (C) 2006-2022 Bruno Silvestre
 *
 *--------------------------------------------------------------------------*/
--- a/src/ec.h
+++ b/src/ec.h
@ -1,7 +1,7 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre
+ * Copyright (C) 2006-2022 Bruno Silvestre
 *
 *--------------------------------------------------------------------------*/
--- a/src/https.lua
+++ b/src/https.lua
@ -1,6 +1,6 @@
 ----------------------------------------------------------------------------
-- LuaSec 1.0.1
+-- LuaSec 1.1.0
-- Copyright (C) 2009-2021 PUC-Rio
+-- Copyright (C) 2009-2022 PUC-Rio
 --
 -- Author: Pablo Musa
 -- Author: Tomas Guisasola
@ -18,8 +18,8 @@ local try    = socket.try
 -- Module
 --
 local _M = {
-  _VERSION   = "1.0.1",
+  _VERSION   = "1.1.0",
-  _COPYRIGHT = "LuaSec 1.0.1 - Copyright (C) 2009-2021 PUC-Rio",
+  _COPYRIGHT = "LuaSec 1.1.0 - Copyright (C) 2009-2022 PUC-Rio",
  PORT       = 443,
  TIMEOUT    = 60
 }
@ -93,7 +93,7 @@ local function tcp(params)
         self.sock:sni(host)
         self.sock:settimeout(_M.TIMEOUT)
         try(self.sock:dohandshake())
-         reg(self, getmetatable(self.sock))
+         reg(self)
         return 1
      end
      return conn
--- a/src/options.c
+++ b/src/options.c
@ -1,7 +1,7 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre
+ * Copyright (C) 2006-2022 Bruno Silvestre
 *
 *--------------------------------------------------------------------------*/
@ -13,13 +13,16 @@
 /* 
-  OpenSSL version: OpenSSL 1.1.1
+  OpenSSL version: OpenSSL 3.0.0-beta2
 */
 static lsec_ssl_option_t ssl_options[] = {
 #if defined(SSL_OP_ALL)
  {"all", SSL_OP_ALL},
 #endif
 #if defined(SSL_OP_ALLOW_CLIENT_RENEGOTIATION)
  {"allow_client_renegotiation", SSL_OP_ALLOW_CLIENT_RENEGOTIATION},
 #endif
 #if defined(SSL_OP_ALLOW_NO_DHE_KEX)
  {"allow_no_dhe_kex", SSL_OP_ALLOW_NO_DHE_KEX},
 #endif
@ -32,21 +35,33 @@ static lsec_ssl_option_t ssl_options[] = {
 #if defined(SSL_OP_CISCO_ANYCONNECT)
  {"cisco_anyconnect", SSL_OP_CISCO_ANYCONNECT},
 #endif
 #if defined(SSL_OP_CLEANSE_PLAINTEXT)
  {"cleanse_plaintext", SSL_OP_CLEANSE_PLAINTEXT},
 #endif
 #if defined(SSL_OP_COOKIE_EXCHANGE)
  {"cookie_exchange", SSL_OP_COOKIE_EXCHANGE},
 #endif
 #if defined(SSL_OP_CRYPTOPRO_TLSEXT_BUG)
  {"cryptopro_tlsext_bug", SSL_OP_CRYPTOPRO_TLSEXT_BUG},
 #endif
 #if defined(SSL_OP_DISABLE_TLSEXT_CA_NAMES)
  {"disable_tlsext_ca_names", SSL_OP_DISABLE_TLSEXT_CA_NAMES},
 #endif
 #if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
  {"dont_insert_empty_fragments", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
 #endif
 #if defined(SSL_OP_ENABLE_KTLS)
  {"enable_ktls", SSL_OP_ENABLE_KTLS},
 #endif
 #if defined(SSL_OP_ENABLE_MIDDLEBOX_COMPAT)
  {"enable_middlebox_compat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT},
 #endif
 #if defined(SSL_OP_EPHEMERAL_RSA)
  {"ephemeral_rsa", SSL_OP_EPHEMERAL_RSA},
 #endif
 #if defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
  {"ignore_unexpected_eof", SSL_OP_IGNORE_UNEXPECTED_EOF},
 #endif
 #if defined(SSL_OP_LEGACY_SERVER_CONNECT)
  {"legacy_server_connect", SSL_OP_LEGACY_SERVER_CONNECT},
 #endif
@ -89,6 +104,9 @@ static lsec_ssl_option_t ssl_options[] = {
 #if defined(SSL_OP_NO_ENCRYPT_THEN_MAC)
  {"no_encrypt_then_mac", SSL_OP_NO_ENCRYPT_THEN_MAC},
 #endif
 #if defined(SSL_OP_NO_EXTENDED_MASTER_SECRET)
  {"no_extended_master_secret", SSL_OP_NO_EXTENDED_MASTER_SECRET},
 #endif
 #if defined(SSL_OP_NO_QUERY_MTU)
  {"no_query_mtu", SSL_OP_NO_QUERY_MTU},
 #endif
--- a/src/options.h
+++ b/src/options.h
@ -2,9 +2,9 @@
 #define LSEC_OPTIONS_H
