aboutsummaryrefslogtreecommitdiffstats
path: root/core/certmanager.lua
Commit message (Collapse)AuthorAgeFilesLines
* Merge 0.9->trunkMatthew Wild2013-07-131-0/+1
|\
| * certmanager: Set our own default cipher string, which includes only ciphers ↵Matthew Wild2013-07-131-0/+1
| | | | | | | | regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4.
* | certmanager: Overhaul of how ssl configs are built.Kim Alvefur2013-06-131-38/+45
| |
* | Merge 0.9->trunkMatthew Wild2013-06-131-0/+5
|\|
| * certmanager: Add single_dh_use and single_ecdh_use to default optionsMatthew Wild2013-06-131-0/+5
| |
* | Merge 0.9->trunkMatthew Wild2013-06-131-1/+1
|\|
| * certmanager: Set ssl.curve to 'secp384r1' by default, to enable ECC ciphersMatthew Wild2013-06-131-1/+1
| |
* | Merge 0.9->trunkMatthew Wild2013-06-111-0/+2
|\|
| * certmanager: Use 'curve' and 'dhparam' options from ssl config if presentMatthew Wild2013-06-111-0/+2
| |
* | certmanager: Complain if key or certificate is missing from SSL config.Kim Alvefur2013-06-071-0/+2
|/
* certmanager: Disable SSL compression if possible (LuaSec 0.5 or ↵Matthew Wild2013-05-221-1/+5
| | | | 0.4.1+OpenSSL 1.x)
* core.*: Complete removal of all traces of the "core" section and ↵Kim Alvefur2013-03-231-2/+2
| | | | section-related code.
* certmanager: Fix nil index if no LuaSec availableKim Alvefur2013-01-071-1/+1
|
* core.certmanager: Add support for LuaSec 0.5. Also compat with MattJs luasec-hgKim Alvefur2012-12-281-2/+12
|
* certmanager: Remove unused import of setmetatableMatthew Wild2012-07-231-1/+1
|
* certmanager: Fix for traceback WITH LuaSec... (!) (thanks IRON)Matthew Wild2012-07-231-2/+5
|
* certmanager: Fix traceback for missing LuaSec (thanks Link Mauve)Matthew Wild2012-07-231-2/+2
|
* certmanager: Add quotes around cert file path when logging.Waqas Hussain2012-06-121-1/+1
|
* certmanager: tonumber() (fix for 0b8134015635)Matthew Wild2012-05-191-1/+1
|
* certmanager: Don't use no_ticket option before LuaSec 0.4Matthew Wild2012-05-191-1/+4
|
* certmanager: no_ticket is not a verification option (thanks Zash)Matthew Wild2012-05-181-2/+2
|
* certmanager: Add no_ticket option for OpenSSL (we don't support resumption yet)Matthew Wild2012-05-181-1/+1
|
* certmanager: Adjust error messages to be non-specific about 'host' (so we ↵Matthew Wild2012-05-111-2/+2
| | | | can specify a service name instead ffor SSL)
* core.certmanager: Log a message when a password is required but not ↵Kim Alvefur2012-04-211-1/+1
| | | | supplied. fixes #214
* certmanager: More informative logging.Waqas Hussain2011-11-011-2/+2
|
* certmanager: Support setting ciphers in SSL config. LuaSec apparently ↵Waqas Hussain2011-08-251-1/+9
| | | | ignores the documented ciphers option.
* certmanager: Add required verify flags for cert verification if LuaSec ↵Matthew Wild2010-11-281-2/+4
| | | | (probably) supports them
* prosody, configmanager, certmanager: Relocate ↵Matthew Wild2010-11-101-1/+1
| | | | prosody.resolve_relative_path() to configmanager, and update certmanager (the only user of this function)
* certmanager, hostmanager, mod_tls: Move responsibility for creating per-host ↵Matthew Wild2010-11-061-2/+2
| | | | SSL contexts to mod_tls, meaning reloading certs is now as trivial as reloading mod_tls
* Monster whitespace commit (beware the whitespace monster).Waqas Hussain2010-10-161-2/+2
|
* prosody.resolve_relative_path: Updated to take a parent path to resolve against.Waqas Hussain2010-07-231-4/+5
|
* Merge 0.7->trunkMatthew Wild2010-07-231-2/+2
|\
| * certmanager: Don't disable LuaSec and future cert loading on failure, and ↵Matthew Wild2010-07-231-2/+3
| | | | | | | | add error messages to the no LuaSec/config cases (thanks Jakob)
* | Merge with backoutMatthew Wild2010-07-151-1/+1
|\ \
| * | Backed out changeset 598c33a99a31 (already fixed a better way)Matthew Wild2010-07-151-1/+1
| | |
* | | certmanager: Fix to handle the case of no SSL configuration at allMatthew Wild2010-07-141-2/+2
| | |
* | | certmanager: Added copyright header.Waqas Hussain2010-07-151-0/+8
| | |
* | | certmanager: Defined default_capath to prevent a global nil access.Waqas Hussain2010-07-151-0/+1
|/ /
* | certmanager: Use an empty table as the default ssl config when a global ↵Waqas Hussain2010-07-151-1/+1
| | | | | | | | 'ssl' config option isn't specified (fixes a top-level traceback on startup).
* | certmanager: Remove debug logging accidentally committedMatthew Wild2010-07-131-2/+0
| |
* | certmanager: Adjust paths of SSL key/certs to be relative to the config ↵Matthew Wild2010-07-131-38/+48
|/ | | | file, fixes #147
* certmanager: Friendlier error reporting on OpenWRT and other cases where we ↵Matthew Wild2010-03-051-1/+3
| | | | don't understand the OpenSSL error
* certmanager: Fix nil global access (thanks Marc)Matthew Wild2010-03-051-1/+1
|
* certmanager: Fix global accessMatthew Wild2010-03-011-1/+1
|
* Merge with 0.7Matthew Wild2010-02-131-1/+28
|\
| * certmanager: Bring back the friendly errors when failing to load the ↵Matthew Wild2010-02-131-1/+28
| | | | | | | | key/certificate file
* | certmanager, hostmanager: Rename get_context() to create_context() to be ↵Matthew Wild2010-02-131-1/+1
|/ | | | more explicit about what it does
* certmanager: Fix traceback with no LuaSecMatthew Wild2010-02-051-1/+1
|
* certmanager: Tabs not spaces!Matthew Wild2010-02-051-3/+3
|
* certmanager: Hello world, I'm come to manage your SSL contextsMatthew Wild2010-01-311-0/+35