diff -Nru lua-sec-0.5/CHANGELOG lua-sec-0.5.1/CHANGELOG --- lua-sec-0.5/CHANGELOG 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/CHANGELOG 2015-11-20 21:39:32.000000000 +0000 @@ -1,4 +1,12 @@ -------------------------------------------------------------------------------- +LuaSec 0.5.1 +------------ +- Check if SSLv3 protocol is available. +- Fix push_asn1_string(). +- Update samples to use 'sslv23' and 'tlsv1_2'. +- Update MACOSX_VERSION to 10.11 on Makefile. + +-------------------------------------------------------------------------------- LuaSec 0.5 ------------ diff -Nru lua-sec-0.5/debian/changelog lua-sec-0.5.1/debian/changelog --- lua-sec-0.5/debian/changelog 2015-11-16 08:39:08.000000000 +0000 +++ lua-sec-0.5.1/debian/changelog 2015-12-06 16:26:42.000000000 +0000 @@ -1,3 +1,9 @@ +lua-sec (0.5.1-1) unstable; urgency=medium + + * new upstream release + + -- Enrico Tassi Sun, 06 Dec 2015 17:26:18 +0100 + lua-sec (0.5-3) unstable; urgency=medium * Cherry pick upstream 67f0867 to fix FTBFS after SSLv3 support diff -Nru lua-sec-0.5/debian/patches/0001-test.patch lua-sec-0.5.1/debian/patches/0001-test.patch --- lua-sec-0.5/debian/patches/0001-test.patch 2015-11-16 08:39:08.000000000 +0000 +++ lua-sec-0.5.1/debian/patches/0001-test.patch 2015-12-06 16:26:42.000000000 +0000 @@ -2,6 +2,7 @@ Date: Fri, 9 Aug 2013 17:47:14 +0200 Subject: test +Gbp-Pq: Name 0001-test.patch --- test.lua | 2 ++ test.sh | 13 +++++++++++++ diff -Nru lua-sec-0.5/debian/patches/0002-lua-sec.h.patch lua-sec-0.5.1/debian/patches/0002-lua-sec.h.patch --- lua-sec-0.5/debian/patches/0002-lua-sec.h.patch 2015-11-16 08:39:08.000000000 +0000 +++ lua-sec-0.5.1/debian/patches/0002-lua-sec.h.patch 2015-12-06 16:26:42.000000000 +0000 @@ -2,6 +2,7 @@ Date: Fri, 9 Aug 2013 17:47:14 +0200 Subject: lua-sec.h +Gbp-Pq: Name 0002-lua-sec.h.patch --- lua-sec.h | 7 +++++++ 1 file changed, 7 insertions(+) diff -Nru lua-sec-0.5/debian/patches/0003-guard-SSLv3_method-with-ifndef-OPENSSL_NO_SSL3.patch lua-sec-0.5.1/debian/patches/0003-guard-SSLv3_method-with-ifndef-OPENSSL_NO_SSL3.patch --- lua-sec-0.5/debian/patches/0003-guard-SSLv3_method-with-ifndef-OPENSSL_NO_SSL3.patch 2015-11-16 08:39:08.000000000 +0000 +++ lua-sec-0.5.1/debian/patches/0003-guard-SSLv3_method-with-ifndef-OPENSSL_NO_SSL3.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,22 +0,0 @@ -From: Gleydson Soares -Date: Mon, 12 Oct 2015 08:33:01 -0300 -Subject: guard SSLv3_method() with #ifndef OPENSSL_NO_SSL3 - ---- - src/context.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/context.c b/src/context.c -index cafc222..87d4471 100644 ---- a/src/context.c -+++ b/src/context.c -@@ -66,7 +66,9 @@ static int set_option_flag(const char *opt, unsigned long *flag) - static LSEC_SSL_METHOD* str2method(const char *method) - { - if (!strcmp(method, "sslv23")) return SSLv23_method(); -+#ifndef OPENSSL_NO_SSL3 - if (!strcmp(method, "sslv3")) return SSLv3_method(); -+#endif - if (!strcmp(method, "tlsv1")) return TLSv1_method(); - #if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) - if (!strcmp(method, "tlsv1_1")) return TLSv1_1_method(); diff -Nru lua-sec-0.5/debian/patches/0004-Use-sslv23-for-the-test.patch lua-sec-0.5.1/debian/patches/0004-Use-sslv23-for-the-test.patch --- lua-sec-0.5/debian/patches/0004-Use-sslv23-for-the-test.patch 2015-11-16 08:39:08.000000000 +0000 +++ lua-sec-0.5.1/debian/patches/0004-Use-sslv23-for-the-test.