diff options
author | Kim Alvefur <zash@zash.se> | 2014-04-21 02:43:38 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2014-04-21 02:43:38 +0200 |
commit | b5a7d2f77bbf1990fc9da09469d93c179fc2f2e4 (patch) | |
tree | b383147eebb56b96cc27488ef4247a6444dd9088 | |
parent | 5c9b1e7c12e66e518237b17f26629b7da6198a4c (diff) | |
parent | 2b09f7cffb7c04ec127d75b2776d8938f8ac2441 (diff) | |
download | prosody-b5a7d2f77bbf1990fc9da09469d93c179fc2f2e4.tar.gz prosody-b5a7d2f77bbf1990fc9da09469d93c179fc2f2e4.zip |
Merge 0.10->trunk
-rw-r--r-- | core/certmanager.lua | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index ced17e58..74da771e 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -16,6 +16,7 @@ local pairs = pairs; local type = type; local io_open = io.open; local t_concat = table.concat; +local t_insert = table.insert; local prosody = prosody; local resolve_path = configmanager.resolve_relative_path; @@ -100,14 +101,6 @@ function create_context(host, mode, user_ssl_config) end end - local min_protocol = protocols[user_ssl_config.protocol]; - if min_protocol then - user_ssl_config.protocol = "sslv23"; - for i = min_protocol, 1, -1 do - user_ssl_config.options["no_"..protocols[i]] = true; - end - end - for option in pairs(set_options) do local merged = {}; merge_set(core_defaults[option], merged); @@ -124,6 +117,14 @@ function create_context(host, mode, user_ssl_config) user_ssl_config[option] = final_array; end + local min_protocol = protocols[user_ssl_config.protocol]; + if min_protocol then + user_ssl_config.protocol = "sslv23"; + for i = 1, min_protocol do + t_insert(user_ssl_config.options, "no_"..protocols[i]); + end + end + -- We can't read the password interactively when daemonized user_ssl_config.password = user_ssl_config.password or function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end; |