Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | | | In compat_init we only need to anchor if we use CRYPTO_get_ex_new_index | daurnimator | 2017-08-31 | 1 | -1/+1 | |
| | | | ||||||
* | | | Move away from deprecated X509_CRL_get_* functions when setting values | daurnimator | 2017-08-31 | 1 | -21/+44 | |
| | | | | | | | | | | | | | | | | | | Use X509_CRL_set1_* instead which perform a copy (which means we have to allocate and destroy an ASN1_TIME) Part of #96 | |||||
* | | | Move to key generation *_ex functions. | daurnimator | 2017-08-31 | 1 | -8/+29 | |
| | | | | | | | | | | | | | | | | | | The old functions were deprecated in OpenSSL 1.1.0. Part of #96 | |||||
* | | | Use 'generator' parameter for picking generator for DH keys (rather than ↵ | daurnimator | 2017-08-31 | 3 | -5/+9 | |
| | | | | | | | | | | | | | | | | | | 'exp'). Change default value to 2. 2 is the default generator for openssl; the number is a mostly arbitrary choice, and smaller values are faster. | |||||
* | | | Add branch for each key type in pk_new field marshalling | daurnimator | 2017-08-31 | 1 | -14/+32 | |
| | | | ||||||
* | | | Use X509_CRL_get0_*Update when not modifying ASN1_TIME | daurnimator | 2017-08-31 | 1 | -9/+25 | |
| | | | ||||||
* | | | Fix most 'expansion-to-defined' warnings | daurnimator | 2017-08-31 | 1 | -12/+29 | |
| | | | ||||||
* | | | Use single method constructor and disable unwanted protocols via options | daurnimator | 2017-08-31 | 1 | -31/+61 | |
| | | | | | | | | | | | | | | | - In OpenSSL 1.1.0 the individual constructors are deprecated - The removal of __typeof__ fixes an issue with MSVC | |||||
* | | | Fix openssl 0.9.8 compat (missing sk_OPENSSL_STRING_* functions) | daurnimator | 2017-08-31 | 1 | -0/+10 | |
| | | | ||||||
* | | | Merge branch 'curves_list' | daurnimator | 2017-08-30 | 5 | -3/+102 | |
|\ \ \ | ||||||
| * | | | openssl.ssl: Bind SSL_set1_curves_list as ssl:setCurvesList() | daurnimator | 2017-04-12 | 3 | -2/+46 | |
| | | | | ||||||
| * | | | openssl.ssl.context.new: Turn on ecdh_auto in OpenSSL 1.0.2 | daurnimator | 2017-04-03 | 1 | -0/+13 | |
| | | | | | | | | | | | | | | | | | | | | It's on by default in 1.1.0, and supported in < 1.0.2. Suggestion taken from ruby openssl implementation: https://github.com/ruby/openssl/blob/a7bbd590c66d40bd662502df9c65474e85b5f03f/ext/openssl/ossl_ssl.c#L135 | |||||
| * | | | doc/: Mention that OpenSSL < 1.0.2 only supports a single curve at a time | daurnimator | 2017-04-03 | 1 | -1/+1 | |
| | | | | ||||||
| * | | | openssl.ssl.context: Add ctx:setCurvesList | daurnimator | 2017-04-03 | 3 | -0/+42 | |
| | | | | ||||||
* | | | | Move over to using lua-compat-5.3 | daurnimator | 2017-08-30 | 3 | -182/+4 | |
| | | | | ||||||
* | | | | Merge commit '7333333568b13db56136e2354c55556adc7714ed' as 'vendor/compat53' | daurnimator | 2017-08-30 | 19 | -0/+6227 | |
|\ \ \ \ | | |_|/ | |/| | | ||||||
| * | | | Squashed 'vendor/compat53/' content from commit 6f3deea | daurnimator | 2017-08-30 | 19 | -0/+6227 | |
| / / | | | | | | | | | | | | | git-subtree-dir: vendor/compat53 git-subtree-split: 6f3deeaa6a4743e1f5148c613addb3f94a22d2df | |||||
* | | | Pull in updated makefile structure from cqueues | daurnimator | 2017-08-30 | 2 | -128/+210 | |
| | | | ||||||
* | | | config.h.guess: Update to new autoguess | daurnimator | 2017-08-29 | 1 | -1/+31 | |
| | | | ||||||
* | | | src/GNUmakefile: Remove duplicated rule | daurnimator | 2017-08-29 | 1 | -5/+0 | |
| | | | ||||||
* | | | src/GNUmakefile: Add missing uninstall rule for ocsp submodule | daurnimator | 2017-08-29 | 1 | -0/+1 | |
