From 375e615103568f5de0f2f8722768f48850760a29 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 20 Mar 2013 20:31:02 +0000 Subject: net.http: Allow passing an SSL context or options table to be used for HTTPS requests (thanks daurnimator) --- net/http.lua | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'net/http.lua') diff --git a/net/http.lua b/net/http.lua index 273eee09..9ed837e2 100644 --- a/net/http.lua +++ b/net/http.lua @@ -188,7 +188,12 @@ function request(u, ex, callback) return nil, err; end - req.handler, req.conn = server.wrapclient(conn, req.host, port, listener, "*a", using_https and { mode = "client", protocol = "sslv23" }); + local sslctx = false; + if using_https then + sslctx = ex and ex.sslctx or { mode = "client", protocol = "sslv23" }; + end + + req.handler, req.conn = server.wrapclient(conn, req.host, port, listener, "*a", sslctx); req.write = function (...) return req.handler:write(...); end req.callback = function (content, code, request, response) log("debug", "Calling callback, status %s", code or "---"); return select(2, xpcall(function () return callback(content, code, request, response) end, handleerr)); end -- cgit v1.2.3 From 0c46e400afa7fef669b2f3a9ea2ed76633e8652b Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 20 Mar 2013 20:31:52 +0000 Subject: net.http: Disable SSLv2 support for HTTPS connections --- net/http.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net/http.lua') diff --git a/net/http.lua b/net/http.lua index 9ed837e2..a1e4e523 100644 --- a/net/http.lua +++ b/net/http.lua @@ -190,7 +190,7 @@ function request(u, ex, callback) local sslctx = false; if using_https then - sslctx = ex and ex.sslctx or { mode = "client", protocol = "sslv23" }; + sslctx = ex and ex.sslctx or { mode = "client", protocol = "sslv23", options = { "no_sslv2" } }; end req.handler, req.conn = server.wrapclient(conn, req.host, port, listener, "*a", sslctx); -- cgit v1.2.3