prosody
07b6a669f7f1
core/certmanager.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

core/certmanager.lua @ 13753:07b6a669f7f1 default tip

Merge 13.0->trunk
author Matthew Wild <mwild1@gmail.com>
date Mon, 24 Feb 2025 17:49:55 +0000
parent 13752:49bbdc22846d
comparison
equal deleted inserted replaced
13751:7c98981d3fe9 13753:07b6a669f7f1
89 if lfs.attributes(full, "mode") == "directory" then 89 if lfs.attributes(full, "mode") == "directory" then
90 if file:sub(1,1) ~= "." then 90 if file:sub(1,1) ~= "." then
91 index_certs(full, files_by_name, depth_limit-1); 91 index_certs(full, files_by_name, depth_limit-1);
92 end 92 end
93 elseif file:find("%.crt$") or file:find("fullchain") then -- This should catch most fullchain files 93 elseif file:find("%.crt$") or file:find("fullchain") then -- This should catch most fullchain files
94 local f = io_open(full); 94 local f, err = io_open(full);
95 if f then 95 if f then
96 -- TODO look for chained certificates 96 -- TODO look for chained certificates
97 local firstline = f:read(); 97 local firstline = f:read();
98 if firstline == "-----BEGIN CERTIFICATE-----" and lfs.attributes(find_matching_key(full), "mode") == "file" then 98 if firstline == "-----BEGIN CERTIFICATE-----" and lfs.attributes(find_matching_key(full), "mode") == "file" then
99 f:seek("set") 99 f:seek("set")
111 files_by_name[name][full] = services; 111 files_by_name[name][full] = services;
112 else 112 else
113 files_by_name[name] = { [full] = services; }; 113 files_by_name[name] = { [full] = services; };
114 end 114 end
115 end 115 end
116 else
117 log("debug", "Skipping expired certificate: %s", full);
116 end 118 end
117 end 119 end
118 f:close(); 120 f:close();
119 end 121 elseif err then
120 end 122 log("debug", "Failed to open file for indexing: %s", full);
121 end 123 end
122 log("debug", "Certificate index: %q", files_by_name); 124 end
125 end
126 log("debug", "Certificate index in %s: %q", dir, files_by_name);
123 -- | hostname | filename | service | 127 -- | hostname | filename | service |
124 return files_by_name; 128 return files_by_name;
125 end 129 end
126 130
127 local cert_index; 131 local cert_index;