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,35 +0,0 @@ -From: Enrico Tassi -Date: Mon, 16 Nov 2015 09:35:36 +0100 -Subject: Use sslv23 for the test - ---- - samples/oneshot/client.lua | 2 +- - samples/oneshot/server.lua | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/samples/oneshot/client.lua b/samples/oneshot/client.lua -index 202fb12..1d6211b 100644 ---- a/samples/oneshot/client.lua -+++ b/samples/oneshot/client.lua -@@ -6,7 +6,7 @@ local ssl = require("ssl") - - local params = { - mode = "client", -- protocol = "sslv3", -+ protocol = "sslv23", - key = "../certs/clientAkey.pem", - certificate = "../certs/clientA.pem", - cafile = "../certs/rootA.pem", -diff --git a/samples/oneshot/server.lua b/samples/oneshot/server.lua -index 233a825..d996e1b 100644 ---- a/samples/oneshot/server.lua -+++ b/samples/oneshot/server.lua -@@ -6,7 +6,7 @@ local ssl = require("ssl") - - local params = { - mode = "server", -- protocol = "sslv3", -+ protocol = "sslv23", - key = "../certs/serverAkey.pem", - certificate = "../certs/serverA.pem", - cafile = "../certs/rootA.pem", diff -Nru lua-sec-0.5/debian/patches/series lua-sec-0.5.1/debian/patches/series --- lua-sec-0.5/debian/patches/series 2015-11-16 08:39:08.000000000 +0000 +++ lua-sec-0.5.1/debian/patches/series 2015-12-06 16:26:42.000000000 +0000 @@ -1,4 +1,2 @@ 0001-test.patch 0002-lua-sec.h.patch -0003-guard-SSLv3_method-with-ifndef-OPENSSL_NO_SSL3.patch -0004-Use-sslv23-for-the-test.patch diff -Nru lua-sec-0.5/INSTALL lua-sec-0.5.1/INSTALL --- lua-sec-0.5/INSTALL 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/INSTALL 2015-11-20 21:39:32.000000000 +0000 @@ -1,9 +1,9 @@ -LuaSec 0.5 +LuaSec 0.5.1 ------------ * OpenSSL options: - By default, LuaSec 0.5 includes options for OpenSSL 1.0.1e. + By default, LuaSec 0.5.1 includes options for OpenSSL 1.0.1e. If you need to generate the options for a different version of OpenSSL: diff -Nru lua-sec-0.5/LICENSE lua-sec-0.5.1/LICENSE --- lua-sec-0.5/LICENSE 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/LICENSE 2015-11-20 21:39:32.000000000 +0000 @@ -1,5 +1,5 @@ -LuaSec 0.5 license -Copyright (C) 2006-2013 Bruno Silvestre, UFG +LuaSec 0.5.1 license +Copyright (C) 2006-2015 Bruno Silvestre, UFG Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff -Nru lua-sec-0.5/Makefile lua-sec-0.5.1/Makefile --- lua-sec-0.5/Makefile 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/Makefile 2015-11-20 21:39:32.000000000 +0000 @@ -1,4 +1,4 @@ -# Inform the location to intall the modules +# Inform the location to install the modules LUAPATH ?= /usr/share/lua/5.1 LUACPATH ?= /usr/lib/lua/5.1 @@ -16,7 +16,7 @@ LIBDIR = -L./luasocket $(LIB_PATH) # For Mac OS X: set the system version -MACOSX_VERSION=10.4 +MACOSX_VERSION?=10.11 #---------------------- # Do not edit this part diff -Nru lua-sec-0.5/README.md lua-sec-0.5.1/README.md --- lua-sec-0.5/README.md 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/README.md 2015-11-20 21:39:32.000000000 +0000 @@ -1,3 +1,10 @@ +LuaSec 0.5.1 +============ +- Check if SSLv3 protocol is available. +- Fix push_asn1_string(). +- Update samples to use 'sslv23' and 'tlsv1_2'. +- Update MACOSX_VERSION to 10.11 on Makefile. + LuaSec 0.5 ========== diff -Nru lua-sec-0.5/samples/chain/client.lua lua-sec-0.5.1/samples/chain/client.lua --- lua-sec-0.5/samples/chain/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/chain/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -7,12 +7,12 @@ local params = { mode = "client", - protocol = "tlsv1", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local conn = socket.tcp() diff -Nru lua-sec-0.5/samples/chain/server.lua lua-sec-0.5.1/samples/chain/server.lua --- lua-sec-0.5/samples/chain/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/chain/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -7,12 +7,12 @@ local params = { mode = "server", - protocol = "tlsv1", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local ctx = assert(ssl.newcontext(params)) diff -Nru lua-sec-0.5/samples/dhparam/client.lua lua-sec-0.5.1/samples/dhparam/client.lua --- lua-sec-0.5/samples/dhparam/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/dhparam/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local peer = socket.tcp() diff -Nru lua-sec-0.5/samples/dhparam/server.lua lua-sec-0.5.1/samples/dhparam/server.lua --- lua-sec-0.5/samples/dhparam/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/dhparam/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -31,12 +31,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", dhparam = dhparam_cb, } diff -Nru lua-sec-0.5/samples/digest/client.lua lua-sec-0.5.1/samples/digest/client.lua --- lua-sec-0.5/samples/digest/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/digest/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local peer = socket.tcp() diff -Nru lua-sec-0.5/samples/digest/server.lua lua-sec-0.5.1/samples/digest/server.lua --- lua-sec-0.5/samples/digest/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/digest/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } diff -Nru lua-sec-0.5/samples/ecdh/client.lua lua-sec-0.5.1/samples/ecdh/client.lua --- lua-sec-0.5/samples/ecdh/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/ecdh/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", -- curve = "secp384r1", } diff -Nru lua-sec-0.5/samples/ecdh/server.lua lua-sec-0.5.1/samples/ecdh/server.lua --- lua-sec-0.5/samples/ecdh/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/ecdh/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", -- curve = "secp384r1", } diff -Nru lua-sec-0.5/samples/info/client.lua lua-sec-0.5.1/samples/info/client.lua --- lua-sec-0.5/samples/info/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/info/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local peer = socket.tcp() diff -Nru lua-sec-0.5/samples/info/server.lua lua-sec-0.5.1/samples/info/server.lua --- lua-sec-0.5/samples/info/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/info/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } diff -Nru lua-sec-0.5/samples/key/loadkey.lua lua-sec-0.5.1/samples/key/loadkey.lua --- lua-sec-0.5/samples/key/loadkey.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/key/loadkey.lua 2015-11-20 21:39:32.000000000 +0000 @@ -5,7 +5,7 @@ local pass = "foobar" local cfg = { - protocol = "tlsv1", + protocol = "tlsv1_2", mode = "client", key = "key.pem", } diff -Nru lua-sec-0.5/samples/loop/client.lua lua-sec-0.5.1/samples/loop/client.lua --- lua-sec-0.5/samples/loop/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/loop/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } while true do diff -Nru lua-sec-0.5/samples/loop/server.lua lua-sec-0.5.1/samples/loop/server.lua --- lua-sec-0.5/samples/loop/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/loop/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } -- [[ SSL context diff -Nru lua-sec-0.5/samples/loop-gc/client.lua lua-sec-0.5.1/samples/loop-gc/client.lua --- lua-sec-0.5/samples/loop-gc/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/loop-gc/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } while true do diff -Nru lua-sec-0.5/samples/loop-gc/server.lua lua-sec-0.5.1/samples/loop-gc/server.lua --- lua-sec-0.5/samples/loop-gc/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/loop-gc/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } -- [[ SSL context diff -Nru