prosody
92cddfe65003
core/certmanager.lua
Software / code / prosody
Comparison
core/certmanager.lua @ 8279:92cddfe65003
core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if used along with luasec 0.7 and openssl 1.1
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 27 Sep 2017 15:45:07 +0200 |
| parent | 8274:3798955049e3 |
| child | 8403:ba39d3a1d42e |
comparison
equal
deleted
inserted
replaced
| 8278:a349299038ff | 8279:92cddfe65003 |
|---|---|
| 105 single_dh_use = luasec_has.single_dh_use; | 105 single_dh_use = luasec_has.single_dh_use; |
| 106 single_ecdh_use = luasec_has.single_ecdh_use; | 106 single_ecdh_use = luasec_has.single_ecdh_use; |
| 107 }; | 107 }; |
| 108 verifyext = { "lsec_continue", "lsec_ignore_purpose" }; | 108 verifyext = { "lsec_continue", "lsec_ignore_purpose" }; |
| 109 curve = "secp384r1"; | 109 curve = "secp384r1"; |
| 110 curveslist = { | |
| 111 "X25519", | |
| 112 "P-384", | |
| 113 "P-256", | |
| 114 "P-521", | |
| 115 }; | |
| 110 ciphers = { -- Enabled ciphers in order of preference: | 116 ciphers = { -- Enabled ciphers in order of preference: |
| 111 "HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set | 117 "HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set |
| 112 "HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange | 118 "HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange |
| 113 "HIGH", -- Other "High strength" ciphers | 119 "HIGH", -- Other "High strength" ciphers |
| 114 -- Disabled cipher suites: | 120 -- Disabled cipher suites: |
