aboutsummaryrefslogtreecommitdiffstats
path: root/util
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2024-07-12 15:21:08 +0200
committerKim Alvefur <zash@zash.se>2024-07-12 15:21:08 +0200
commitdd657746b490c203d3e503d9359fec9dca6884fd (patch)
treec5002acd7770c2c696c43873cf9d798d4ba62d50 /util
parentb9cfebff245640c9074efac52cc4bdc8ee10bea8 (diff)
downloadprosody-dd657746b490c203d3e503d9359fec9dca6884fd.tar.gz
prosody-dd657746b490c203d3e503d9359fec9dca6884fd.zip
util.sslconfig: Support DH parameters as literal string
Simplifies shipping well-known DH parameters in the config
Diffstat (limited to 'util')
-rw-r--r--util/sslconfig.lua14
1 files changed, 12 insertions, 2 deletions
diff --git a/util/sslconfig.lua b/util/sslconfig.lua
index 7b0ed34a..01a8adb5 100644
--- a/util/sslconfig.lua
+++ b/util/sslconfig.lua
@@ -84,8 +84,18 @@ end
finalisers.certificate = finalisers.key;
finalisers.cafile = finalisers.key;
finalisers.capath = finalisers.key;
--- XXX: copied from core/certmanager.lua, but this seems odd, because it would remove a dhparam function from the config
-finalisers.dhparam = finalisers.key;
+
+function finalisers.dhparam(value, config)
+ if type(value) == "string" then
+ if value:sub(1, 10) == "-----BEGIN" then
+ -- literal value
+ return value;
+ else
+ -- assume a filename
+ return resolve_path(config._basedir, value);
+ end
+ end
+end
-- protocol = "x" should enable only that protocol
-- protocol = "x+" should enable x and later versions