diff core/certmanager.lua @ 13703:99d2100d2918 13.0

core.certmanager: Move LuaSec verification tweaks to mod_s2s These two settings are only really needed for XMPP server-to-server connections.
author Kim Alvefur <zash@zash.se>
date Sat, 15 Feb 2025 00:19:01 +0100
parents 8b68e8faab52
children 49bbdc22846d
line wrap: on
line diff
--- a/core/certmanager.lua	Sat Feb 15 10:31:37 2025 +0000
+++ b/core/certmanager.lua	Sat Feb 15 00:19:01 2025 +0100
@@ -189,10 +189,6 @@
 		single_ecdh_use = tls.features.options.single_ecdh_use;
 		no_renegotiation = tls.features.options.no_renegotiation;
 	};
-	verifyext = {
-		"lsec_continue", -- Continue past certificate verification errors
-		"lsec_ignore_purpose", -- Validate client certificates as if they were server certificates
-	};
 	curve = tls.features.algorithms.ec and not tls.features.capabilities.curves_list and "secp384r1";
 	curveslist = {
 		"X25519",