diff options
author | Kim Alvefur <zash@zash.se> | 2024-07-12 15:21:08 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2024-07-12 15:21:08 +0200 |
commit | dd657746b490c203d3e503d9359fec9dca6884fd (patch) | |
tree | c5002acd7770c2c696c43873cf9d798d4ba62d50 /util | |
parent | b9cfebff245640c9074efac52cc4bdc8ee10bea8 (diff) | |
download | prosody-dd657746b490c203d3e503d9359fec9dca6884fd.tar.gz prosody-dd657746b490c203d3e503d9359fec9dca6884fd.zip |
util.sslconfig: Support DH parameters as literal string
Simplifies shipping well-known DH parameters in the config
Diffstat (limited to 'util')
-rw-r--r-- | util/sslconfig.lua | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/util/sslconfig.lua b/util/sslconfig.lua index 7b0ed34a..01a8adb5 100644 --- a/util/sslconfig.lua +++ b/util/sslconfig.lua @@ -84,8 +84,18 @@ end finalisers.certificate = finalisers.key; finalisers.cafile = finalisers.key; finalisers.capath = finalisers.key; --- XXX: copied from core/certmanager.lua, but this seems odd, because it would remove a dhparam function from the config -finalisers.dhparam = finalisers.key; + +function finalisers.dhparam(value, config) + if type(value) == "string" then + if value:sub(1, 10) == "-----BEGIN" then + -- literal value + return value; + else + -- assume a filename + return resolve_path(config._basedir, value); + end + end +end -- protocol = "x" should enable only that protocol -- protocol = "x+" should enable x and later versions |