Mercurial > luasec-hg / changelog

context: Add no_compression for OpenSSL 0.9.8 as well default tip

• Sat, 17 Dec 2011 10:30:58 -0800
• by Paul Aurich <paul@darkrain42.org> [Sat, 17 Dec 2011 10:30:58 -0800] rev 45
• context: Add no_compression for OpenSSL 0.9.8 as well
  
  Since OpenSSL 0.9.8 doesn't have SSL_OP_NO_COMPRESSION, this is
  implemented by simplying NULLing out the SSL_CTX->comp_methods stack.

ssl: Add a missing call to setciphers()

• Tue, 05 Jul 2011 18:12:17 -0700
• by Paul Aurich <paul@darkrain42.org> [Tue, 05 Jul 2011 18:12:17 -0700] rev 44
• ssl: Add a missing call to setciphers()

context: Clean up some warnings

• Sun, 03 Jul 2011 13:13:36 -0700
• by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 43
• context: Clean up some warnings

context: Support ECDH cipher suites, where applicable

• Sun, 03 Jul 2011 13:13:36 -0700
• by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 42
• context: Support ECDH cipher suites, where applicable

Fix the verification function so it doesn't pass for everyone on invalid purpose errors.

• Sun, 03 Jul 2011 13:13:36 -0700
• by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 41
• Fix the verification function so it doesn't pass for everyone on invalid purpose errors.
  
  Inspiration and code partially from Matthew

ssl: Fix indentation (not sure how this happened)

• Sun, 03 Jul 2011 13:13:36 -0700
• by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 40
• ssl: Fix indentation (not sure how this happened)

ssl: ssl.h needs to include socket.h

• Sun, 05 Dec 2010 23:50:19 -0800
• by Paul Aurich <paul@darkrain42.org> [Sun, 05 Dec 2010 23:50:19 -0800] rev 39
• ssl: ssl.h needs to include socket.h

Clean up the ex_data callers

• Sun, 05 Dec 2010 23:45:57 -0800
• by Paul Aurich <paul@darkrain42.org> [Sun, 05 Dec 2010 23:45:57 -0800] rev 38
• Clean up the ex_data callers
  The best explanation I can come up with here is that I totally missed the existence of SSL_[gs]et_ex_data...

ssl: getpeercertificate(n) and getpeerchain()

• Sun, 05 Dec 2010 23:45:10 -0800
• by Paul Aurich <paul@darkrain42.org> [Sun, 05 Dec 2010 23:45:10 -0800] rev 37
• ssl: getpeercertificate(n) and getpeerchain()

context.c: Add crl_check and crl_check_chain verify options

• Sun, 12 Dec 2010 22:21:36 +0000
• by Matthew Wild <mwild1@gmail.com> [Sun, 12 Dec 2010 22:21:36 +0000] rev 36
• context.c: Add crl_check and crl_check_chain verify options

x509.c: Fix parameter index to cert:digest()

• Sun, 28 Nov 2010 18:03:49 +0000
• by Matthew Wild <mwild1@gmail.com> [Sun, 28 Nov 2010 18:03:49 +0000] rev 35
• x509.c: Fix parameter index to cert:digest()

verify: Flag to ignore 'invalid purpose' errors on end cert

• Sun, 21 Nov 2010 20:14:31 -0800
• by Paul Aurich <paul@darkrain42.org> [Sun, 21 Nov 2010 20:14:31 -0800] rev 34
• verify: Flag to ignore 'invalid purpose' errors on end cert

x509: Flesh out the SAN types

• Sat, 20 Nov 2010 20:04:11 -0800
• by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 33
• x509: Flesh out the SAN types

imported patch whitespace

• Sat, 20 Nov 2010 20:04:11 -0800
• by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 32
• imported patch whitespace

ssl.core: Add __tostring metamethod

• Sat, 20 Nov 2010 20:04:11 -0800
• by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 31
• ssl.core: Add __tostring metamethod

ssl.core, context: Add ability to verify and continue, retrieve verification result

• Sat, 20 Nov 2010 20:04:11 -0800
• by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 30
• ssl.core, context: Add ability to verify and continue, retrieve verification result

x509: Fix fencepost error in push_x509_name

• Sat, 20 Nov 2010 20:04:11 -0800
• by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 29
• x509: Fix fencepost error in push_x509_name

context: support for diffie-hellman key exchange

• Sat, 20 Nov 2010 20:04:11 -0800
• by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 28
• context: support for diffie-hellman key exchange

x509: valid_at matches "not after" and "not before"

• Sun, 07 Nov 2010 17:12:33 -0800
• by Paul Aurich <paul@darkrain42.org> [Sun, 07 Nov 2010 17:12:33 -0800] rev 27
• x509: valid_at matches "not after" and "not before"

x509: Add ssl.cert_from_pem()

• Sat, 06 Nov 2010 15:33:26 +0000
• by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 15:33:26 +0000] rev 26
• x509: Add ssl.cert_from_pem()

x509: Add __gc to free X509 object on destruction

• Sat, 06 Nov 2010 13:04:09 +0000
• by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 13:04:09 +0000] rev 25
• x509: Add __gc to free X509 object on destruction

x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp

• Sat, 06 Nov 2010 01:10:01 +0000
• by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 01:10:01 +0000] rev 24
• x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp

x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order

• Sat, 06 Nov 2010 00:39:17 +0000
• by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 00:39:17 +0000] rev 23
• x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order

x509: Split :decode() method into two methods, :subject() and :extensions()

