Software /
code /
prosody
File
util/bitcompat.lua @ 11749:83d6d6a70edf
net.http: fail open if surrounding code does not configure TLS
Previously, if surrounding code was not configuring the TLS context
used default in net.http, it would not validate certificates at all.
This is not a security issue with prosody, because prosody updates the
context with `verify = "peer"` as well as paths to CA certificates in
util.startup.init_http_client.
Nevertheless... Let's not leave this pitfall out there in the open.
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Sun, 29 Aug 2021 15:04:47 +0200 |
parent | 10241:48f7cda4174d |
child | 12573:0f4feaf9ca64 |
line wrap: on
line source
-- Compatibility layer for bitwise operations -- First try the bit32 lib -- Lua 5.3 has it with compat enabled -- Lua 5.2 has it by default if _G.bit32 then return _G.bit32; else -- Lua 5.1 may have it as a standalone module that can be installed local ok, bitop = pcall(require, "bit32") if ok then return bitop; end end do -- Lua 5.3 and 5.4 would be able to use native infix operators local ok, bitop = pcall(require, "util.bit53") if ok then return bitop; end end do -- Lastly, try the LuaJIT bitop library local ok, bitop = pcall(require, "bit") if ok then return bitop; end end error "No bit module found. See https://prosody.im/doc/depends#bitop";