prosody
9b9e4d8704f9
core/hostmanager.lua
Software / code / prosody
Comparison
core/hostmanager.lua @ 2555:9b9e4d8704f9
hostmanager: Use certmanager for obtaining SSL contexts
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sun, 31 Jan 2010 17:23:39 +0000 |
| parent | 2536:922e6e84d0bf |
| child | 2617:0888bb4e817d |
comparison
equal
deleted
inserted
replaced
| 2554:b877533d4ec9 | 2555:9b9e4d8704f9 |
|---|---|
| 7 -- | 7 -- |
| 8 | 8 |
| 9 local ssl = ssl | 9 local ssl = ssl |
| 10 | 10 |
| 11 local hosts = hosts; | 11 local hosts = hosts; |
| 12 local certmanager = require "core.certmanager"; | |
| 12 local configmanager = require "core.configmanager"; | 13 local configmanager = require "core.configmanager"; |
| 13 local eventmanager = require "core.eventmanager"; | 14 local eventmanager = require "core.eventmanager"; |
| 14 local modulemanager = require "core.modulemanager"; | 15 local modulemanager = require "core.modulemanager"; |
| 15 local events_new = require "util.events".new; | 16 local events_new = require "util.events".new; |
| 16 | 17 |
| 18 | 19 |
| 19 if not _G.prosody.incoming_s2s then | 20 if not _G.prosody.incoming_s2s then |
| 20 require "core.s2smanager"; | 21 require "core.s2smanager"; |
| 21 end | 22 end |
| 22 local incoming_s2s = _G.prosody.incoming_s2s; | 23 local incoming_s2s = _G.prosody.incoming_s2s; |
| 23 | |
| 24 -- These are the defaults if not overridden in the config | |
| 25 local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; | |
| 26 local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; | |
| 27 | 24 |
| 28 local log = require "util.logger".init("hostmanager"); | 25 local log = require "util.logger".init("hostmanager"); |
| 29 | 26 |
| 30 local pairs, setmetatable = pairs, setmetatable; | 27 local pairs, setmetatable = pairs, setmetatable; |
| 31 | 28 |
| 59 if option_name:match("_ports$") then | 56 if option_name:match("_ports$") then |
| 60 log("warn", "%s: Option '%s' has no effect for virtual hosts - put it in global Host \"*\" instead", host, option_name); | 57 log("warn", "%s: Option '%s' has no effect for virtual hosts - put it in global Host \"*\" instead", host, option_name); |
| 61 end | 58 end |
| 62 end | 59 end |
| 63 | 60 |
| 64 if ssl then | 61 hosts[host].ssl_ctx = certmanager.get_context(host, "client", host_config); -- for outgoing connections |
| 65 local ssl_config = host_config.core.ssl or configmanager.get("*", "core", "ssl"); | 62 hosts[host].ssl_ctx_in = certmanager.get_context(host, "server", host_config); -- for incoming connections |
| 66 if ssl_config then | 63 |
| 67 hosts[host].ssl_ctx = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx })); | |
| 68 hosts[host].ssl_ctx_in = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx_in })); | |
| 69 end | |
| 70 end | |
| 71 | |
| 72 log((hosts_loaded_once and "info") or "debug", "Activated host: %s", host); | 64 log((hosts_loaded_once and "info") or "debug", "Activated host: %s", host); |
| 73 eventmanager.fire_event("host-activated", host, host_config); | 65 eventmanager.fire_event("host-activated", host, host_config); |
| 74 end | 66 end |
| 75 | 67 |
| 76 function deactivate(host, reason) | 68 function deactivate(host, reason) |
