prosody
0413aaf9edae
net/server.lua
Software / code / prosody
Comparison
net/server.lua @ 1612:0413aaf9edae
net.server: Much improve SSL/TLS error reporting, do our best to understand and hide OpenSSL's ridiculously unfriendly error messages
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 28 Jul 2009 14:48:37 +0100 |
| parent | 1581:4cdf9cefa0bc |
| child | 1683:a73b0557d87a |
| child | 1785:17c0fb598c97 |
comparison
equal
deleted
inserted
replaced
| 1609:95d3bcd82334 | 1612:0413aaf9edae |
|---|---|
| 179 end | 179 end |
| 180 if type( sslctx ) ~= "table" then | 180 if type( sslctx ) ~= "table" then |
| 181 out_error "server.lua: wrong server sslctx" | 181 out_error "server.lua: wrong server sslctx" |
| 182 ssl = false | 182 ssl = false |
| 183 end | 183 end |
| 184 sslctx, err = ssl_newcontext( sslctx ) | 184 local ctx; |
| 185 if not sslctx then | 185 ctx, err = ssl_newcontext( sslctx ) |
| 186 if not ctx then | |
| 186 err = err or "wrong sslctx parameters" | 187 err = err or "wrong sslctx parameters" |
| 187 out_error( "server.lua: ", err ) | 188 local file; |
| 189 file = err:match("^error loading (.-) %("); | |
| 190 if file then | |
| 191 if file == "private key" then | |
| 192 file = sslctx.key or "your private key"; | |
| 193 elseif file == "certificate" then | |
| 194 file = sslctx.certificate or "your certificate file"; | |
| 195 end | |
| 196 local reason = err:match("%((.+)%)$") or "some reason"; | |
| 197 if reason == "Permission denied" then | |
| 198 reason = "Check that the permissions allow Prosody to read this file."; | |
| 199 elseif reason == "No such file or directory" then | |
| 200 reason = "Check that the path is correct, and the file exists."; | |
| 201 elseif reason == "system lib" then | |
| 202 reason = "Previous error (see logs), or other system error."; | |
| 203 else | |
| 204 reason = "Reason: "..tostring(reason or "unknown"):lower(); | |
| 205 end | |
| 206 log("error", "SSL/TLS: Failed to load %s: %s", file, reason); | |
| 207 else | |
| 208 log("error", "SSL/TLS: Error initialising for port %d: %s", serverport, err ); | |
| 209 end | |
| 188 ssl = false | 210 ssl = false |
| 189 end | 211 end |
| 212 sslctx = ctx; | |
| 190 end | 213 end |
| 191 if not ssl then | 214 if not ssl then |
| 192 sslctx = false; | 215 sslctx = false; |
| 193 if startssl then | 216 if startssl then |
| 194 out_error( "server.lua: Cannot start ssl on port: ", serverport ) | 217 log("error", "Failed to listen on port %d due to SSL/TLS to SSL/TLS initialisation errors (see logs)", serverport ) |
| 195 return nil, "Cannot start ssl, see log for details" | 218 return nil, "Cannot start ssl, see log for details" |
| 196 else | |
| 197 out_put("server.lua: ", "ssl not enabled on ", serverport); | |
| 198 end | 219 end |
| 199 end | 220 end |
| 200 | 221 |
| 201 local accept = socket.accept | 222 local accept = socket.accept |
| 202 | 223 |