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre
+ * Copyright (C) 2006-2022 Bruno Silvestre
 *
 *--------------------------------------------------------------------------*/
--- a/src/options.lua
+++ b/src/options.lua
@ -4,7 +4,7 @@ local function usage()
  print("  lua options.lua -g /path/to/ssl.h [version] > options.c")
  print("* Examples:")
  print("  lua options.lua -g /usr/include/openssl/ssl.h > options.c\n")
-  print("  lua options.lua -g /usr/include/openssl/ssl.h \"OpenSSL 1.0.1 14\" > options.c\n")
+  print("  lua options.lua -g /usr/include/openssl/ssl.h \"OpenSSL 1.1.1f\" > options.c\n")
  print("* List options of your system:")
  print("  lua options.lua -l /path/to/ssl.h\n")
@ -18,9 +18,9 @@ end
 local function generate(options, version)
  print([[
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre
+ * Copyright (C) 2006-2022 Bruno Silvestre
 *
 *--------------------------------------------------------------------------*/
@ -60,11 +60,14 @@ local function loadoptions(file)
  local options = {}
  local f = assert(io.open(file, "r"))
  for line in f:lines() do
-    local op = string.match(line, "define%s+(SSL_OP_%S+)")
+    local op = string.match(line, "define%s+(SSL_OP_BIT%()")
    if not op then
      op = string.match(line, "define%s+(SSL_OP_%S+)")
      if op then
        table.insert(options, op)
      end
    end
  end
  table.sort(options, function(a,b) return a<b end)
  return options
 end
--- a/src/ssl.c
+++ b/src/ssl.c
@ -1,9 +1,9 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2014-2021 Kim Alvefur, Paul Aurich, Tobias Markmann, 
+ * Copyright (C) 2014-2022 Kim Alvefur, Paul Aurich, Tobias Markmann, 
 *                         Matthew Wild.
- * Copyright (C) 2006-2021 Bruno Silvestre.
+ * Copyright (C) 2006-2022 Bruno Silvestre.
 *
 *--------------------------------------------------------------------------*/
@ -747,6 +747,8 @@ static int sni_cb(SSL *ssl, int *ad, void *arg)
  lua_pop(L, 4);
  /* Found, use this context */
  if (newctx) {
    p_context pctx = (p_context)SSL_CTX_get_app_data(newctx);
    pctx->L = L;
    SSL_set_SSL_CTX(ssl, newctx);
    return SSL_TLSEXT_ERR_OK;
  }
@ -824,7 +826,7 @@ static int meth_getalpn(lua_State *L)
 static int meth_copyright(lua_State *L)
 {
-  lua_pushstring(L, "LuaSec 1.0.1 - Copyright (C) 2006-2021 Bruno Silvestre, UFG"
+  lua_pushstring(L, "LuaSec 1.1.0 - Copyright (C) 2006-2022 Bruno Silvestre, UFG"
 #if defined(WITH_LUASOCKET)
                    "\nLuaSocket 3.0-RC1 - Copyright (C) 2004-2013 Diego Nehab"
 #endif
--- a/src/ssl.h
+++ b/src/ssl.h
@ -2,9 +2,9 @@
 #define LSEC_SSL_H
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2006-2021 Bruno Silvestre
+ * Copyright (C) 2006-2022 Bruno Silvestre
 *
 *--------------------------------------------------------------------------*/
--- a/src/ssl.lua
+++ b/src/ssl.lua
@ -1,7 +1,7 @@
 ------------------------------------------------------------------------------
-- LuaSec 1.0.1
+-- LuaSec 1.1.0
 --
-- Copyright (C) 2006-2021 Bruno Silvestre
+-- Copyright (C) 2006-2022 Bruno Silvestre
 --
 ------------------------------------------------------------------------------
@ -10,11 +10,6 @@ local context = require("ssl.context")
 local x509    = require("ssl.x509")
 local config  = require("ssl.config")
 local ocsp
 if config.capabilities.ocsp then
  ocsp = require("ssl.context.ocsp")
 end
 local unpack  = table.unpack or unpack
 -- We must prevent the contexts to be collected before the connections,
@ -207,15 +202,11 @@ local function newcontext(cfg)
