mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 21:57:45 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

certmanager: Filter out curves not supported by LuaSec

Browse source
This commit is contained in:
Kim Alvefur 2017-11-20 00:26:41 +01:00
parent 0315d775b2
commit b9005e7b8a
1 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
core/certmanager.lua
View file

@ -27,6 +27,7 @@ local stat = require "lfs".attributes;
local tonumber, tostring = tonumber, tostring; local tonumber, tostring = tonumber, tostring;
local pairs = pairs; local pairs = pairs;
local t_remove = table.remove;
local type = type; local type = type;
local io_open = io.open; local io_open = io.open;
local select = select; local select = select;
@ -131,6 +132,17 @@ local core_defaults = {
"!aNULL", -- Ciphers that does not authenticate the connection "!aNULL", -- Ciphers that does not authenticate the connection
}; };
} }
if luasec_has.curves then
for i = #core_defaults.curveslist, 1, -1 do
if not luasec_has.curves[ core_defaults.curveslist[i] ] then
t_remove(core_defaults.curveslist, i);
end
end
else
core_defaults.curveslist = nil;
end
local path_options = { -- These we pass through resolve_path() local path_options = { -- These we pass through resolve_path()
key = true, certificate = true, cafile = true, capath = true, dhparam = true key = true, certificate = true, cafile = true, capath = true, dhparam = true
} }