Commit graph

8 commits

Author SHA1 Message Date
joerg
c022e9a165 Don't use compat code for Lua 5.2+ Bump revision. 2020-08-07 02:05:07 +00:00
mef
04baf85dbf (security/lua-sec) Updated 0.6 to 0.9
--------------------------------------------------------------------------
LuaSec 0.9
---------------
This version includes:

* Add DNS-based Authentication of Named Entities (DANE) support
* Add __close() metamethod
* Fix deprecation warnings with OpenSSL 1.1
* Fix special case listing of TLS 1.3 EC curves
* Fix general_name leak in cert:extensions()
* Fix unexported 'ssl.config' table
* Replace $(LD) with $(CCLD) variable
* Remove multiple definitions of 'ssl_options' variable
* Use tag in git format: v0.9

--------------------------------------------------------------------------
LuaSec 0.8.2
---------------
This version includes:

* Fix unexported 'ssl.config' table (backported)

--------------------------------------------------------------------------
LuaSec 0.8.1
---------------
This version includes:

* Fix general_name leak in cert:extensions() (backported)

--------------------------------------------------------------------------
LuaSec 0.8
---------------
This version includes:

* Add support to ALPN
* Add support to TLS 1.3
* Add support to multiple certificates
* Add timeout to https module (https.TIMEOUT)
* Drop support to SSL 3.0
* Drop support to TLS 1.0 from https module
* Fix invalid reference to Lua state
* Fix memory leak when get certficate extensions

--------------------------------------------------------------------------
LuaSec 0.7.2
---------------
This version includes:

* Fix unexported 'ssl.config' table (backported)

--------------------------------------------------------------------------
LuaSec 0.7.1
---------------
This version includes:

* Fix general_name leak in cert:extensions() (backported)

--------------------------------------------------------------------------
LuaSec 0.7
---------------
LuaSec depends  on OpenSSL, and  integrates with LuaSocket to  make it
easy to add secure connections to any Lua applications or scripts.

Documentation: https://github.com/brunoos/luasec/wiki

This version includes:

* Add support to OpenSSL 1.1.0
* Add support to elliptic curves list
* Add ssl.config that exports some OpenSSL information
* Add integration with luaossl
2020-01-06 23:55:47 +00:00
alnsn
ce67af7320 Update to luasec-0.6. Switch to MASTER_SITE_GITHUB.
Notable changes between 0.5 and 0.6:

Options from OpenSSL 1.0.2f
Use "any" protocol, but SSL.
Merge pull request #20 from Zash/zash/checkissued
    Method for checking if one certificate issued another
Merge pull request #68 from ignacio/master
    Enables building with LuaRocks and MS compilers
Enables building with LuaRocks and MS compilers
Merge pull request #56 from gleydsonsoares/Makefile-tweaks
    Makefile tweaks
Keep 'sslv23' for compability, but deprected. (it will be removed in the next version)
Merge pull request #62 from gleydsonsoares/update_protocol_samples
    add TLS_method / rename "sslv23" to "any" / update protocol samples.
update protocol samples(bring "tlsv1_2" to clients and "any" to servers)
for consistency and readability, rename "sslv23" to "any" since that it is related to {TLS, SSLv23}methods that handles all supported protocols.
add TLS_method(). for now, keep SSLv23_method() for compatibility.
Update samples (using 'tlsv1').
Merge pull request #55 from gleydsonsoares/ifndef-OPENSSL_NO_SSL3
    guard SSLv3_method() with #ifndef OPENSSL_NO_SSL3
Add lsec_testcontext().
bump MACOSX_VERSION
fix typo; s,intall,install,
guard SSLv3_method() with #ifndef OPENSSL_NO_SSL3
Set flags to compile with internal inet_ntop() by default.
Tag "alpha" explicit.
MinGW progress.
Merge pull request #53 from hishamhm/master
Reuse tag in the LuaSec upstream repository.
Merge pull request #26 from Tieske/master
    Update rockspec to fix Windows build
Alternative implementation to inet_ntop() for old versions of Windows.
Do not hardcode ar
added batch files to generate sample certs on Windows
Perform all validation before allocating structures
Validate signatures too.
    API changes to root:issued([intermediate]*, cert)
Fix inet_ntop() on Windows.
Merge branch 'master' of https://github.com/brunoos/luasec
Merge branch 'moteus_rock'
added bindir to lib section, as mingw links against dll's to be found in bindir
updated defines in rockspec
Merge branch 'master' of github.com:Tieske/luasec into moteus_rock
use winsock 2
Don't set globals from C.
Fix unpack().
Stop using module().
Change to luaL_newlib().
Remove luaL_optint() and luaL_checkint().
BSD headers.
Merge pull request #21 from Zash/zash/iPAddress-fix
    iPAddress encoding
Stop if we don't have a string.
Changed for strict compiles.
Fix for LibreSSL/OPENSSL_NO_COMP
Problem on Win64, since double does not represent SOCKET_INVALID exactly.
- Add a parameter to server:sni(), so that we can accept an unknown name, using the initial context.
- Add the method :getsniname() to retrieve the SNI hostname used.
Updated (and renamed) rockspec Windows
Encode iPAddress fields in human readable form
Don't try to encode IP addresses as UTF-8
Return early if ASN1 string is invalid
Push nil if unable to encode ASN1 string as UTF-8
Return human readable error message from cert:issued()
SNI support.
SNI support.
Merge pull request #17 from Zash/zash/checkkey
    Verify that certificate and key belong together
Merge pull request #19 from Zash/zash/pubkey
    Zash/pubkey
Add cert:pubkey() to methods registry
Add cert:issued(leafcert) for checking chains
Check if private key matches cert only if both key and cert are set
Check that certificate matches private key
Add method for extracting public key, type and size from x509 objects
2016-06-04 21:48:11 +00:00
fhajny
e1f7d5bb80 We link with -shared on SunOS. Fixes SunOS/x86_64. Bump PKGREVISION. 2014-04-16 14:07:50 +00:00
fhajny
fea72add10 Update lua-sec to 0.5.
* A new certificate (X509) API, which supports:
   - Reading  the subject  (identity) and  issuer of the certificate.
   - Reading  various X509  extensions, including email  and dnsName.
   - Converting  certificates  to and  from  the  standard ASCII  PEM
     format.
   - Generating the fingerprint/digest of a certificate  (using SHA1,
     SHA256 or SHA512).
   - Reading the  certificate's expiration, serial number,  and other
     info.
 * The ability  to get more  detailed information from  OpenSSL about
   why a certificate failed verification, for each certificate in the
   chain.
 * Flags to  force acceptance of invalid certificates,  e.g. to allow
   the use of self-signed certificates in a Trust On First Use model.
 * Flags to control checking CRLs for certificate revocation status.
 * Support for ECDH cipher suites.
 * An API  to get the TLS  'finished' messages used  for SASL channel
   binding (e.g. the SCRAM PLUS mechanisms).
2014-04-07 20:14:48 +00:00
joerg
4e3d5d007f Pass rpath options with correct -Wl prefix. 2013-10-20 17:56:02 +00:00
fhajny
8a3fb5921e Fix build on SunOS. Define LUA_COMPAT_MODULE to make this work on lua-5.2. 2013-09-13 14:32:19 +00:00
fhajny
ca3186fe10 Import lua-sec-0.4 as security/lua-sec.
LuaSec is a binding for OpenSSL library to provide TLS/SSL communication.
This version delegates to LuaSocket the TCP connection establishment
between the client and server. Then LuaSec uses this connection to start
a secure TLS/SSL session.

(Based on wip/luasec.)
2010-09-21 10:45:56 +00:00