lua-sec-0.5/samples/oneshot/client.lua lua-sec-0.5.1/samples/oneshot/client.lua --- lua-sec-0.5/samples/oneshot/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/oneshot/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local peer = socket.tcp() diff -Nru lua-sec-0.5/samples/oneshot/server.lua lua-sec-0.5.1/samples/oneshot/server.lua --- lua-sec-0.5/samples/oneshot/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/oneshot/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } diff -Nru lua-sec-0.5/samples/verification/fail-string/client.lua lua-sec-0.5.1/samples/verification/fail-string/client.lua --- lua-sec-0.5/samples/verification/fail-string/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verification/fail-string/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../../certs/clientBkey.pem", certificate = "../../certs/clientB.pem", cafile = "../../certs/rootB.pem", - verify = {"none"}, - options = {"all", "no_sslv2"}, + verify = "none", + options = "all", } local peer = socket.tcp() diff -Nru lua-sec-0.5/samples/verification/fail-string/server.lua lua-sec-0.5.1/samples/verification/fail-string/server.lua --- lua-sec-0.5/samples/verification/fail-string/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verification/fail-string/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../../certs/serverAkey.pem", certificate = "../../certs/serverA.pem", cafile = "../../certs/rootA.pem", - verify = {"none"}, - options = {"all", "no_sslv2"}, + verify = "none", + options = "all", } -- [[ SSL context diff -Nru lua-sec-0.5/samples/verification/fail-table/client.lua lua-sec-0.5.1/samples/verification/fail-table/client.lua --- lua-sec-0.5/samples/verification/fail-table/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verification/fail-table/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,13 +6,13 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../../certs/clientBkey.pem", certificate = "../../certs/clientB.pem", cafile = "../../certs/rootB.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, - verifyext = {"lsec_continue"}, + options = "all", , + verifyext = "lsec_continue", } -- [[ SSL context diff -Nru lua-sec-0.5/samples/verification/fail-table/server.lua lua-sec-0.5.1/samples/verification/fail-table/server.lua --- lua-sec-0.5/samples/verification/fail-table/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verification/fail-table/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../../certs/serverAkey.pem", certificate = "../../certs/serverA.pem", cafile = "../../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", verifyext = {"lsec_continue", "crl_check", "crl_check_chain"}, } diff -Nru lua-sec-0.5/samples/verification/success/client.lua lua-sec-0.5.1/samples/verification/success/client.lua --- lua-sec-0.5/samples/verification/success/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verification/success/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../../certs/clientAkey.pem", certificate = "../../certs/clientA.pem", cafile = "../../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local peer = socket.tcp() diff -Nru lua-sec-0.5/samples/verification/success/server.lua lua-sec-0.5.1/samples/verification/success/server.lua --- lua-sec-0.5/samples/verification/success/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verification/success/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../../certs/serverAkey.pem", certificate = "../../certs/serverA.pem", cafile = "../../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } diff -Nru lua-sec-0.5/samples/verify/client.lua