prosody
b54b33f59c6e
core/certmanager.lua
Software / code / prosody
Comparison
core/certmanager.lua @ 6568:b54b33f59c6e
certmanager: Limit certificate chain depth to 9
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 05 Feb 2015 16:59:34 +0100 |
| parent | 6567:d4a68d93ad04 |
| child | 6569:e6ff3ec99f24 |
comparison
equal
deleted
inserted
replaced
| 6567:d4a68d93ad04 | 6568:b54b33f59c6e |
|---|---|
| 51 local global_ssl_config = configmanager.get("*", "ssl"); | 51 local global_ssl_config = configmanager.get("*", "ssl"); |
| 52 | 52 |
| 53 -- Built-in defaults | 53 -- Built-in defaults |
| 54 local core_defaults = { | 54 local core_defaults = { |
| 55 capath = "/etc/ssl/certs"; | 55 capath = "/etc/ssl/certs"; |
| 56 depth = 9; | |
| 56 protocol = "tlsv1+"; | 57 protocol = "tlsv1+"; |
| 57 verify = (ssl_x509 and { "peer", "client_once", }) or "none"; | 58 verify = (ssl_x509 and { "peer", "client_once", }) or "none"; |
| 58 options = { | 59 options = { |
| 59 cipher_server_preference = luasec_has.cipher_server_preference; | 60 cipher_server_preference = luasec_has.cipher_server_preference; |
| 60 no_ticket = luasec_has.no_ticket; | 61 no_ticket = luasec_has.no_ticket; |
