prosody
61da4491eebc
net/tls_luasec.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Diff

net/tls_luasec.lua @ 13502:61da4491eebc

util.sslconfig: Support DH parameters as literal string Simplifies shipping well-known DH parameters in the config
author Kim Alvefur <zash@zash.se>
date Fri, 12 Jul 2024 15:21:08 +0200
parent 13116:58e793288d9c
line wrap: on
line diff
--- a/net/tls_luasec.lua	Thu Jul 11 15:25:57 2024 +0200
+++ b/net/tls_luasec.lua	Fri Jul 12 15:21:08 2024 +0200
@@ -54,7 +54,10 @@
 	-- LuaSec expects dhparam to be a callback that takes two arguments.
 	-- We ignore those because it is mostly used for having a separate
 	-- set of params for EXPORT ciphers, which we don't have by default.
-	if type(cfg.dhparam) == "string" then
+	if type(cfg.dhparam) == "string" and cfg.dhparam:sub(1, 10) == "-----BEGIN" then
+		local dhparam = cfg.dhparam;
+		cfg.dhparam = function() return dhparam; end
+	elseif type(cfg.dhparam) == "string" then
 		local f, err = io_open(cfg.dhparam);
 		if not f then return nil, "Could not open DH parameters: "..err end
 		local dhparam = f:read("*a");