• Fri, 05 Nov 2010 23:59:34 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:59:34 +0000] rev 22
• x509: Split :decode() method into two methods, :subject() and :extensions()

Remove min() macro from ssl.c

• Fri, 05 Nov 2010 23:14:54 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:14:54 +0000] rev 21
• Remove min() macro from ssl.c

Move asn1 Lua stack helpers to x509.c from ssl.c

• Fri, 05 Nov 2010 23:12:50 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:12:50 +0000] rev 20
• Move asn1 Lua stack helpers to x509.c from ssl.c

src/ssl.c: Include x509.h to shush compiler warning

• Fri, 05 Nov 2010 23:11:38 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:11:38 +0000] rev 19
• src/ssl.c: Include x509.h to shush compiler warning

x509: Whitespace tweaking

• Fri, 05 Nov 2010 22:54:04 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 22:54:04 +0000] rev 18
• x509: Whitespace tweaking

x509: Add :digest() method to return cert sha1 fingerprint

• Fri, 05 Nov 2010 22:17:40 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 22:17:40 +0000] rev 17
• x509: Add :digest() method to return cert sha1 fingerprint

Add :pem() method to certificates

• Fri, 05 Nov 2010 21:25:30 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 21:25:30 +0000] rev 16
• Add :pem() method to certificates

src/x509.c: Fix compiler warning, return module table

• Fri, 05 Nov 2010 21:25:13 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 21:25:13 +0000] rev 15
• src/x509.c: Fix compiler warning, return module table

Split X509 decoding into a separate module, ssl.x509

• Fri, 05 Nov 2010 20:48:06 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 20:48:06 +0000] rev 14
• Split X509 decoding into a separate module, ssl.x509

src/ssl.c: Fix minor typo and whitespace

• Fri, 05 Nov 2010 20:47:20 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 20:47:20 +0000] rev 13
• src/ssl.c: Fix minor typo and whitespace

Whitespace fixes

• Fri, 05 Nov 2010 16:43:22 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 16:43:22 +0000] rev 12
• Whitespace fixes

Refactoring of :getpeercertificate(), support for subjectAltName extensions

• Fri, 05 Nov 2010 16:38:10 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 16:38:10 +0000] rev 11
• Refactoring of :getpeercertificate(), support for subjectAltName extensions

Insert subject entries into the correct table in the cert

• Fri, 05 Nov 2010 02:22:20 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:22:20 +0000] rev 10
• Insert subject entries into the correct table in the cert

Whitespace fix for clarity

• Fri, 05 Nov 2010 02:21:55 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:21:55 +0000] rev 9
• Whitespace fix for clarity

Fix to remove duplicated table on the stack, causing the 'trusted' flag to disappear from the returned cert

• Fri, 05 Nov 2010 02:21:39 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:21:39 +0000] rev 8
• Fix to remove duplicated table on the stack, causing the 'trusted' flag to disappear from the returned cert

Modify :getpeercertificate() to return a decoded certificate (subject only at the moment)

• Fri, 05 Nov 2010 02:17:23 +0000
• by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:17:23 +0000] rev 7
• Modify :getpeercertificate() to return a decoded certificate (subject only at the moment)

Add :getpeerfinished() connection method to get peer's TLS Finished message

• Fri, 08 Oct 2010 21:12:48 +0100
• by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:12:48 +0100] rev 6
• Add :getpeerfinished() connection method to get peer's TLS Finished message

Add :getfinished() method to get local TLS Finished message

• Fri, 08 Oct 2010 21:12:22 +0100
• by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:12:22 +0100] rev 5
• Add :getfinished() method to get local TLS Finished message

Add :getpeercertificate() method to get peer's certificate

• Fri, 08 Oct 2010 21:11:25 +0100
• by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:11:25 +0100] rev 4
• Add :getpeercertificate() method to get peer's certificate

Add :compression() connection method to get the compression method in use (if any)

• Fri, 08 Oct 2010 21:09:39 +0100
• by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:09:39 +0100] rev 3
• Add :compression() connection method to get the compression method in use (if any)

ssl.c: Set SSL_MODE_RELEASE_BUFFERS mode when supported

• Sat, 24 Jul 2010 20:10:15 +0100
• by Matthew Wild <mwild1@gmail.com> [Sat, 24 Jul 2010 20:10:15 +0100] rev 2
• ssl.c: Set SSL_MODE_RELEASE_BUFFERS mode when supported

context.c: Add no_compression option for when supported

• Sat, 24 Jul 2010 20:09:33 +0100
• by Matthew Wild <mwild1@gmail.com> [Sat, 24 Jul 2010 20:09:33 +0100] rev 1
• context.c: Add no_compression option for when supported

Initial commit (LuaSec 0.4)

• Sat, 24 Jul 2010 13:40:16 +0100
• by Matthew Wild <mwild1@gmail.com> [Sat, 24 Jul 2010 13:40:16 +0100] rev 0
• Initial commit (LuaSec 0.4)