Mercurial > prosody-hg
comparison core/certmanager.lua @ 5820:6bc4077bc1f9 0.9.1
certmanager: Fix dhparam callback, missing imports (Testing, pfft)
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 03 Sep 2013 13:40:29 +0200 |
| parents | 20e2b588f8c2 |
| children | 7974683a9bb7 1b0ac7950129 |
comparison
equal
deleted
inserted
replaced
| 5816:20e2b588f8c2 | 5820:6bc4077bc1f9 |
|---|---|
| 10 local log = require "util.logger".init("certmanager"); | 10 local log = require "util.logger".init("certmanager"); |
| 11 local ssl = ssl; | 11 local ssl = ssl; |
| 12 local ssl_newcontext = ssl and ssl.newcontext; | 12 local ssl_newcontext = ssl and ssl.newcontext; |
| 13 | 13 |
| 14 local tostring = tostring; | 14 local tostring = tostring; |
| 15 local type = type; | |
| 16 local io_open = io.open; | |
| 15 | 17 |
| 16 local prosody = prosody; | 18 local prosody = prosody; |
| 17 local resolve_path = configmanager.resolve_relative_path; | 19 local resolve_path = configmanager.resolve_relative_path; |
| 18 local config_path = prosody.paths.config; | 20 local config_path = prosody.paths.config; |
| 19 | 21 |
| 73 }; | 75 }; |
| 74 | 76 |
| 75 -- LuaSec expects dhparam to be a callback that takes two arguments. | 77 -- LuaSec expects dhparam to be a callback that takes two arguments. |
| 76 -- We ignore those because it is mostly used for having a separate | 78 -- We ignore those because it is mostly used for having a separate |
| 77 -- set of params for EXPORT ciphers, which we don't have by default. | 79 -- set of params for EXPORT ciphers, which we don't have by default. |
| 78 if type(user_ssl_config.dhparam) == "string" then | 80 if type(ssl_config.dhparam) == "string" then |
| 79 local f, err = io_open(resolve_path(user_ssl_config.dhparam)); | 81 local f, err = io_open(resolve_path(config_path, ssl_config.dhparam)); |
| 80 if not f then return nil, "Could not open DH parameters: "..err end | 82 if not f then return nil, "Could not open DH parameters: "..err end |
| 81 local dhparam = f:read("*a"); | 83 local dhparam = f:read("*a"); |
| 82 f:close(); | 84 f:close(); |
| 83 user_ssl_config.dhparam = function() return dhparam; end | 85 ssl_config.dhparam = function() return dhparam; end |
| 84 end | 86 end |
| 85 | 87 |
| 86 local ctx, err = ssl_newcontext(ssl_config); | 88 local ctx, err = ssl_newcontext(ssl_config); |
| 87 | 89 |
| 88 -- COMPAT: LuaSec 0.4.1 ignores the cipher list from the config, so we have to take | 90 -- COMPAT: LuaSec 0.4.1 ignores the cipher list from the config, so we have to take |
