prosody
8a5a9c1adb90
util/prosodyctl/cert.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

util/prosodyctl/cert.lua @ 12107:8a5a9c1adb90

util.prosodyctl.cert: Copy SAN/wildcard certs only once
author Kim Alvefur <zash@zash.se>
date Wed, 22 Dec 2021 18:34:11 +0100
parent 12104:29765ac7f72f
child 12169:866d06644956
comparison
equal deleted inserted replaced
12106:c0cb8e86ad21 12107:8a5a9c1adb90
221 cm.index_certs(dir, files_by_name); 221 cm.index_certs(dir, files_by_name);
222 end 222 end
223 local imported = {}; 223 local imported = {};
224 for _, host in ipairs(hostnames) do 224 for _, host in ipairs(hostnames) do
225 local paths = cm.find_cert_in_index(files_by_name, host); 225 local paths = cm.find_cert_in_index(files_by_name, host);
226 if paths then 226 if paths and not imported[paths.certificate] then
227 -- One certificate, many mames!
228 table.insert(imported, host);
229 elseif paths then
227 copy(paths.certificate, cert_basedir .. "/" .. host .. ".crt", nil, owner, group); 230 copy(paths.certificate, cert_basedir .. "/" .. host .. ".crt", nil, owner, group);
228 copy(paths.key, cert_basedir .. "/" .. host .. ".key", "0377", owner, group); 231 copy(paths.key, cert_basedir .. "/" .. host .. ".key", "0377", owner, group);
229 table.insert(imported, host); 232 table.insert(imported, host);
233 imported[paths.certificate] = true;
230 else 234 else
231 -- TODO Say where we looked 235 -- TODO Say where we looked
232 pctl.show_warning("No certificate for host "..host.." found :("); 236 pctl.show_warning("No certificate for host "..host.." found :(");
233 end 237 end
234 -- TODO Additional checks 238 -- TODO Additional checks