prosody
9af6ab2623b0
core/portmanager.lua
Software / code / prosody
Comparison
core/portmanager.lua @ 10462:9af6ab2623b0
core.portmanager: Don't set the first TLS context with a cert as main context
Don't think this works and it's apparently acceptable to require SNI these days.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 29 Nov 2019 23:22:29 +0100 |
| parent | 10107:1dbabbebb53c |
| child | 10463:fbeb7a3fc4eb |
comparison
equal
deleted
inserted
replaced
| 10461:e293fb8112e2 | 10462:9af6ab2623b0 |
|---|---|
| 243 -- TODO per host and per service settings should be merged in, | 243 -- TODO per host and per service settings should be merged in, |
| 244 -- without overriding the per-host certificate | 244 -- without overriding the per-host certificate |
| 245 local ssl, err, cfg = certmanager.create_context(host, "server"); | 245 local ssl, err, cfg = certmanager.create_context(host, "server"); |
| 246 if ssl then | 246 if ssl then |
| 247 active_service.server.hosts[host] = ssl; | 247 active_service.server.hosts[host] = ssl; |
| 248 if not active_service.tls_cfg.certificate then | |
| 249 active_service.server.tls_ctx = ssl; | |
| 250 active_service.tls_cfg = cfg; | |
| 251 end | |
| 252 else | 248 else |
| 253 log("error", "err = %q", err); | 249 log("error", "err = %q", err); |
| 254 end | 250 end |
| 255 end | 251 end |
| 256 end | 252 end |