   end
   if config.capabilities.dane and cfg.dane then
      if type(cfg.dane) == "table" then
         context.setdane(ctx, unpack(cfg.dane))
      else
         context.setdane(ctx)
      end
   if config.capabilities.ocsp and cfg.ocsp then
      msg  = "error setting OCSP"
      succ = type(cfg.ocsp) == "function"
      if not succ then return nil, msg end
      succ = context.setocspcb(ctx, cfg.ocsp)
      if not succ then return nil, msg end
   end
   return ctx
@ -284,10 +275,9 @@ core.setmethod("info", info)
 --
 local _M = {
-  _VERSION        = "1.0.1",
+  _VERSION        = "1.1.0",
  _COPYRIGHT      = core.copyright(),
  config          = config,
  ocsp            = ocsp,
  loadcertificate = x509.load,
  newcontext      = newcontext,
  wrap            = wrap,
--- a/src/x509.c
+++ b/src/x509.c
@ -1,7 +1,7 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2014-2021 Kim Alvefur, Paul Aurich, Tobias Markmann
+ * Copyright (C) 2014-2022 Kim Alvefur, Paul Aurich, Tobias Markmann
 *                         Matthew Wild, Bruno Silvestre.
 *
 *--------------------------------------------------------------------------*/
@ -658,7 +658,7 @@ static int meth_set_encode(lua_State* L)
 /**
 * Get signature name.
 */
-static int meth_get_sinagure_name(lua_State* L)
+static int meth_get_signature_name(lua_State* L)
 {
  p_x509 px = lsec_checkp_x509(L, 1);
  int nid = X509_get_signature_nid(px->cert);
@ -698,7 +698,7 @@ static luaL_Reg methods[] = {
  {"digest",     meth_digest},
  {"setencode",  meth_set_encode},
  {"extensions", meth_extensions},
-  {"getsignaturename", meth_get_sinagure_name},
+  {"getsignaturename", meth_get_signature_name},
  {"issuer",     meth_issuer},
  {"notbefore",  meth_notbefore},
  {"notafter",   meth_notafter},
--- a/src/x509.h
+++ b/src/x509.h
@ -1,7 +1,7 @@
 /*--------------------------------------------------------------------------
- * LuaSec 1.0.1
+ * LuaSec 1.1.0
 *
- * Copyright (C) 2014-2021 Kim Alvefur, Paul Aurich, Tobias Markmann
+ * Copyright (C) 2014-2022 Kim Alvefur, Paul Aurich, Tobias Markmann
 *                         Matthew Wild, Bruno Silvestre.
 *
 *--------------------------------------------------------------------------*/
Author	SHA1	Message	Date
Bruno Silvestre	df27c62f4c	Update source protocol on rockspec	2022-04-13 10:46:36 -03:00
Bruno Silvestre	09691fe782	Update rockspec	2022-04-13 10:38:18 -03:00
Bruno Silvestre	3a71559e13	Update version number	2022-04-13 10:35:06 -03:00
Bruno Silvestre	3f04fd7529	Removing useless code	2022-04-04 15:48:22 -03:00
Bruno Silvestre	d7161ca026	Merge pull request #179 from Zash/dane_no_hostname Support passing DANE flags	2022-01-05 09:35:10 -03:00
Kim Alvefur	65ee83275b	Support passing DANE flags The only flag at the moment is one that disables name checks, which is needed for certain protocols such as XMPP.	2022-01-01 19:42:09 +01:00
Bruno Silvestre	ef14b27a2c	Update CHANGELOG	2021-08-14 10:28:09 -03:00
Bruno Silvestre	316bea078c	Update version to LuaSec 1.0.2	2021-08-14 10:16:35 -03:00
Bruno Silvestre	79bbc0bc3e	Ignore SSL_OP_BIT(n) macro and update option.c #178	2021-08-02 17:02:44 -03:00
Bruno Silvestre	8cba350f37	Update the Lua state reference on the selected SSL context after SNI Thanks Kim Alvefur	2021-08-02 16:13:12 -03:00
Bruno Silvestre	eedebb2477	Merge pull request #176 from linusg/fix-method-name Fix meth_get_{sinagure => signature}_name function name	2021-07-14 13:05:09 -03:00
Linus Groh	c1e28e9132	Fix meth_get_{sinagure => signature}_name function name	2021-07-10 12:47:53 +01:00