Software /
code /
prosody
Comparison
core/certmanager.lua @ 5921:f7601ce30cfc
certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Thu, 21 Nov 2013 02:11:09 +0000 |
parent | 5915:e6fed1d80116 |
child | 5922:dd11480ecd47 |
child | 6496:e4b998ffc922 |
comparison
equal
deleted
inserted
replaced
5915:e6fed1d80116 | 5921:f7601ce30cfc |
---|---|
68 verify = user_ssl_config.verify or default_verify; | 68 verify = user_ssl_config.verify or default_verify; |
69 verifyext = user_ssl_config.verifyext or default_verifyext; | 69 verifyext = user_ssl_config.verifyext or default_verifyext; |
70 options = user_ssl_config.options or default_options; | 70 options = user_ssl_config.options or default_options; |
71 depth = user_ssl_config.depth; | 71 depth = user_ssl_config.depth; |
72 curve = user_ssl_config.curve or "secp384r1"; | 72 curve = user_ssl_config.curve or "secp384r1"; |
73 ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH+kRSA:!DSS:!3DES:!aNULL"; | 73 ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL"; |
74 dhparam = user_ssl_config.dhparam; | 74 dhparam = user_ssl_config.dhparam; |
75 }; | 75 }; |
76 | 76 |
77 -- LuaSec expects dhparam to be a callback that takes two arguments. | 77 -- LuaSec expects dhparam to be a callback that takes two arguments. |
78 -- We ignore those because it is mostly used for having a separate | 78 -- We ignore those because it is mostly used for having a separate |