Diff

core/certmanager.lua @ 6089:d774cb85664b

certmanager: Move ssl.protocol handling to after ssl.options is a table (thanks Ralph)
author Kim Alvefur <zash@zash.se>
date Mon, 21 Apr 2014 02:43:09 +0200
parent 6087:821756a862b0
child 6165:6a184b16b717
line wrap: on
line diff
--- a/core/certmanager.lua	Sun Apr 20 21:25:26 2014 +0200
+++ b/core/certmanager.lua	Mon Apr 21 02:43:09 2014 +0200
@@ -16,6 +16,7 @@
 local type = type;
 local io_open = io.open;
 local t_concat = table.concat;
+local t_insert = table.insert;
 
 local prosody = prosody;
 local resolve_path = configmanager.resolve_relative_path;
@@ -100,14 +101,6 @@
 		end
 	end
 
-	local min_protocol = protocols[user_ssl_config.protocol];
-	if min_protocol then
-		user_ssl_config.protocol = "sslv23";
-		for i = min_protocol, 1, -1 do
-			user_ssl_config.options["no_"..protocols[i]] = true;
-		end
-	end
-
 	for option in pairs(set_options) do
 		local merged = {};
 		merge_set(core_defaults[option], merged);
@@ -124,6 +117,14 @@
 		user_ssl_config[option] = final_array;
 	end
 
+	local min_protocol = protocols[user_ssl_config.protocol];
+	if min_protocol then
+		user_ssl_config.protocol = "sslv23";
+		for i = 1, min_protocol do
+			t_insert(user_ssl_config.options, "no_"..protocols[i]);
+		end
+	end
+
 	-- We can't read the password interactively when daemonized
 	user_ssl_config.password = user_ssl_config.password or
 		function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end;