From 8bc1656f72fd0dbb35b8e4f3ca87f849e8c4401e Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Sat, 19 May 2012 21:53:43 +0100
Subject: certmanager: Don't use no_ticket option before LuaSec 0.4

---
 core/certmanager.lua | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/core/certmanager.lua b/core/certmanager.lua
index 1b1615a1..f8f449c9 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -17,13 +17,16 @@ local prosody = prosody;
 local resolve_path = configmanager.resolve_relative_path;
 local config_path = prosody.paths.config;
 
+local luasec_major, luasec_minor = ssl._VERSION:match("^(%d+)%.(%d+)");
+local luasec_has_noticket = luasec_major>0 or luasec_minor>=4;
+
 module "certmanager"
 
 -- Global SSL options if not overridden per-host
 local default_ssl_config = configmanager.get("*", "core", "ssl");
 local default_capath = "/etc/ssl/certs";
 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", "continue", "ignore_purpose" }) or "none";
-local default_options = { "no_sslv2", "no_ticket" };
+local default_options = { "no_sslv2", luasec_has_noticket and "no_ticket" or nil };
 
 function create_context(host, mode, user_ssl_config)
 	user_ssl_config = user_ssl_config or default_ssl_config;
-- 
cgit v1.2.3