mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-06 14:47:37 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
12535 commits 12 branches 101 tags 40 MiB
Commit graph

152 commits

Author SHA1 Message Date
Florian Zeitz
1d833bb807 Remove all trailing whitespace 2013-08-09 17:48:21 +02:00
Matthew Wild
7a8fd288b5 Merge 0.9->trunk 2013-07-13 13:17:53 +01:00
Matthew Wild
2840e0726a certmanager: Set our own default cipher string, which includes only ciphers regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4. 2013-07-13 13:15:24 +01:00
Kim Alvefur
2bf1a784c7 certmanager: Overhaul of how ssl configs are built. 2013-06-13 17:44:42 +02:00
Matthew Wild
4191089ebd Merge 0.9->trunk 2013-06-13 00:46:29 +01:00
Matthew Wild
0aef21fc95 certmanager: Add single_dh_use and single_ecdh_use to default options 2013-06-13 00:45:41 +01:00
Matthew Wild
616c7ef550 Merge 0.9->trunk 2013-06-13 00:09:56 +01:00
Matthew Wild
1290bf766c certmanager: Set ssl.curve to 'secp384r1' by default, to enable ECC ciphers 2013-06-13 00:04:04 +01:00
Matthew Wild
6008554b60 Merge 0.9->trunk 2013-06-11 21:50:41 +01:00
Matthew Wild
040187b661 certmanager: Use 'curve' and 'dhparam' options from ssl config if present 2013-06-11 21:44:53 +01:00
Kim Alvefur
0a3f580122 certmanager: Complain if key or certificate is missing from SSL config. 2013-06-07 20:55:02 +02:00
Matthew Wild
840cf714cf certmanager: Disable SSL compression if possible (LuaSec 0.5 or 0.4.1+OpenSSL 1.x) 2013-05-22 14:32:02 +01:00
Kim Alvefur
1acfdf5914 core.*: Complete removal of all traces of the "core" section and section-related code. 2013-03-23 02:33:15 +01:00
Kim Alvefur
ce6f0ac685 certmanager: Fix nil index if no LuaSec available 2013-01-07 02:17:07 +01:00
Kim Alvefur
4f4bc7973a core.certmanager: Add support for LuaSec 0.5. Also compat with MattJs luasec-hg 2012-12-28 15:00:43 +01:00
Kim Alvefur
9f65ce7189 core.certmanager: Do not ask for client certificates by default 
Since it's mostly only mod_s2s that needs to request client
certificates it makes some sense to have mod_s2s ask for this, instead
of having eg mod_http ask to disable it.
 2019-03-10 19:58:28 +01:00
Matthew Wild
badc4159d6 certmanager: Remove unused import of setmetatable 2012-07-23 16:42:26 +01:00
Matthew Wild
d1da857c33 certmanager: Fix for traceback WITH LuaSec... (!) (thanks IRON) 2012-07-23 16:39:49 +01:00
Matthew Wild
9d5b5e9a91 certmanager: Fix traceback for missing LuaSec (thanks Link Mauve) 2012-07-23 14:17:42 +01:00
Waqas Hussain
93f062ef64 certmanager: Add quotes around cert file path when logging. 2012-06-12 17:02:35 +05:00
Matthew Wild
dd4ba4d3ea certmanager: tonumber() (fix for 0b8134015635) 2012-05-19 21:57:40 +01:00
Matthew Wild
8bc1656f72 certmanager: Don't use no_ticket option before LuaSec 0.4 2012-05-19 21:53:43 +01:00
Matthew Wild
3faa06e9d4 certmanager: no_ticket is not a verification option (thanks Zash) 2012-05-18 01:50:51 +01:00
Matthew Wild
832a84b92b certmanager: Add no_ticket option for OpenSSL (we don't support resumption yet) 2012-05-18 00:31:23 +01:00
Matthew Wild
dac159e422 certmanager: Adjust error messages to be non-specific about 'host' (so we can specify a service name instead ffor SSL) 2012-05-11 20:24:15 +01:00
