Software /
code /
prosody
Comparison
core/certmanager.lua @ 4890:7d4ec9609957
certmanager: no_ticket is not a verification option (thanks Zash)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Fri, 18 May 2012 01:50:51 +0100 |
parent | 4889:0c5091b8b833 |
child | 4899:0b8134015635 |
comparison
equal
deleted
inserted
replaced
4889:0c5091b8b833 | 4890:7d4ec9609957 |
---|---|
20 module "certmanager" | 20 module "certmanager" |
21 | 21 |
22 -- Global SSL options if not overridden per-host | 22 -- Global SSL options if not overridden per-host |
23 local default_ssl_config = configmanager.get("*", "core", "ssl"); | 23 local default_ssl_config = configmanager.get("*", "core", "ssl"); |
24 local default_capath = "/etc/ssl/certs"; | 24 local default_capath = "/etc/ssl/certs"; |
25 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose", "no_ticket" }) or "no_ticket"; | 25 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose" }) or "none"; |
26 local default_options = { "no_sslv2" }; | 26 local default_options = { "no_sslv2", "no_ticket" }; |
27 | 27 |
28 function create_context(host, mode, user_ssl_config) | 28 function create_context(host, mode, user_ssl_config) |
29 user_ssl_config = user_ssl_config or default_ssl_config; | 29 user_ssl_config = user_ssl_config or default_ssl_config; |
30 | 30 |
31 if not ssl then return nil, "LuaSec (required for encryption) was not found"; end | 31 if not ssl then return nil, "LuaSec (required for encryption) was not found"; end |