diff --git a/lua-luasec.changes b/lua-luasec.changes index 670514e..d36da96 100644 --- a/lua-luasec.changes +++ b/lua-luasec.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Sun Nov 3 16:48:48 CET 2019 - Matej Cepl + +- Update to luasec 0.9. Too many changes to enlist here, + CHANGELOG file is included in the package. + ------------------------------------------------------------------- Mon Oct 30 14:45:32 UTC 2017 - jmatejek@suse.com diff --git a/lua-luasec.spec b/lua-luasec.spec index e57a5fd..09a5906 100644 --- a/lua-luasec.spec +++ b/lua-luasec.spec @@ -1,7 +1,7 @@ # # spec file for package lua-luasec # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,31 +12,28 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define flavor @BUILD_FLAVOR@ -%define mod_name luasec -Version: 0.6 +%define modname luasec +Version: 0.9 Release: 0 Summary: A Lua binding for OpenSSL License: MIT -Group: Productivity/Networking/Other -Url: https://github.com/brunoos/luasec -Source: https://github.com/brunoos/luasec/archive/%{mod_name}-%{version}.tar.gz -# PATCH-FIX-UPSTREAM build with openssl 1.1.0 (taken from Fedora) -Patch0: lua-sec-0.6-openssl_110.patch +URL: https://github.com/brunoos/luasec +Source: https://github.com/brunoos/%{modname}/archive/v%{version}/%{modname}-%{version}.tar.gz BuildRequires: %{flavor}-devel BuildRequires: %{flavor}-luasocket BuildRequires: libopenssl-devel Requires: %{flavor} Requires: %{flavor}-luasocket %if "%{flavor}" == "" -Name: lua-%{mod_name} +Name: lua-%{modname} ExclusiveArch: do_not_build %else -Name: %{flavor}-%{mod_name} +Name: %{flavor}-%{modname} %endif %description @@ -45,8 +42,7 @@ It takes an already established TCP connection and creates a secure session between the peers. %prep -%setup -q -n luasec-luasec-%{version} -%patch0 -p1 +%setup -q -n %{modname}-%{version} %build make %{?_smp_mflags} linux \ @@ -56,7 +52,8 @@ make %{?_smp_mflags} linux \ %make_install LUAPATH=%{lua_noarchdir} LUACPATH=%{lua_archdir} %files -%doc CHANGELOG LICENSE README.md +%license LICENSE +%doc CHANGELOG README.md %{lua_archdir}/ssl.so %{lua_noarchdir}/ssl.lua %{lua_noarchdir}/ssl/ diff --git a/lua-sec-0.6-openssl_110.patch b/lua-sec-0.6-openssl_110.patch deleted file mode 100644 index 6893554..0000000 --- a/lua-sec-0.6-openssl_110.patch +++ /dev/null @@ -1,184 +0,0 @@ -git diff 20443861ebc3f6498ee7d9c70fbdaa059bec15e1...98f8872743f3d38bd44cb9eedb2c82e38571fe04 - -diff --git a/src/Makefile b/src/Makefile -index 727794b..02425af 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -31,10 +31,10 @@ LDFLAGS += $(MYLDFLAGS) - all: - - install: $(CMOD) $(LMOD) -- $(INSTALL) -d $(LUAPATH)/ssl $(LUACPATH) -- $(INSTALL) $(CMOD) $(LUACPATH) -- $(INSTALL) -m644 $(LMOD) $(LUAPATH) -- $(INSTALL) -m644 https.lua $(LUAPATH)/ssl -+ $(INSTALL) -d $(DESTDIR)$(LUAPATH)/ssl $(DESTDIR)$(LUACPATH) -+ $(INSTALL) $(CMOD) $(DESTDIR)$(LUACPATH) -+ $(INSTALL) -m644 $(LMOD) $(DESTDIR)$(LUAPATH) -+ $(INSTALL) -m644 https.lua $(DESTDIR)$(LUAPATH)/ssl - - linux: - @$(MAKE) $(CMOD) MYCFLAGS="$(LNX_CFLAGS)" MYLDFLAGS="$(LNX_LDFLAGS)" EXTRA="$(EXTRA)" -diff --git a/src/context.c b/src/context.c -index 22f43b7..4187314 100644 ---- a/src/context.c -+++ b/src/context.c -@@ -35,10 +35,6 @@ typedef const SSL_METHOD LSEC_SSL_METHOD; - typedef SSL_METHOD LSEC_SSL_METHOD; - #endif - --#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) --#define SSLv23_method() TLS_method() --#endif -- - /*-- Compat - Lua 5.1 --------------------------------------------------------*/ - - #if (LUA_VERSION_NUM == 501) -diff --git a/src/https.lua b/src/https.lua -index befb72d..7916851 100644 ---- a/src/https.lua -+++ b/src/https.lua -@@ -89,6 +89,7 @@ local function tcp(params) - function conn:connect(host, port) - try(self.sock:connect(host, port)) - self.sock = try(ssl.wrap(self.sock, params)) -+ self.sock:sni(host) - try(self.sock:dohandshake()) - reg(self, getmetatable(self.sock)) - return 1 -diff --git a/src/ssl.c b/src/ssl.c -index d2b495d..d7b7243 100644 ---- a/src/ssl.c -+++ b/src/ssl.c -@@ -31,6 +31,13 @@ - #include "context.h" - #include "ssl.h" - -+ -+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER<0x10100000L -+#define SSL_is_server(s) (s->server) -+#define X509_up_ref(c) CRYPTO_add(&c->references, 