changelog
- Sat, 17 Dec 2011 10:30:58 -0800
- by Paul Aurich <paul@darkrain42.org> [Sat, 17 Dec 2011 10:30:58 -0800] rev 45
- context: Add no_compression for OpenSSL 0.9.8 as well
Since OpenSSL 0.9.8 doesn't have SSL_OP_NO_COMPRESSION, this is
implemented by simplying NULLing out the SSL_CTX->comp_methods stack.
- Tue, 05 Jul 2011 18:12:17 -0700
- by Paul Aurich <paul@darkrain42.org> [Tue, 05 Jul 2011 18:12:17 -0700] rev 44
- ssl: Add a missing call to setciphers()
- Sun, 03 Jul 2011 13:13:36 -0700
- by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 43
- context: Clean up some warnings
- Sun, 03 Jul 2011 13:13:36 -0700
- by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 42
- context: Support ECDH cipher suites, where applicable
- Sun, 03 Jul 2011 13:13:36 -0700
- by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 41
- Fix the verification function so it doesn't pass for everyone on invalid purpose errors.
Inspiration and code partially from Matthew
- Sun, 03 Jul 2011 13:13:36 -0700
- by Paul Aurich <paul@darkrain42.org> [Sun, 03 Jul 2011 13:13:36 -0700] rev 40
- ssl: Fix indentation (not sure how this happened)
- Sun, 05 Dec 2010 23:50:19 -0800
- by Paul Aurich <paul@darkrain42.org> [Sun, 05 Dec 2010 23:50:19 -0800] rev 39
- ssl: ssl.h needs to include socket.h
- Sun, 05 Dec 2010 23:45:57 -0800
- by Paul Aurich <paul@darkrain42.org> [Sun, 05 Dec 2010 23:45:57 -0800] rev 38
- Clean up the ex_data callers
The best explanation I can come up with here is that I totally missed the existence of SSL_[gs]et_ex_data...
- Sun, 05 Dec 2010 23:45:10 -0800
- by Paul Aurich <paul@darkrain42.org> [Sun, 05 Dec 2010 23:45:10 -0800] rev 37
- ssl: getpeercertificate(n) and getpeerchain()
- Sun, 12 Dec 2010 22:21:36 +0000
- by Matthew Wild <mwild1@gmail.com> [Sun, 12 Dec 2010 22:21:36 +0000] rev 36
- context.c: Add crl_check and crl_check_chain verify options
- Sun, 28 Nov 2010 18:03:49 +0000
- by Matthew Wild <mwild1@gmail.com> [Sun, 28 Nov 2010 18:03:49 +0000] rev 35
- x509.c: Fix parameter index to cert:digest()
- Sun, 21 Nov 2010 20:14:31 -0800
- by Paul Aurich <paul@darkrain42.org> [Sun, 21 Nov 2010 20:14:31 -0800] rev 34
- verify: Flag to ignore 'invalid purpose' errors on end cert
- Sat, 20 Nov 2010 20:04:11 -0800
- by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 33
- x509: Flesh out the SAN types
- Sat, 20 Nov 2010 20:04:11 -0800
- by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 32
- imported patch whitespace
- Sat, 20 Nov 2010 20:04:11 -0800
- by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 31
- ssl.core: Add __tostring metamethod
- Sat, 20 Nov 2010 20:04:11 -0800
- by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 30
- ssl.core, context: Add ability to verify and continue, retrieve verification result
- Sat, 20 Nov 2010 20:04:11 -0800
- by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 29
- x509: Fix fencepost error in push_x509_name
- Sat, 20 Nov 2010 20:04:11 -0800
- by Paul Aurich <paul@darkrain42.org> [Sat, 20 Nov 2010 20:04:11 -0800] rev 28
- context: support for diffie-hellman key exchange
- Sun, 07 Nov 2010 17:12:33 -0800
- by Paul Aurich <paul@darkrain42.org> [Sun, 07 Nov 2010 17:12:33 -0800] rev 27
- x509: valid_at matches "not after" and "not before"
- Sat, 06 Nov 2010 15:33:26 +0000
- by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 15:33:26 +0000] rev 26
- x509: Add ssl.cert_from_pem()
- Sat, 06 Nov 2010 13:04:09 +0000
- by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 13:04:09 +0000] rev 25
- x509: Add __gc to free X509 object on destruction
- Sat, 06 Nov 2010 01:10:01 +0000
- by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 01:10:01 +0000] rev 24
- x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
- Sat, 06 Nov 2010 00:39:17 +0000
- by Matthew Wild <mwild1@gmail.com> [Sat, 06 Nov 2010 00:39:17 +0000] rev 23
