aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2024-07-12 15:21:08 +0200
committerKim Alvefur <zash@zash.se>2024-07-12 15:21:08 +0200
commitdd657746b490c203d3e503d9359fec9dca6884fd (patch)
treec5002acd7770c2c696c43873cf9d798d4ba62d50 /net
parentb9cfebff245640c9074efac52cc4bdc8ee10bea8 (diff)
downloadprosody-dd657746b490c203d3e503d9359fec9dca6884fd.tar.gz
prosody-dd657746b490c203d3e503d9359fec9dca6884fd.zip
util.sslconfig: Support DH parameters as literal string
Simplifies shipping well-known DH parameters in the config
Diffstat (limited to 'net')
-rw-r--r--net/tls_luasec.lua5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/tls_luasec.lua b/net/tls_luasec.lua
index 3af2fc6b..4e4e92ed 100644
--- a/net/tls_luasec.lua
+++ b/net/tls_luasec.lua
@@ -54,7 +54,10 @@ local function new_context(cfg, builder)
-- LuaSec expects dhparam to be a callback that takes two arguments.
-- We ignore those because it is mostly used for having a separate
-- set of params for EXPORT ciphers, which we don't have by default.
- if type(cfg.dhparam) == "string" then
+ if type(cfg.dhparam) == "string" and cfg.dhparam:sub(1, 10) == "-----BEGIN" then
+ local dhparam = cfg.dhparam;
+ cfg.dhparam = function() return dhparam; end
+ elseif type(cfg.dhparam) == "string" then
local f, err = io_open(cfg.dhparam);
if not f then return nil, "Could not open DH parameters: "..err end
local dhparam = f:read("*a");