1, CRYPTO_LOCK_X509) -+#endif -+ -+ - /** - * Underline socket error. - */ -@@ -191,9 +198,9 @@ static int ssl_recv(void *ctx, char *data, size_t count, size_t *got, - { - int err; - p_ssl ssl = (p_ssl)ctx; -+ *got = 0; - if (ssl->state != LSEC_STATE_CONNECTED) - return IO_CLOSED; -- *got = 0; - for ( ; ; ) { - ERR_clear_error(); - err = SSL_read(ssl->ssl, data, (int)count); -@@ -203,7 +210,6 @@ static int ssl_recv(void *ctx, char *data, size_t count, size_t *got, - *got = err; - return IO_DONE; - case SSL_ERROR_ZERO_RETURN: -- *got = err; - return IO_CLOSED; - case SSL_ERROR_WANT_READ: - err = socket_waitfd(&ssl->sock, WAITFD_R, tm); -@@ -461,7 +467,7 @@ static int meth_getpeercertificate(lua_State *L) - /* In a server-context, the stack doesn't contain the peer cert, - * so adjust accordingly. - */ -- if (ssl->ssl->server) -+ if (SSL_is_server(ssl->ssl)) - --n; - certs = SSL_get_peer_cert_chain(ssl->ssl); - if (n >= sk_X509_num(certs)) { -@@ -471,7 +477,7 @@ static int meth_getpeercertificate(lua_State *L) - cert = sk_X509_value(certs, n); - /* Increment the reference counting of the object. */ - /* See SSL_get_peer_certificate() source code. */ -- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); -+ X509_up_ref(cert); - lsec_pushx509(L, cert); - return 1; - } -@@ -493,7 +499,7 @@ static int meth_getpeerchain(lua_State *L) - return 2; - } - lua_newtable(L); -- if (ssl->ssl->server) { -+ if (SSL_is_server(ssl->ssl)) { - lsec_pushx509(L, SSL_get_peer_certificate(ssl->ssl)); - lua_rawseti(L, -2, idx++); - } -@@ -503,7 +509,7 @@ static int meth_getpeerchain(lua_State *L) - cert = sk_X509_value(certs, i); - /* Increment the reference counting of the object. */ - /* See SSL_get_peer_certificate() source code. */ -- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); -+ X509_up_ref(cert); - lsec_pushx509(L, cert); - lua_rawseti(L, -2, idx++); - } -diff --git a/src/x509.c b/src/x509.c -index 49f9a5f..0042fc4 100644 ---- a/src/x509.c -+++ b/src/x509.c -@@ -32,6 +32,17 @@ - - #include "x509.h" - -+ -+/* -+ * ASN1_STRING_data is deprecated in OpenSSL 1.1.0 -+ */ -+#if OPENSSL_VERSION_NUMBER>=0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER) -+#define LSEC_ASN1_STRING_data(x) ASN1_STRING_get0_data(x) -+#else -+#define LSEC_ASN1_STRING_data(x) ASN1_STRING_data(x) -+#endif -+ -+ - static const char* hex_tab = "0123456789abcdef"; - - /** -@@ -146,7 +157,7 @@ static void push_asn1_string(lua_State* L, ASN1_STRING *string, int encode) - } - switch (encode) { - case LSEC_AI5_STRING: -- lua_pushlstring(L, (char*)ASN1_STRING_data(string), -+ lua_pushlstring(L, (char*)LSEC_ASN1_STRING_data(string), - ASN1_STRING_length(string)); - break; - case LSEC_UTF8_STRING: -@@ -182,7 +193,7 @@ static void push_asn1_ip(lua_State *L, ASN1_STRING *string) - { - int af; - char dst[INET6_ADDRSTRLEN]; -- unsigned char *ip = ASN1_STRING_data(string); -+ unsigned char *ip = (unsigned char*)LSEC_ASN1_STRING_data(string); - switch(ASN1_STRING_length(string)) { - case 4: - af = AF_INET; -@@ -293,11 +304,11 @@ int meth_extensions(lua_State* L) - break; - - /* Push ret[oid] */ -- push_asn1_objname(L, extension->object, 1); -+ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 1); - push_subtable(L, -2); - - /* Set ret[oid].name = name */ -- push_asn1_objname(L, extension->object, 0); -+ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 0); - lua_setfield(L, -2, "name"); - - n_general_names = sk_GENERAL_NAME_num(values); -@@ -404,7 +415,7 @@ static int meth_pubkey(lua_State* L) - bytes = BIO_get_mem_data(bio, &data); - if (bytes > 0) { - lua_pushlstring(L, data, bytes); -- switch(EVP_PKEY_type(pkey->type)) { -+ switch(EVP_PKEY_base_id(pkey)) { - case EVP_PKEY_RSA: - lua_pushstring(L, "RSA"); - break; diff --git a/luasec-0.6.tar.gz b/luasec-0.6.tar.gz deleted file mode 100644 index b4bcd84..0000000 --- a/luasec-0.6.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:cef3a35c18beb8a54d9c8ce6260a4cabbd9a386de8711320d084daffad0aed5d -size 51071 diff --git a/luasec-0.9.tar.gz b/luasec-0.9.tar.gz new file mode 100644 index 0000000..396ad88 --- /dev/null +++ b/luasec-0.9.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6b6b94e8517bf6baf545fad29a2112f9ac7957ad85b4aae8e0727bec77d7a325 +size 52163