lua-sec-0.5.1/samples/verify/client.lua --- lua-sec-0.5/samples/verify/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verify/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,13 +6,13 @@ local params = { mode = "client", - protocol = "tlsv1", + protocol = "tlsv1_2", key = "../certs/serverBkey.pem", certificate = "../certs/serverB.pem", cafile = "../certs/rootB.pem", verify = {"peer", "fail_if_no_peer_cert"}, verifyext = {"lsec_continue", "lsec_ignore_purpose"}, - options = {"all", "no_sslv2"}, + options = "all", } local ctx = assert(ssl.newcontext(params)) diff -Nru lua-sec-0.5/samples/verify/server.lua lua-sec-0.5.1/samples/verify/server.lua --- lua-sec-0.5/samples/verify/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/verify/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,13 +6,13 @@ local params = { mode = "server", - protocol = "tlsv1", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, verifyext = {"lsec_continue", "lsec_ignore_purpose"}, - options = {"all", "no_sslv2"}, + options = "all", } diff -Nru lua-sec-0.5/samples/want/client.lua lua-sec-0.5.1/samples/want/client.lua --- lua-sec-0.5/samples/want/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/want/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -8,12 +8,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } -- Wait until socket is ready (for reading or writing) diff -Nru lua-sec-0.5/samples/want/server.lua lua-sec-0.5.1/samples/want/server.lua --- lua-sec-0.5/samples/want/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/want/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } -- [[ SSL context diff -Nru lua-sec-0.5/samples/wantread/client.lua lua-sec-0.5.1/samples/wantread/client.lua --- lua-sec-0.5/samples/wantread/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/wantread/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } diff -Nru lua-sec-0.5/samples/wantread/server.lua lua-sec-0.5.1/samples/wantread/server.lua --- lua-sec-0.5/samples/wantread/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/wantread/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -8,12 +8,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } -- [[ SSL context diff -Nru lua-sec-0.5/samples/wantwrite/client.lua lua-sec-0.5.1/samples/wantwrite/client.lua --- lua-sec-0.5/samples/wantwrite/client.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/wantwrite/client.lua 2015-11-20 21:39:32.000000000 +0000 @@ -6,12 +6,12 @@ local params = { mode = "client", - protocol = "sslv3", + protocol = "tlsv1_2", key = "../certs/clientAkey.pem", certificate = "../certs/clientA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } local function wait(peer, err) diff -Nru lua-sec-0.5/samples/wantwrite/server.lua lua-sec-0.5.1/samples/wantwrite/server.lua --- lua-sec-0.5/samples/wantwrite/server.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/samples/wantwrite/server.lua 2015-11-20 21:39:32.000000000 +0000 @@ -8,12 +8,12 @@ local params = { mode = "server", - protocol = "sslv3", + protocol = "sslv23", key = "../certs/serverAkey.pem", certificate = "../certs/serverA.pem", cafile = "../certs/rootA.pem", verify = {"peer", "fail_if_no_peer_cert"}, - options = {"all", "no_sslv2"}, + options = "all", } diff -Nru lua-sec-0.5/src/config.h lua-sec-0.5.1/src/config.h --- lua-sec-0.5/src/config.h 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/config.h 2015-11-20 21:39:32.000000000 +0000 @@ -1,6 +1,6 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.5 - * Copyright (C) 2006-2014 Bruno Silvestre + * LuaSec 0.5.1 + * Copyright (C) 2006-2015 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff -Nru lua-sec-0.5/src/context.c lua-sec-0.5.1/src/context.c --- lua-sec-0.5/src/context.c 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/context.c 2015-11-20 21:39:32.000000000 +0000 @@ -1,9 +1,9 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.5 + * LuaSec 0.5.1 * - * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann, - * Matthew Wild. - * Copyright (C) 2006-2014 Bruno Silvestre. + * Copyright (C) 2014-2015 Kim Alvefur, Paul Aurich, Tobias Markmann, + * Matthew Wild. + * Copyright (C) 2006-2015 Bruno Silvestre. * *--------------------------------------------------------------------------*/ @@ -35,6 +35,10 @@ typedef SSL_METHOD LSEC_SSL_METHOD; #endif +#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) +#define SSLv23_method() TLS_method() +#endif + /*--------------------------- Auxiliary Functions ----------------------------*/ /** @@ -66,7 +70,9 @@ static LSEC_SSL_METHOD* str2method(const char *method) { if (!strcmp(method, "sslv23")) return SSLv23_method(); +#ifndef OPENSSL_NO_SSL3 if (!strcmp(method, "sslv3")) return SSLv3_method(); +#endif if (!strcmp(method, "tlsv1")) return TLSv1_method(); #if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) if (!strcmp(method, "tlsv1_1")) return TLSv1_1_method(); diff -Nru lua-sec-0.5/src/context.h lua-sec-0.5.1/src/context.h --- lua-sec-0.5/src/context.h 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/context.h 2015-11-20 21:39:32.000000000 +0000 @@ -2,8 +2,8 @@ #define LSEC_CONTEXT_H /*-------------------------------------------------------------------------- - * LuaSec 0.5 - * Copyright (C) 2006-2014 Bruno Silvestre + * LuaSec 0.5.1 + * Copyright (C) 2006-2015 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff -Nru lua-sec-0.5/src/ec.h lua-sec-0.5.1/src/ec.h --- lua-sec-0.5/src/ec.h 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/ec.h 2015-11-20 21:39:32.000000000 +0000 @@ -1,6 +1,6 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.5 - * Copyright (C) 2006-2014 Bruno Silvestre + * LuaSec 0.5.1 + * Copyright (C) 2006-2015 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff -Nru lua-sec-0.5/src/https.lua lua-sec-0.5.1/src/https.lua --- lua-sec-0.5/src/https.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/https.lua 2015-11-20 21:39:32.000000000 +0000 @@ -1,6 +1,6 @@ ---------------------------------------------------------------------------- --- LuaSec 0.5 --- Copyright (C) 2009-2014 PUC-Rio +-- LuaSec 0.5.1 +-- Copyright (C) 2009-2015 PUC-Rio -- -- Author: Pablo Musa -- Author: Tomas Guisasola @@ -22,8 +22,8 @@ module("ssl.https") -_VERSION = "0.5" -_COPYRIGHT = "LuaSec 0.5 - Copyright (C) 2009-2014 PUC-Rio" +_VERSION = "0.5.1" +_COPYRIGHT = "LuaSec 0.5.1 - Copyright (C) 2009-2015 PUC-Rio" -- Default settings PORT = 443 diff -Nru lua-sec-0.5/src/options.h lua-sec-0.5.1/src/options.h --- lua-sec-0.5/src/options.h 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/options.h 2015-11-20 21:39:32.000000000 +0000 @@ -2,8 +2,8 @@ #define LSEC_OPTIONS_H /*-------------------------------------------------------------------------- - * LuaSec 0.5 - * Copyright (C) 2006-2014 Bruno Silvestre + * LuaSec 0.5.1 + * Copyright (C) 2006-2015 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff -Nru lua-sec-0.5/src/options.lua lua-sec-0.5.1/src/options.lua --- lua-sec-0.5/src/options.