Software /
code /
prosody
Comparison
core/certmanager.lua @ 4899:0b8134015635
certmanager: Don't use no_ticket option before LuaSec 0.4
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sat, 19 May 2012 21:53:43 +0100 |
parent | 4890:7d4ec9609957 |
child | 4900:d885ca14362d |
comparison
equal
deleted
inserted
replaced
4898:010c01841ed0 | 4899:0b8134015635 |
---|---|
15 | 15 |
16 local prosody = prosody; | 16 local prosody = prosody; |
17 local resolve_path = configmanager.resolve_relative_path; | 17 local resolve_path = configmanager.resolve_relative_path; |
18 local config_path = prosody.paths.config; | 18 local config_path = prosody.paths.config; |
19 | 19 |
20 local luasec_major, luasec_minor = ssl._VERSION:match("^(%d+)%.(%d+)"); | |
21 local luasec_has_noticket = luasec_major>0 or luasec_minor>=4; | |
22 | |
20 module "certmanager" | 23 module "certmanager" |
21 | 24 |
22 -- Global SSL options if not overridden per-host | 25 -- Global SSL options if not overridden per-host |
23 local default_ssl_config = configmanager.get("*", "core", "ssl"); | 26 local default_ssl_config = configmanager.get("*", "core", "ssl"); |
24 local default_capath = "/etc/ssl/certs"; | 27 local default_capath = "/etc/ssl/certs"; |
25 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose" }) or "none"; | 28 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose" }) or "none"; |
26 local default_options = { "no_sslv2", "no_ticket" }; | 29 local default_options = { "no_sslv2", luasec_has_noticket and "no_ticket" or nil }; |
27 | 30 |
28 function create_context(host, mode, user_ssl_config) | 31 function create_context(host, mode, user_ssl_config) |
29 user_ssl_config = user_ssl_config or default_ssl_config; | 32 user_ssl_config = user_ssl_config or default_ssl_config; |
30 | 33 |
31 if not ssl then return nil, "LuaSec (required for encryption) was not found"; end | 34 if not ssl then return nil, "LuaSec (required for encryption) was not found"; end |