Software / code / prosody
Diff
core/certmanager.lua @ 5816:20e2b588f8c2
certmanager: Allow for specifying the dhparam option as a path to a file instead of a callback
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 03 Sep 2013 13:13:31 +0200 |
| parent | 5815:b93d096607b4 |
| child | 5819:441876452b9c |
| child | 5820:6bc4077bc1f9 |
line wrap: on
line diff
--- a/core/certmanager.lua Tue Sep 03 12:11:11 2013 +0100 +++ b/core/certmanager.lua Tue Sep 03 13:13:31 2013 +0200 @@ -72,6 +72,17 @@ dhparam = user_ssl_config.dhparam; }; + -- LuaSec expects dhparam to be a callback that takes two arguments. + -- We ignore those because it is mostly used for having a separate + -- set of params for EXPORT ciphers, which we don't have by default. + if type(user_ssl_config.dhparam) == "string" then + local f, err = io_open(resolve_path(user_ssl_config.dhparam)); + if not f then return nil, "Could not open DH parameters: "..err end + local dhparam = f:read("*a"); + f:close(); + user_ssl_config.dhparam = function() return dhparam; end + end + local ctx, err = ssl_newcontext(ssl_config); -- COMPAT: LuaSec 0.4.1 ignores the cipher list from the config, so we have to take
