Software /
code /
prosody
Comparison
core/certmanager.lua @ 2631:77f135c7689a
Merge with 0.7
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sat, 13 Feb 2010 16:12:53 +0000 |
parent | 2628:04958fb28c44 |
parent | 2630:e8fc67b73820 |
child | 2733:65ad0fdb17ba |
comparison
equal
deleted
inserted
replaced
2629:fe207a2c5cef | 2631:77f135c7689a |
---|---|
1 local configmanager = require "core.configmanager"; | 1 local configmanager = require "core.configmanager"; |
2 local log = require "util.logger".init("certmanager"); | |
2 local ssl = ssl; | 3 local ssl = ssl; |
3 local ssl_newcontext = ssl and ssl.newcontext; | 4 local ssl_newcontext = ssl and ssl.newcontext; |
4 | 5 |
5 local setmetatable = setmetatable; | 6 local setmetatable = setmetatable; |
6 | 7 |
19 local default_ssl_config = configmanager.get("*", "core", "ssl"); | 20 local default_ssl_config = configmanager.get("*", "core", "ssl"); |
20 | 21 |
21 function create_context(host, mode, config) | 22 function create_context(host, mode, config) |
22 local ssl_config = config and config.core.ssl or default_ssl_config; | 23 local ssl_config = config and config.core.ssl or default_ssl_config; |
23 if ssl and ssl_config then | 24 if ssl and ssl_config then |
24 return ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); | 25 local ctx, err = ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); |
26 if not ctx then | |
27 err = err or "invalid ssl config" | |
28 local file = err:match("^error loading (.-) %("); | |
29 if file then | |
30 if file == "private key" then | |
31 file = ssl_config.key or "your private key"; | |
32 elseif file == "certificate" then | |
33 file = ssl_config.certificate or "your certificate file"; | |
34 end | |
35 local reason = err:match("%((.+)%)$") or "some reason"; | |
36 if reason == "Permission denied" then | |
37 reason = "Check that the permissions allow Prosody to read this file."; | |
38 elseif reason == "No such file or directory" then | |
39 reason = "Check that the path is correct, and the file exists."; | |
40 elseif reason == "system lib" then | |
41 reason = "Previous error (see logs), or other system error."; | |
42 else | |
43 reason = "Reason: "..tostring(reason or "unknown"):lower(); | |
44 end | |
45 log("error", "SSL/TLS: Failed to load %s: %s", file, reason); | |
46 else | |
47 log("error", "SSL/TLS: Error initialising for host %s: %s", host, err ); | |
48 end | |
49 ssl = false | |
50 end | |
51 return ctx, err; | |
25 end | 52 end |
26 return nil; | 53 return nil; |
27 end | 54 end |
28 | 55 |
29 function reload_ssl_config() | 56 function reload_ssl_config() |