From 296e43024490607f164fd43a00ce0f9715f2ef73 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 27 Sep 2017 15:21:20 +0200
Subject: prosodyctl: cert import: Reuse function from certmanager for locating
 certificates and keys

---
 core/certmanager.lua | 1 +
 1 file changed, 1 insertion(+)

(limited to 'core/certmanager.lua')

diff --git a/core/certmanager.lua b/core/certmanager.lua
index 288836ce..73b346c3 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -231,4 +231,5 @@ prosody.events.add_handler("config-reloaded", reload_ssl_config);
 return {
 	create_context = create_context;
 	reload_ssl_config = reload_ssl_config;
+	find_cert = find_cert;
 };
-- 
cgit v1.2.3


From e1a94acbb9d847c10417838ac435e4e81a43ed5d Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 27 Sep 2017 15:45:07 +0200
Subject: core.certmanager: Set a default curveslist [sic], fixes #879, #943,
 #951 if used along with luasec 0.7 and openssl 1.1

---
 core/certmanager.lua | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'core/certmanager.lua')

diff --git a/core/certmanager.lua b/core/certmanager.lua
index 73b346c3..2be66a21 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -107,6 +107,12 @@ local core_defaults = {
 	};
 	verifyext = { "lsec_continue", "lsec_ignore_purpose" };
 	curve = "secp384r1";
+	curveslist = {
+		"X25519",
+		"P-384",
+		"P-256",
+		"P-521",
+	};
 	ciphers = {      -- Enabled ciphers in order of preference:
 		"HIGH+kEDH",   -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set
 		"HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange
-- 
cgit v1.2.3