mirror of
https://github.com/bjc/prosody.git
synced 2025-04-04 05:37:39 +03:00
core.certmanager: Disable DANE name checks (not needed for XMPP)
Pending https://github.com/brunoos/luasec/pull/179 Should not be done globally, but rather only for s2sout, but that would have to be in mod_tls then.
This commit is contained in:
Kim Alvefur
parent
91172308d6
commit
3b2c39901a
1 changed files with 1 additions and 1 deletions
|
|
@ -251,7 +251,7 @@ local core_defaults = {
|
|||
"!3DES", -- 3DES - slow and of questionable security
|
||||
"!aNULL", -- Ciphers that does not authenticate the connection
|
||||
};
|
||||
dane = configmanager.get("*", "use_dane");
|
||||
dane = luasec_has.capabilities.dane and configmanager.get("*", "use_dane") and { "no_ee_namechecks" };
|
||||
}
|
||||
|
||||
local mozilla_ssl_configs = {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue