Comparison

core/certmanager.lua @ 4899:0b8134015635

certmanager: Don't use no_ticket option before LuaSec 0.4
author Matthew Wild <mwild1@gmail.com>
date Sat, 19 May 2012 21:53:43 +0100
parent 4890:7d4ec9609957
child 4900:d885ca14362d
comparison
equal deleted inserted replaced
4898:010c01841ed0 4899:0b8134015635
15 15
16 local prosody = prosody; 16 local prosody = prosody;
17 local resolve_path = configmanager.resolve_relative_path; 17 local resolve_path = configmanager.resolve_relative_path;
18 local config_path = prosody.paths.config; 18 local config_path = prosody.paths.config;
19 19
20 local luasec_major, luasec_minor = ssl._VERSION:match("^(%d+)%.(%d+)");
21 local luasec_has_noticket = luasec_major>0 or luasec_minor>=4;
22
20 module "certmanager" 23 module "certmanager"
21 24
22 -- Global SSL options if not overridden per-host 25 -- Global SSL options if not overridden per-host
23 local default_ssl_config = configmanager.get("*", "core", "ssl"); 26 local default_ssl_config = configmanager.get("*", "core", "ssl");
24 local default_capath = "/etc/ssl/certs"; 27 local default_capath = "/etc/ssl/certs";
25 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose" }) or "none"; 28 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose" }) or "none";
26 local default_options = { "no_sslv2", "no_ticket" }; 29 local default_options = { "no_sslv2", luasec_has_noticket and "no_ticket" or nil };
27 30
28 function create_context(host, mode, user_ssl_config) 31 function create_context(host, mode, user_ssl_config)
29 user_ssl_config = user_ssl_config or default_ssl_config; 32 user_ssl_config = user_ssl_config or default_ssl_config;
30 33
31 if not ssl then return nil, "LuaSec (required for encryption) was not found"; end 34 if not ssl then return nil, "LuaSec (required for encryption) was not found"; end