prosody
3e3e282f20a3
core/portmanager.lua
Software / code / prosody
Comparison
core/portmanager.lua @ 4856:3e3e282f20a3
portmanager: Support for per-port SSL certificates
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 11 May 2012 21:24:43 +0100 |
| parent | 4809:3068ec951ffd |
| child | 4857:0991a127ac43 |
comparison
equal
deleted
inserted
replaced
| 4855:a31ea431d906 | 4856:3e3e282f20a3 |
|---|---|
| 1 local config = require "core.configmanager"; | 1 local config = require "core.configmanager"; |
| 2 local certmanager = require "core.certmanager"; | |
| 2 local server = require "net.server"; | 3 local server = require "net.server"; |
| 3 | 4 |
| 4 local log = require "util.logger".init("portmanager"); | 5 local log = require "util.logger".init("portmanager"); |
| 5 local multitable = require "util.multitable"; | 6 local multitable = require "util.multitable"; |
| 6 local set = require "util.set"; | 7 local set = require "util.set"; |
| 100 or {service_info.default_port | 101 or {service_info.default_port |
| 101 or listener.default_port -- COMPAT w/pre-0.9 | 102 or listener.default_port -- COMPAT w/pre-0.9 |
| 102 }); | 103 }); |
| 103 | 104 |
| 104 local mode = listener.default_mode or "*a"; | 105 local mode = listener.default_mode or "*a"; |
| 105 local ssl; | |
| 106 if service_info.encryption == "ssl" then | |
| 107 ssl = prosody.global_ssl_ctx; | |
| 108 if not ssl then | |
| 109 return nil, "global-ssl-context-required"; | |
| 110 end | |
| 111 end | |
| 112 | 106 |
| 113 for interface in bind_interfaces do | 107 for interface in bind_interfaces do |
| 114 for port in bind_ports do | 108 for port in bind_ports do |
| 115 port = tonumber(port); | 109 port = tonumber(port); |
| 116 if #active_services:search(nil, interface, port) > 0 then | 110 if #active_services:search(nil, interface, port) > 0 then |
| 117 log("error", "Multiple services configured to listen on the same port ([%s]:%d): %s, %s", interface, port, active_services:search(nil, interface, port)[1][1].service.name or "<unnamed>", service_name or "<unnamed>"); | 111 log("error", "Multiple services configured to listen on the same port ([%s]:%d): %s, %s", interface, port, active_services:search(nil, interface, port)[1][1].service.name or "<unnamed>", service_name or "<unnamed>"); |
| 118 else | 112 else |
| 113 -- Create SSL context for this service/port | |
| 114 if service_info.encryption == "ssl" then | |
| 115 local ssl_config = config.get("*", config_prefix.."ssl"); | |
| 116 ssl = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config and (ssl_config[port] | |
| 117 or (ssl_config.certificate and ssl_config))); | |
| 118 end | |
| 119 -- Start listening on interface+port | |
| 119 local handler, err = server.addserver(interface, port, listener, mode, ssl); | 120 local handler, err = server.addserver(interface, port, listener, mode, ssl); |
| 120 if not handler then | 121 if not handler then |
| 121 log("error", "Failed to open server port %d on %s, %s", port, interface, error_to_friendly_message(service_name, port, err)); | 122 log("error", "Failed to open server port %d on %s, %s", port, interface, error_to_friendly_message(service_name, port, err)); |
| 122 else | 123 else |
| 123 log("debug", "Added listening service %s to [%s]:%d", service_name, interface, port); | 124 log("debug", "Added listening service %s to [%s]:%d", service_name, interface, port); |