- x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
- Fri, 05 Nov 2010 23:59:34 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:59:34 +0000] rev 22
- x509: Split :decode() method into two methods, :subject() and :extensions()
- Fri, 05 Nov 2010 23:14:54 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:14:54 +0000] rev 21
- Remove min() macro from ssl.c
- Fri, 05 Nov 2010 23:12:50 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:12:50 +0000] rev 20
- Move asn1 Lua stack helpers to x509.c from ssl.c
- Fri, 05 Nov 2010 23:11:38 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 23:11:38 +0000] rev 19
- src/ssl.c: Include x509.h to shush compiler warning
- Fri, 05 Nov 2010 22:54:04 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 22:54:04 +0000] rev 18
- x509: Whitespace tweaking
- Fri, 05 Nov 2010 22:17:40 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 22:17:40 +0000] rev 17
- x509: Add :digest() method to return cert sha1 fingerprint
- Fri, 05 Nov 2010 21:25:30 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 21:25:30 +0000] rev 16
- Add :pem() method to certificates
- Fri, 05 Nov 2010 21:25:13 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 21:25:13 +0000] rev 15
- src/x509.c: Fix compiler warning, return module table
- Fri, 05 Nov 2010 20:48:06 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 20:48:06 +0000] rev 14
- Split X509 decoding into a separate module, ssl.x509
- Fri, 05 Nov 2010 20:47:20 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 20:47:20 +0000] rev 13
- src/ssl.c: Fix minor typo and whitespace
- Fri, 05 Nov 2010 16:43:22 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 16:43:22 +0000] rev 12
- Whitespace fixes
- Fri, 05 Nov 2010 16:38:10 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 16:38:10 +0000] rev 11
- Refactoring of :getpeercertificate(), support for subjectAltName extensions
- Fri, 05 Nov 2010 02:22:20 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:22:20 +0000] rev 10
- Insert subject entries into the correct table in the cert
- Fri, 05 Nov 2010 02:21:55 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:21:55 +0000] rev 9
- Whitespace fix for clarity
- Fri, 05 Nov 2010 02:21:39 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:21:39 +0000] rev 8
- Fix to remove duplicated table on the stack, causing the 'trusted' flag to disappear from the returned cert
- Fri, 05 Nov 2010 02:17:23 +0000
- by Matthew Wild <mwild1@gmail.com> [Fri, 05 Nov 2010 02:17:23 +0000] rev 7
- Modify :getpeercertificate() to return a decoded certificate (subject only at the moment)
- Fri, 08 Oct 2010 21:12:48 +0100
- by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:12:48 +0100] rev 6
- Add :getpeerfinished() connection method to get peer's TLS Finished message
- Fri, 08 Oct 2010 21:12:22 +0100
- by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:12:22 +0100] rev 5
- Add :getfinished() method to get local TLS Finished message
- Fri, 08 Oct 2010 21:11:25 +0100
- by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:11:25 +0100] rev 4
- Add :getpeercertificate() method to get peer's certificate
- Fri, 08 Oct 2010 21:09:39 +0100
- by Tobias Markmann <tm@ayena.de> [Fri, 08 Oct 2010 21:09:39 +0100] rev 3
- Add :compression() connection method to get the compression method in use (if any)
- Sat, 24 Jul 2010 20:10:15 +0100
- by Matthew Wild <mwild1@gmail.com> [Sat, 24 Jul 2010 20:10:15 +0100] rev 2
- ssl.c: Set SSL_MODE_RELEASE_BUFFERS mode when supported
- Sat, 24 Jul 2010 20:09:33 +0100
- by Matthew Wild <mwild1@gmail.com> [Sat, 24 Jul 2010 20:09:33 +0100] rev 1
- context.c: Add no_compression option for when supported
- Sat, 24 Jul 2010 13:40:16 +0100
- by Matthew Wild <mwild1@gmail.com> [Sat, 24 Jul 2010 13:40:16 +0100] rev 0
- Initial commit (LuaSec 0.4)