diff options
author | Kim Alvefur <zash@zash.se> | 2024-07-12 15:21:08 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2024-07-12 15:21:08 +0200 |
commit | dd657746b490c203d3e503d9359fec9dca6884fd (patch) | |
tree | c5002acd7770c2c696c43873cf9d798d4ba62d50 /net | |
parent | b9cfebff245640c9074efac52cc4bdc8ee10bea8 (diff) | |
download | prosody-dd657746b490c203d3e503d9359fec9dca6884fd.tar.gz prosody-dd657746b490c203d3e503d9359fec9dca6884fd.zip |
util.sslconfig: Support DH parameters as literal string
Simplifies shipping well-known DH parameters in the config
Diffstat (limited to 'net')
-rw-r--r-- | net/tls_luasec.lua | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/net/tls_luasec.lua b/net/tls_luasec.lua index 3af2fc6b..4e4e92ed 100644 --- a/net/tls_luasec.lua +++ b/net/tls_luasec.lua @@ -54,7 +54,10 @@ local function new_context(cfg, builder) -- LuaSec expects dhparam to be a callback that takes two arguments. -- We ignore those because it is mostly used for having a separate -- set of params for EXPORT ciphers, which we don't have by default. - if type(cfg.dhparam) == "string" then + if type(cfg.dhparam) == "string" and cfg.dhparam:sub(1, 10) == "-----BEGIN" then + local dhparam = cfg.dhparam; + cfg.dhparam = function() return dhparam; end + elseif type(cfg.dhparam) == "string" then local f, err = io_open(cfg.dhparam); if not f then return nil, "Could not open DH parameters: "..err end local dhparam = f:read("*a"); |