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/options.lua 2015-11-20 21:39:32.000000000 +0000 @@ -21,8 +21,8 @@ #define LSEC_OPTIONS_H /*-------------------------------------------------------------------------- - * LuaSec 0.5 - * Copyright (C) 2006-2014 Bruno Silvestre + * LuaSec 0.5.1 + * Copyright (C) 2006-2015 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff -Nru lua-sec-0.5/src/ssl.c lua-sec-0.5.1/src/ssl.c --- lua-sec-0.5/src/ssl.c 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/ssl.c 2015-11-20 21:39:32.000000000 +0000 @@ -1,8 +1,8 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.5 + * LuaSec 0.5.1 * - * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann, - * Matthew Wild. + * Copyright (C) 2014-2015 Kim Alvefur, Paul Aurich, Tobias Markmann, + * Matthew Wild. * Copyright (C) 2006-2014 Bruno Silvestre. * *--------------------------------------------------------------------------*/ @@ -655,7 +655,7 @@ static int meth_copyright(lua_State *L) { - lua_pushstring(L, "LuaSec 0.5 - Copyright (C) 2006-2011 Bruno Silvestre" + lua_pushstring(L, "LuaSec 0.5.1 - Copyright (C) 2006-2015 Bruno Silvestre" #if defined(WITH_LUASOCKET) "\nLuaSocket 3.0-RC1 - Copyright (C) 2004-2013 Diego Nehab" #endif diff -Nru lua-sec-0.5/src/ssl.h lua-sec-0.5.1/src/ssl.h --- lua-sec-0.5/src/ssl.h 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/ssl.h 2015-11-20 21:39:32.000000000 +0000 @@ -2,8 +2,8 @@ #define LSEC_SSL_H /*-------------------------------------------------------------------------- - * LuaSec 0.5 - * Copyright (C) 2006-2014 Bruno Silvestre + * LuaSec 0.5.1 + * Copyright (C) 2006-2015 Bruno Silvestre * *--------------------------------------------------------------------------*/ diff -Nru lua-sec-0.5/src/ssl.lua lua-sec-0.5.1/src/ssl.lua --- lua-sec-0.5/src/ssl.lua 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/ssl.lua 2015-11-20 21:39:32.000000000 +0000 @@ -1,6 +1,6 @@ ------------------------------------------------------------------------------ --- LuaSec 0.5 --- Copyright (C) 2006-2014 Bruno Silvestre +-- LuaSec 0.5.1 +-- Copyright (C) 2006-2015 Bruno Silvestre -- ------------------------------------------------------------------------------ @@ -10,7 +10,7 @@ module("ssl", package.seeall) -_VERSION = "0.5.PR" +_VERSION = "0.5.1" _COPYRIGHT = core.copyright() -- Export diff -Nru lua-sec-0.5/src/x509.c lua-sec-0.5.1/src/x509.c --- lua-sec-0.5/src/x509.c 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/x509.c 2015-11-20 21:39:32.000000000 +0000 @@ -1,8 +1,8 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.5 + * LuaSec 0.5.1 * - * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann - * Matthew Wild, Bruno Silvestre. + * Copyright (C) 2014-2015 Kim Alvefur, Paul Aurich, Tobias Markmann + * Matthew Wild, Bruno Silvestre. * *--------------------------------------------------------------------------*/ @@ -86,10 +86,12 @@ */ static void push_asn1_string(lua_State* L, ASN1_STRING *string, int encode) { - size_t len; + int len; unsigned char *data; - if (!string) + if (!string) { lua_pushnil(L); + return; + } switch (encode) { case LSEC_AI5_STRING: lua_pushlstring(L, (char*)ASN1_STRING_data(string), @@ -101,6 +103,8 @@ lua_pushlstring(L, (char*)data, len); OPENSSL_free(data); } + else + lua_pushnil(L); } } diff -Nru lua-sec-0.5/src/x509.h lua-sec-0.5.1/src/x509.h --- lua-sec-0.5/src/x509.h 2014-01-29 20:43:33.000000000 +0000 +++ lua-sec-0.5.1/src/x509.h 2015-11-20 21:39:32.000000000 +0000 @@ -1,8 +1,8 @@ /*-------------------------------------------------------------------------- - * LuaSec 0.5 + * LuaSec 0.5.1 * - * Copyright (C) 2014 Kim Alvefur, Paul Aurich, Tobias Markmann - * Matthew Wild, Bruno Silvestre. + * Copyright (C) 2014-2015 Kim Alvefur, Paul Aurich, Tobias Markmann + * Matthew Wild, Bruno Silvestre. * *--------------------------------------------------------------------------*/