| | | | ||||||
* | | | src/GNUmakefile: Add missing ocsp rule | daurnimator | 2017-05-31 | 1 | -0/+5 | |
| | | | ||||||
* | | | Fix capitalisation (Hostname vs HostName) | daurnimator | 2017-05-31 | 1 | -7/+7 | |
| | | | ||||||
* | | | Fix incorrect error prefixes | daurnimator | 2017-04-19 | 1 | -2/+2 | |
| | | | ||||||
* | | | Reintroduce context:setTLSextStatusType() accidently removed in ↵ | daurnimator | 2017-04-06 | 1 | -0/+3 | |
| | | | | | | | | | | | | 59766e63abfeb30342d413777b507940a739cc97 | |||||
* | | | Add ssl_pushsafe function to avoid panic on OOM | daurnimator | 2017-04-04 | 1 | -7/+41 | |
| | | | ||||||
* | | | Bind SSL_CTX_set_tlsext_servername_callback | daurnimator | 2017-04-04 | 2 | -4/+91 | |
| | | | | | | | | | | | | Closes #84 | |||||
* | | | Document ssl:getVerifyResult() | daurnimator | 2017-04-04 | 2 | -0/+4 | |
| | | | ||||||
* | | | Add methods ssl:setVerify(), ssl:getVerify(), ssl:getCertificate() and ↵ | daurnimator | 2017-04-04 | 3 | -0/+89 | |
| |/ |/| | | | | | | | | | ssl:setPrivateKey() Similar to same methods that already exist on ssl.context object | |||||
* | | Remove need for LUA_COMPAT_APIINTCASTS | daurnimator | 2017-04-03 | 2 | -24/+16 | |
| | | ||||||
* | | Fix warning about pointer signedness | daurnimator | 2017-04-03 | 1 | -1/+1 | |
| | | ||||||
* | | Fix warning about pointer signedness | daurnimator | 2017-04-03 | 1 | -1/+1 | |
| | | ||||||
* | | Bind SSL_set_SSL_CTX | daurnimator | 2017-04-03 | 3 | -0/+17 | |
| | | | | | | | | For #84 | |||||
* | | Document missing context methods | daurnimator | 2017-04-03 | 2 | -0/+23 | |
| | | | | | | | | Closes #66 | |||||
* | | Don't leak ctx on error | daurnimator | 2017-04-03 | 1 | -8/+5 | |
| | | | | | | | | Fixes #72 | |||||
* | | Bind SSL_get_client_random | daurnimator | 2017-04-03 | 1 | -0/+42 | |
| | | | | | | | | For #86 | |||||
* | | Merge branch 'ocsp' | daurnimator | 2017-04-03 | 6 | -0/+427 | |
|\ \ | ||||||
| * | | Have (empty) openssl.ocsp.response module | daurnimator | 2017-04-03 | 3 | -2/+23 | |
| | | | ||||||
| * | | Add docs for OCSP functions | daurnimator | 2017-04-03 | 1 | -0/+72 | |
| | | | ||||||
| * | | Export constants for openssl.ocsp.basic:verify() with via module | daurnimator | 2017-04-03 | 3 | -0/+29 | |
| | | | ||||||
| * | | Allow unsetting ocsp response | daurnimator | 2017-04-03 | 1 | -4/+8 | |
| | | | ||||||
| * | | Add cert:getOCSP() to retreive OCSP URI from a certificate | daurnimator | 2016-12-20 | 1 | -0/+35 | |
| | | | ||||||
| * | | Add ssl:setTLSextStatusOCSPResp() | daurnimator | 2016-12-20 | 1 | -0/+21 | |
| | | | | | | | | | | | | Currently useless without a way to set a callback for tlsext | |||||
| * | | OCSP functions required for basic client validation | daurnimator | 2016-12-20 | 1 | -0/+245 | |
| | | | ||||||
* | | | Remove trailing whitespace | daurnimator | 2017-04-03 | 4 | -9/+9 | |
| | | | ||||||
* | | | Add docs for x509:getSignatureName | daurnimator | 2017-04-03 | 2 | -0/+4 | |
| | | | ||||||
* | | | Remove extraneous parenthesis | daurnimator | 2017-04-03 | 1 | -1/+1 | |
| | | | ||||||
* | | | Merge branch 'xc_getSignatureName' | daurnimator | 2017-04-03 | 1 | -9/+9 | |
|\ \ \ | ||||||
| * | | | Add compat with openssl < 1.0.2 for X509_get_signature_nid | daurnimator | 2017-04-03 | 1 | -0/+8 | |
| | | | | ||||||
| * | | | Use X509_get_signature_nid instead of X509_get_signature_type to implement ↵ | daurnimator | 2017-01-16 | 1 | -9/+1 | |
| |/ / | | | | | | | | | | | | | | | | cert:getSignatureName() Fixes #79 |