luasec

mirror of https://github.com/brunoos/luasec.git synced 2024-07-09 14:39:47 +02:00

History

Matthew Wild 4cecbb2783 ssl: Add :getlocalchain() + :getlocalcertificate() to mirror the peer methods These methods mirror the existing methods that fetch the peer certificate and chain. Due to various factors (SNI, multiple key types, etc.) it is not always trivial for an application to determine what certificate was presented to the client. However there are various use-cases where this is needed, such as tls-server-end-point channel binding and OCSP stapling. Requires OpenSSL 1.0.2+ (note: SSL_get_certificate() has existed for a very long time, but was lacking documentation until OpenSSL 3.0).		2022-09-21 18:40:10 +01:00
..
alpn	Add ALPN support based on PR #64 from xnyhps	2018-08-27 15:10:18 -03:00
certs	Use a more generic form	2019-10-19 10:22:21 -03:00
chain	ssl: Add :getlocalchain() + :getlocalcertificate() to mirror the peer methods	2022-09-21 18:40:10 +01:00
curve-negotiation	Add support for the new curve selection API.	2017-02-26 00:16:24 +01:00
dane	Add sample DANE usage	2018-10-06 19:37:43 +02:00
dhparam	Use a more generic form	2019-10-19 10:12:20 -03:00
digest	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
ecdh	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
info	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
key	Use a more generic form	2019-10-19 10:22:21 -03:00
loop	Make memory leak reproducible in loop sample	2018-11-19 16:00:20 +01:00
loop-gc	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
luaossl	Add example of luaossl integration	2017-04-04 13:07:48 +10:00
multicert	Use a more generic form	2019-10-19 10:22:21 -03:00
oneshot	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
sni	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
verification	Update samples (using 'tlsv1').	2015-11-12 19:04:37 -02:00
verify	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
want	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
wantread	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
wantwrite	update protocol samples(bring "tlsv1_2" to clients and "any" to servers)	2015-11-17 20:39:05 -03:00
README	README for samples updated	2019-02-26 16:06:17 -03:00

README

Directories: 
------------
* alpn
 Test ALPN (Application-Layer Protocol Negotiation) support.

* certs
 Contains scripts to generate the certificates used by the examples.
 Generate Root CA 'A' and 'B' first, then the servers and clients.

* chain
 Example of certificate chain in handshake.

* curve-negotiation
 Elliptic curve negotiation.

* dhparam
 DH parameters for handshake.

* digest
 Certificate digest.

* ecdh
 Elliptic curve cipher.

* info
 Information about the connection.

* key
 Test encrypted private key.

* loop
 Test successive connections between the server and the client 
 (to check memory leak).

* loop-gc
 Same of above,  but the connection is not  explicit closed, the gabage
 collector is encharge of that.

* luaossl
 Integration with luaossl.

* multicert
 Support to multiple certificate for dual RSA/ECDSA.

* oneshot
 A simple connection example.

* sni
 Support to SNI (Server Name Indication).

* verification
 Retrieve the certificate verification errors from the handshake.

* verify
 Ignore handshake errors and proceed.

* want
 Test want() method.

* wantread
 Test timeout in handshake() and receive().

* wantwrite
 Test timeout in send().