prosody
24070d47a6e7
core/certmanager.lua
Software / code / prosody
Comparison
core/certmanager.lua @ 13291:24070d47a6e7 0.12
core.certmanager: Validate that 'tls_profile' is one of the valid values
A typo should not result in ending up with "legacy"
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 27 Oct 2023 19:03:59 +0200 |
| parent | 13178:e689d4c45681 |
| child | 13292:8fbdd878fcf6 |
comparison
equal
deleted
inserted
replaced
| 13267:7ae000fc8c07 | 13291:24070d47a6e7 |
|---|---|
| 334 mode = mode, | 334 mode = mode, |
| 335 -- We can't read the password interactively when daemonized | 335 -- We can't read the password interactively when daemonized |
| 336 password = function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end; | 336 password = function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end; |
| 337 }); | 337 }); |
| 338 local profile = configmanager.get("*", "tls_profile") or "intermediate"; | 338 local profile = configmanager.get("*", "tls_profile") or "intermediate"; |
| 339 if profile ~= "legacy" then | 339 if mozilla_ssl_configs[profile] then |
| 340 cfg:apply(mozilla_ssl_configs[profile]); | 340 cfg:apply(mozilla_ssl_configs[profile]); |
| 341 elseif profile ~= "legacy" then | |
| 342 log("error", "Invalid value for 'tls_profile': expected one of \"modern\", \"intermediate\" (default), \"old\" or \"legacy\" but got %q", profile); | |
| 343 return nil, "Invalid configuration, 'tls_profile' had an unknown value."; | |
| 341 end | 344 end |
| 342 cfg:apply(global_ssl_config); | 345 cfg:apply(global_ssl_config); |
| 343 | 346 |
| 344 for i = select('#', ...), 1, -1 do | 347 for i = select('#', ...), 1, -1 do |
| 345 cfg:apply(select(i, ...)); | 348 cfg:apply(select(i, ...)); |
