diff options
author | Kim Alvefur <zash@zash.se> | 2015-02-05 15:14:35 +0100 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2015-02-05 15:14:35 +0100 |
commit | fb96020a96a45c0980b980cce62f1cabcff53b00 (patch) | |
tree | 423e54c47fb114b12f697ed5ac93f027c48e5ac8 /core | |
parent | 7565573fec1be97e8d23f29092992773fd6be05a (diff) | |
download | prosody-fb96020a96a45c0980b980cce62f1cabcff53b00.tar.gz prosody-fb96020a96a45c0980b980cce62f1cabcff53b00.zip |
certmanager: Add locals for ssl.context and ssl.x509
Diffstat (limited to 'core')
-rw-r--r-- | core/certmanager.lua | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index a9b4018f..8bdb6b82 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -19,6 +19,8 @@ end local configmanager = require "core.configmanager"; local log = require "util.logger".init("certmanager"); +local ssl_context = ssl.context or softreq"ssl.context"; +local ssl_x509 = ssl.x509 or softreq"ssl.x509"; local ssl_newcontext = ssl.newcontext; local new_config = require"util.sslconfig".new; @@ -47,7 +49,7 @@ local global_ssl_config = configmanager.get("*", "ssl"); local core_defaults = { capath = "/etc/ssl/certs"; protocol = "tlsv1+"; - verify = (ssl.x509 and { "peer", "client_once", }) or "none"; + verify = (ssl_x509 and { "peer", "client_once", }) or "none"; options = { cipher_server_preference = true; no_ticket = luasec_has_noticket; @@ -64,7 +66,7 @@ local path_options = { -- These we pass through resolve_path() key = true, certificate = true, cafile = true, capath = true, dhparam = true } -if not luasec_has_verifyext and ssl.x509 then +if not luasec_has_verifyext and ssl_x509 then -- COMPAT mw/luasec-hg for i=1,#core_defaults.verifyext do -- Remove lsec_ prefix core_defaults.verify[#core_defaults.verify+1] = core_defaults.verifyext[i]:sub(6); @@ -114,7 +116,7 @@ function create_context(host, mode, ...) -- of it ourselves (W/A for #x) if ctx and user_ssl_config.ciphers then local success; - success, err = ssl.context.setcipher(ctx, user_ssl_config.ciphers); + success, err = ssl_context.setcipher(ctx, user_ssl_config.ciphers); if not success then ctx = nil; end end |