Kim Alvefur
e0762790fd core.certmanager: Log a message when a password is required but not supplied. fixes #214 2012-04-21 23:11:59 +02:00
Waqas Hussain
163e9d4bef certmanager: More informative logging. 2011-11-01 23:57:42 +05:00
Waqas Hussain
c405d599c5 certmanager: Support setting ciphers in SSL config. LuaSec apparently ignores the documented ciphers option. 2011-08-25 12:09:16 +05:00
Matthew Wild
1a9eab004c certmanager: Add required verify flags for cert verification if LuaSec (probably) supports them 2010-11-28 21:09:55 +00:00
Matthew Wild
385fd64606 prosody, configmanager, certmanager: Relocate prosody.resolve_relative_path() to configmanager, and update certmanager (the only user of this function) 2010-11-10 19:46:53 +00:00
Matthew Wild
c6045f3c70 certmanager, hostmanager, mod_tls: Move responsibility for creating per-host SSL contexts to mod_tls, meaning reloading certs is now as trivial as reloading mod_tls 2010-11-06 18:28:15 +00:00
Waqas Hussain
b7e51a203d Monster whitespace commit (beware the whitespace monster). 2010-10-16 23:00:42 +05:00
Waqas Hussain
1cbe0cea9b prosody.resolve_relative_path: Updated to take a parent path to resolve against. 2010-07-23 23:14:50 +05:00
Matthew Wild
5623158b44 Merge 0.7->trunk 2010-07-23 09:22:27 +01:00
Matthew Wild
bb6d7b0d22 certmanager: Don't disable LuaSec and future cert loading on failure, and add error messages to the no LuaSec/config cases (thanks Jakob) 2010-07-23 09:17:11 +01:00
Matthew Wild
948f1a6aed Merge with backout 2010-07-15 08:27:56 +01:00
Matthew Wild
1ec1d76bf9 Backed out changeset 598c33a99a31 (already fixed a better way) 2010-07-15 08:25:50 +01:00
Waqas Hussain
cf0bd27f7c certmanager: Use an empty table as the default ssl config when a global 'ssl' config option isn't specified (fixes a top-level traceback on startup). 2010-07-15 11:25:41 +05:00
Matthew Wild
b3416f9848 certmanager: Fix to handle the case of no SSL configuration at all 2010-07-14 16:24:15 +01:00
Waqas Hussain
128f9755b7 certmanager: Added copyright header. 2010-07-15 11:28:31 +05:00
Waqas Hussain
bbbad88859 certmanager: Defined default_capath to prevent a global nil access. 2010-07-15 11:28:14 +05:00
Matthew Wild
e5aa3b5432 certmanager: Remove debug logging accidentally committed 2010-07-13 15:28:52 +01:00
Matthew Wild
2ffddaad84 certmanager: Adjust paths of SSL key/certs to be relative to the config file, fixes #147 2010-07-13 13:56:14 +01:00
Matthew Wild
1967ba02a5 certmanager: Friendlier error reporting on OpenWRT and other cases where we don't understand the OpenSSL error 2010-03-05 15:00:11 +00:00
Matthew Wild
0851470da3 certmanager: Fix nil global access (thanks Marc) 2010-03-05 14:49:56 +00:00
Matthew Wild
c91f1d7494 certmanager: Fix global access 2010-03-01 18:52:47 +00:00
Matthew Wild
bb996f5317 Merge with 0.7 2010-02-13 16:12:53 +00:00
Matthew Wild
f6063e31eb certmanager: Bring back the friendly errors when failing to load the key/certificate file 2010-02-13 16:12:21 +00:00
Matthew Wild
cec65108c9 certmanager, hostmanager: Rename get_context() to create_context() to be more explicit about what it does 2010-02-13 16:08:43 +00:00
Matthew Wild
efae77c493 certmanager: Fix traceback with no LuaSec 2010-02-05 14:31:25 +00:00