diff options
author | Kim Alvefur <zash@zash.se> | 2014-04-21 02:43:38 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2014-04-21 02:43:38 +0200 |
commit | 8750213c6c10a57b43d0951bf9fb6d2272d048c1 (patch) | |
tree | b383147eebb56b96cc27488ef4247a6444dd9088 | |
parent | 78485768ee3faccea47511db836410f7fa34c03e (diff) | |
parent | 3674d9327763a1c9a69d86d72680de1651fa6511 (diff) | |
download | prosody-8750213c6c10a57b43d0951bf9fb6d2272d048c1.tar.gz prosody-8750213c6c10a57b43d0951bf9fb6d2272d048c1.zip |
Merge 0.10->trunk
-rw-r--r-- | core/certmanager.lua | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index ced17e58..74da771e 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -16,6 +16,7 @@ local pairs = pairs; local type = type; local io_open = io.open; local t_concat = table.concat; +local t_insert = table.insert; local prosody = prosody; local resolve_path = configmanager.resolve_relative_path; @@ -100,14 +101,6 @@ function create_context(host, mode, user_ssl_config) end end - local min_protocol = protocols[user_ssl_config.protocol]; - if min_protocol then - user_ssl_config.protocol = "sslv23"; - for i = min_protocol, 1, -1 do - user_ssl_config.options["no_"..protocols[i]] = true; - end - end - for option in pairs(set_options) do local merged = {}; merge_set(core_defaults[option], merged); @@ -124,6 +117,14 @@ function create_context(host, mode, user_ssl_config) user_ssl_config[option] = final_array; end + local min_protocol = protocols[user_ssl_config.protocol]; + if min_protocol then + user_ssl_config.protocol = "sslv23"; + for i = 1, min_protocol do + t_insert(user_ssl_config.options, "no_"..protocols[i]); + end + end + -- We can't read the password interactively when daemonized user_ssl_config.password = user_ssl_config.password or function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end; |