Software / code / prosody
Changeset
8279:92cddfe65003
core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if used along with luasec 0.7 and openssl 1.1
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 27 Sep 2017 15:45:07 +0200 |
| parents | 8278:a349299038ff |
| children | 8280:9ca0e3128b62 |
| files | core/certmanager.lua |
| diffstat | 1 files changed, 6 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/core/certmanager.lua Wed Sep 27 15:38:46 2017 +0200 +++ b/core/certmanager.lua Wed Sep 27 15:45:07 2017 +0200 @@ -107,6 +107,12 @@ }; verifyext = { "lsec_continue", "lsec_ignore_purpose" }; curve = "secp384r1"; + curveslist = { + "X25519", + "P-384", + "P-256", + "P-521", + }; ciphers = { -- Enabled ciphers in order of preference: "HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set "HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange
