diff options
| author | Kim Alvefur <zash@zash.se> | 2025-02-15 00:19:01 +0100 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2025-02-15 00:19:01 +0100 |
| commit | 346f58c9d9fe2e876a140cce1763c585a6f1bdb0 (patch) | |
| tree | 65a284c65f431dec1e278f2650895d294e39590a /core/certmanager.lua | |
| parent | f5f2755b632aef7d2646ee7db9e1b63c1cb9a099 (diff) | |
| download | prosody-346f58c9d9fe2e876a140cce1763c585a6f1bdb0.tar.gz prosody-346f58c9d9fe2e876a140cce1763c585a6f1bdb0.zip | |
core.certmanager: Move LuaSec verification tweaks to mod_s2s
These two settings are only really needed for XMPP server-to-server
connections.
Diffstat (limited to 'core/certmanager.lua')
| -rw-r--r-- | core/certmanager.lua | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index 9e0ace6a..1c9cefed 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -189,10 +189,6 @@ local core_defaults = { single_ecdh_use = tls.features.options.single_ecdh_use; no_renegotiation = tls.features.options.no_renegotiation; }; - verifyext = { - "lsec_continue", -- Continue past certificate verification errors - "lsec_ignore_purpose", -- Validate client certificates as if they were server certificates - }; curve = tls.features.algorithms.ec and not tls.features.capabilities.curves_list and "secp384r1"; curveslist = { "X25519", |