prosody
ca52d40e74da
core/certmanager.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Diff

core/certmanager.lua @ 8404:ca52d40e74da

certmanager: Filter out curves not supported by LuaSec
author Kim Alvefur <zash@zash.se>
date Mon, 20 Nov 2017 00:26:41 +0100
parent 8403:ba39d3a1d42e
child 8405:a3cf899fd61b
line wrap: on
line diff
--- a/core/certmanager.lua	Mon Nov 20 00:25:18 2017 +0100
+++ b/core/certmanager.lua	Mon Nov 20 00:26:41 2017 +0100
@@ -27,6 +27,7 @@
 
 local tonumber, tostring = tonumber, tostring;
 local pairs = pairs;
+local t_remove = table.remove;
 local type = type;
 local io_open = io.open;
 local select = select;
@@ -131,6 +132,17 @@
 		"!aNULL",      -- Ciphers that does not authenticate the connection
 	};
 }
+
+if luasec_has.curves then
+	for i = #core_defaults.curveslist, 1, -1 do
+		if not luasec_has.curves[ core_defaults.curveslist[i] ] then
+			t_remove(core_defaults.curveslist, i);
+		end
+	end
+else
+	core_defaults.curveslist = nil;
+end
+
 local path_options = { -- These we pass through resolve_path()
 	key = true, certificate = true, cafile = true, capath = true, dhparam = true
 }