Software /
code /
prosody
Comparison
core/certmanager.lua @ 11549:5a484bd050a7 0.11
core.certmanager: Test for SSL options in absence of LuaSec config
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 26 Apr 2021 15:32:05 +0200 |
parent | 11548:55ef50d6cf65 |
child | 11551:aaf9c6b6d18d |
comparison
equal
deleted
inserted
replaced
11548:55ef50d6cf65 | 11549:5a484bd050a7 |
---|---|
34 | 34 |
35 local prosody = prosody; | 35 local prosody = prosody; |
36 local resolve_path = require"util.paths".resolve_relative_path; | 36 local resolve_path = require"util.paths".resolve_relative_path; |
37 local config_path = prosody.paths.config or "."; | 37 local config_path = prosody.paths.config or "."; |
38 | 38 |
39 local function test_option(option) | |
40 return not not ssl_newcontext({mode="server",protocol="sslv23",options={ option }}); | |
41 end | |
42 | |
39 local luasec_major, luasec_minor = ssl._VERSION:match("^(%d+)%.(%d+)"); | 43 local luasec_major, luasec_minor = ssl._VERSION:match("^(%d+)%.(%d+)"); |
40 local luasec_version = tonumber(luasec_major) * 100 + tonumber(luasec_minor); | 44 local luasec_version = tonumber(luasec_major) * 100 + tonumber(luasec_minor); |
41 local luasec_has = ssl.config or softreq"ssl.config" or { | 45 local luasec_has = ssl.config or softreq"ssl.config" or { |
42 algorithms = { | 46 algorithms = { |
43 ec = luasec_version >= 5; | 47 ec = luasec_version >= 5; |
44 }; | 48 }; |
45 capabilities = { | 49 capabilities = { |
46 curves_list = luasec_version >= 7; | 50 curves_list = luasec_version >= 7; |
47 }; | 51 }; |
48 options = { | 52 options = { |
49 cipher_server_preference = luasec_version >= 2; | 53 cipher_server_preference = test_option("cipher_server_preference"); |
50 no_ticket = luasec_version >= 4; | 54 no_ticket = test_option("no_ticket"); |
51 no_compression = luasec_version >= 5; | 55 no_compression = test_option("no_compression"); |
52 single_dh_use = luasec_version >= 2; | 56 single_dh_use = test_option("single_dh_use"); |
53 single_ecdh_use = luasec_version >= 2; | 57 single_ecdh_use = test_option("single_ecdh_use"); |
54 }; | 58 }; |
55 }; | 59 }; |
56 | 60 |
57 local _ENV = nil; | 61 local _ENV = nil; |
58 -- luacheck: std none | 62 -- luacheck: std none |