Lua.org

LuaSec – TLS/SSL Support for Lua

Home - Download - Reference


LuaSec is a binding for OpenSSL library to provide TLS/SSL communication. It takes an already established TCP connection and creates a secure session between the peers.

This is a simple example of  a client and server communication using LuaSec:

Client Server
 require("socket")
require("ssl")

-- TLS/SSL client parameters (omitted)
local params

local conn = socket.tcp()
conn:connect("127.0.0.1", 8888)

-- TLS/SSL initialization
conn = ssl.wrap(conn, params)
conn:dohandshake()
--

print(conn:receive("*l"))
conn:close()
 require("socket")
require("ssl")

-- TLS/SSL server parameters (omitted)
local params

local server = socket.tcp()
server:bind("127.0.0.1", 8888)
server:listen()
local conn = server:accept()

-- TLS/SSL initialization
conn = ssl.wrap(conn, params)
conn:dohandshake()
--

conn:send("one line\n")
conn:close()

LuaSec needs a set of information (such as protocol, key, certificate, etc.) to wrap the TCP connection. For instance, we can use the following parameters in the example above:

Client Server
 -- TLS/SSL client parameters
local params = {
mode = "client",
protocol = "tlsv1",
key = "/etc/certs/clientkey.pem",
certificate = "/etc/certs/client.pem",
cafile = "/etc/certs/CA.pem",
verify = "peer",
options = "all",
}
 -- TLS/SSL server parameters
local params = {
mode = "server",
protocol = "tlsv1",
key = "/etc/certs/serverkey.pem",
certificate = "/etc/certs/server.pem",
cafile = "/etc/certs/CA.pem",
verify = {"peer", "fail_if_no_peer_cert"},
options = {"all", "no_sslv2"},
ciphers = "ALL:!ADH:@STRENGTH",
}

Download

LuaSec depends on LuaSocket package. On Windows, LuaSec and LuaSocket must be compiled with the same C++ Run-Time.

All tests were performed on Linux, Mac OS X, Windows XP, and BSD, using Lua 5.1.4, LuaSocket 2.0.2, and OpenSSL 0.9.8.

Windows Binaries Packages

The modules were built using Visual C++ 2008 (version 9), Multi-threaded DLL (/MD), and OpenSSL 0.9.8 on Windows XP  — see "dll9" in Lua Binaries for more information.

You can download the OpenSSL and Visual C++ 2008 Redistributables here. If you are not a developer, you can install the light version of OpenSSL.

License

LuaSec is available under the same terms and conditions as the Lua language — the MIT license.

Contact


Last update: 14-Oct-2009 21:25
eXTReMe Tracker

SSL Lua SSL Lua OpenSSL Lua OpenSSL