Luasec - Lua HTTPS Library

I was working on the Luasec library over the summer mainly on fixing the HTTPS redirects, the CONNECT proxy implementation (for redirecting requests over the HTTP CONNECT tunnel) and adding support for HTTP/2(Client).

My fork of Luasec(dev branch) can be found here which has all the recent updates as part of GSoC and all the relevant commits.

Work done till now

HTTPS Module

I was working to add features for the HTTPS module during the first part of GSoC. It now supports the ability to talk HTTPS with a proxy, redirects through or without the proxy for HTTPS URLs, certain low level HTTP API functions are exposed and also supports SNI now. Work done in this section are relevant to this file.

More details on how to use it and references for the functions can be found on the wiki page of my fork here.

HTTP/2 Module

This portion of the module was worked on during the second part of GSoC. I went by implementing RFC’s sequentially while also trying to make sure that I had a basic implementation for sending and receving frames working all along. Work done in this section are relevant to these files.

1) Error Module

2) Stream Module

3) Codec Module

4) Bit Operation Module

The Codec Module is used for string packing and unpacking. It provides a unified interface for various modes in string.pack and string.unpack functions. The Bit operation module smoothens out all the various lua bit libraries and versions. The bit libary with luajit, bit32 libary with lua 5.2 and lua 5.3 built in bit operators are wrapped in a unified function.

The RFC I used can be found here. I also used the lua-http module for lot of reference code. The module can be found here. The Bit operation module, error module was taken from lua-http and modified to work with luasec. The stream module has certain functions which are taken from lua-http with the cqueue dependency removed and modified to work with luasocket.

The first two sections in the RFC are just an introduction and a generic protcol overview.

1) Section 3

2) Section 4

3) Section 5

4) Section 6

Section 7 deals with the error module for which I have added a basic module which can be found here.

Section 8 deals with HTTP/2 connection management and deals just with specifying which frames have been used for what kind of requests and what to do when we receive a response. I used this section as a reference for implementing my HTTP/2 connection module. Other sections in the RFC are also just considerations and references for a good implementation.

One of the most important part of this was reading RFC’s and learning to adhere to the specs. Also learnt a lot about debugging a network protocol implementation while getting to know the internals. More details about the implementation and references can be found in the wiki.

Work to be done

Roadmap for the HTTP/2 implementation and future work

I have been implementing HTTP/2 based on the RFC going through it one by one. I took a lot of template code from the lua-http module which can be found here. Certain modules from lua-http were imported without much changes but have been modified to work with luasec. The connection:methods and stream:methods are mostly based on lua-http module which I have worked on to work with luasocket.

Section 7 deals with HTTP/2 error codes for which we have to implement a module specifying the same. Based on this module it also has to be linked with the existing implementation so that all the error’s (essentially error messages) get redirected to it and we receive proper error messages for debugging effectively.

Section 9 deals with Additional HTTP/2 requirements like connection management, setting up and following a priority tree and connection reuse.

· coding, lua, GSoC, network, linux, internship