Software / code / prosody
Annotate
util/envload.lua @ 10224:94e341dee51c
core.certmanager: Move EECDH ciphers before EDH in default cipherstring
The original intent of having kEDH before kEECDH was that if a `dhparam`
file was specified, this would be interpreted as a preference by the
admin for old and well-tested Diffie-Hellman key agreement over newer
elliptic curve ones. Otherwise the faster elliptic curve ciphersuites
would be preferred. This didn't really work as intended since this
affects the ClientHello on outgoing s2s connections, leading to some
servers using poorly configured kEDH.
With Debian shipping OpenSSL settings that enforce a higher security
level, this caused interoperability problems with servers that use DH
params smaller than 2048 bits. E.g. jabber.org at the time of this
writing has 1024 bit DH params.
MattJ says
> Curves have won, and OpenSSL is less weird about them now
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 25 Aug 2019 20:22:35 +0200 |
| parent | 8416:bc9cb23b604a |
| child | 12576:d1aacc6a81ac |
| rev | line source |
|---|---|
|
5020
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
1 -- Prosody IM |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
2 -- Copyright (C) 2008-2011 Florian Zeitz |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
3 -- |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
4 -- This project is MIT/X11 licensed. Please see the |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
5 -- COPYING file in the source package for more information. |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
6 -- |
|
8416
bc9cb23b604a
util.envload: Ignore "undefined variable" warning for loadstring [luacheck with strict 5.2 or 5.3 checks]
Kim Alvefur <zash@zash.se>
parents:
7930
diff
changeset
|
7 -- luacheck: ignore 113/setfenv 113/loadstring |
|
5020
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
8 |
|
7924
8487fe9fc335
util.envload: Open file here instead of letting loadfile do it so that all return values from io.open can be collected
Kim Alvefur <zash@zash.se>
parents:
7728
diff
changeset
|
9 local load, loadstring, setfenv = load, loadstring, setfenv; |
|
8487fe9fc335
util.envload: Open file here instead of letting loadfile do it so that all return values from io.open can be collected
Kim Alvefur <zash@zash.se>
parents:
7728
diff
changeset
|
10 local io_open = io.open; |
|
5020
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
11 local envload; |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
12 local envloadfile; |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
13 |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
14 if setfenv then |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
15 function envload(code, source, env) |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
16 local f, err = loadstring(code, source); |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
17 if f and env then setfenv(f, env); end |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
18 return f, err; |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
19 end |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
20 |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
21 function envloadfile(file, env) |
|
7924
8487fe9fc335
util.envload: Open file here instead of letting loadfile do it so that all return values from io.open can be collected
Kim Alvefur <zash@zash.se>
parents:
7728
diff
changeset
|
22 local fh, err, errno = io_open(file); |
|
8487fe9fc335
util.envload: Open file here instead of letting loadfile do it so that all return values from io.open can be collected
Kim Alvefur <zash@zash.se>
parents:
7728
diff
changeset
|
23 if not fh then return fh, err, errno; end |
|
8487fe9fc335
util.envload: Open file here instead of letting loadfile do it so that all return values from io.open can be collected
Kim Alvefur <zash@zash.se>
parents:
7728
diff
changeset
|
24 local f, err = load(function () return fh:read(2048); end, "@"..file); |
|
7930
5dec27760ecd
util.envload: Close file handle after reading data
Kim Alvefur <zash@zash.se>
parents:
7924
diff
changeset
|
25 fh:close(); |
|
5020
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
26 if f and env then setfenv(f, env); end |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
27 return f, err; |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
28 end |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
29 else |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
30 function envload(code, source, env) |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
31 return load(code, source, nil, env); |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
32 end |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
33 |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
34 function envloadfile(file, env) |
|
7924
8487fe9fc335
util.envload: Open file here instead of letting loadfile do it so that all return values from io.open can be collected
Kim Alvefur <zash@zash.se>
parents:
7728
diff
changeset
|
35 local fh, err, errno = io_open(file); |
|
8487fe9fc335
util.envload: Open file here instead of letting loadfile do it so that all return values from io.open can be collected
Kim Alvefur <zash@zash.se>
parents:
7728
diff
changeset
|
36 if not fh then return fh, err, errno; end |
|
7930
5dec27760ecd
util.envload: Close file handle after reading data
Kim Alvefur <zash@zash.se>
parents:
7924
diff
changeset
|
37 local f, err = load(fh:lines(2048), "@"..file, nil, env); |
|
5dec27760ecd
util.envload: Close file handle after reading data
Kim Alvefur <zash@zash.se>
parents:
7924
diff
changeset
|
38 fh:close(); |
|
5dec27760ecd
util.envload: Close file handle after reading data
Kim Alvefur <zash@zash.se>
parents:
7924
diff
changeset
|
39 return f, err; |
|
5020
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
40 end |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
41 end |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
42 |
|
ef1eb65acbba
util.envload: New module to abstract Lua 5.1's setfenv and Lua 5.2's load
Florian Zeitz <florob@babelmonkeys.de>
parents:
diff
changeset
|
43 return { envload = envload, envloadfile = envloadfile }; |
