prosody
b93d096607b4
core/certmanager.lua
Software / code / prosody
Comparison
core/certmanager.lua @ 5815:b93d096607b4
certmanager: Fix for working around a bug with LuaSec 0.4.1 that causes it to not honour the 'ciphers' option. This change will apply 0.9's default cipher string for LuaSec 0.4.1 users.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 03 Sep 2013 12:11:11 +0100 |
| parent | 5745:a1b0cfebeeba |
| child | 5816:20e2b588f8c2 |
comparison
equal
deleted
inserted
replaced
| 5813:c888f548876b | 5815:b93d096607b4 |
|---|---|
| 72 dhparam = user_ssl_config.dhparam; | 72 dhparam = user_ssl_config.dhparam; |
| 73 }; | 73 }; |
| 74 | 74 |
| 75 local ctx, err = ssl_newcontext(ssl_config); | 75 local ctx, err = ssl_newcontext(ssl_config); |
| 76 | 76 |
| 77 -- LuaSec ignores the cipher list from the config, so we have to take care | 77 -- COMPAT: LuaSec 0.4.1 ignores the cipher list from the config, so we have to take |
| 78 -- of it ourselves (W/A for #x) | 78 -- care of it ourselves... |
| 79 if ctx and user_ssl_config.ciphers then | 79 if ctx and ssl_config.ciphers then |
| 80 local success; | 80 local success; |
| 81 success, err = ssl.context.setcipher(ctx, user_ssl_config.ciphers); | 81 success, err = ssl.context.setcipher(ctx, ssl_config.ciphers); |
| 82 if not success then ctx = nil; end | 82 if not success then ctx = nil; end |
| 83 end | 83 end |
| 84 | 84 |
| 85 if not ctx then | 85 if not ctx then |
| 86 err = err or "invalid ssl config" | 86 err = err or "invalid ssl config" |
