Mercurial Mercurial > prosody > prosody / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
core/certmanager.lua
changeset 5816 20e2b588f8c2
parent 5815 b93d096607b4
child 5819 441876452b9c
child 5820 6bc4077bc1f9 
--- a/core/certmanager.lua	Tue Sep 03 12:11:11 2013 +0100
+++ b/core/certmanager.lua	Tue Sep 03 13:13:31 2013 +0200
@@ -72,6 +72,17 @@
 		dhparam = user_ssl_config.dhparam;
 	};
 
+	-- LuaSec expects dhparam to be a callback that takes two arguments.
+	-- We ignore those because it is mostly used for having a separate
+	-- set of params for EXPORT ciphers, which we don't have by default.
+	if type(user_ssl_config.dhparam) == "string" then
+		local f, err = io_open(resolve_path(user_ssl_config.dhparam));
+		if not f then return nil, "Could not open DH parameters: "..err end
+		local dhparam = f:read("*a");
+		f:close();
+		user_ssl_config.dhparam = function() return dhparam; end
+	end
+
 	local ctx, err = ssl_newcontext(ssl_config);
 
 	-- COMPAT: LuaSec 0.4.1 ignores the cipher list from the config, so we have to take
prosody