prosody
b923053e69ba
core/portmanager.lua
Software / code / prosody
Comparison
core/portmanager.lua @ 9848:b923053e69ba
core.portmanager: Record TLS config for each port
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 10 Oct 2018 17:23:03 +0200 |
| parent | 9837:789395f027f1 |
| child | 9849:70e56f126177 |
comparison
equal
deleted
inserted
replaced
| 9847:adc0672b700e | 9848:b923053e69ba |
|---|---|
| 105 log("error", "Invalid port number specified for service '%s': %s", service_info.name, tostring(port)); | 105 log("error", "Invalid port number specified for service '%s': %s", service_info.name, tostring(port)); |
| 106 elseif #active_services:search(nil, interface, port_number) > 0 then | 106 elseif #active_services:search(nil, interface, port_number) > 0 then |
| 107 log("error", "Multiple services configured to listen on the same port ([%s]:%d): %s, %s", interface, port, | 107 log("error", "Multiple services configured to listen on the same port ([%s]:%d): %s, %s", interface, port, |
| 108 active_services:search(nil, interface, port)[1][1].service.name or "<unnamed>", service_name or "<unnamed>"); | 108 active_services:search(nil, interface, port)[1][1].service.name or "<unnamed>", service_name or "<unnamed>"); |
| 109 else | 109 else |
| 110 local ssl, err; | 110 local ssl, cfg, err; |
| 111 -- Create SSL context for this service/port | 111 -- Create SSL context for this service/port |
| 112 if service_info.encryption == "ssl" then | 112 if service_info.encryption == "ssl" then |
| 113 local global_ssl_config = config.get("*", "ssl") or {}; | 113 local global_ssl_config = config.get("*", "ssl") or {}; |
| 114 local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config; | 114 local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config; |
| 115 ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", | 115 ssl, err, cfg = certmanager.create_context(service_info.name.." port "..port, "server", |
| 116 prefix_ssl_config[interface], | 116 prefix_ssl_config[interface], |
| 117 prefix_ssl_config[port], | 117 prefix_ssl_config[port], |
| 118 prefix_ssl_config, | 118 prefix_ssl_config, |
| 119 service_info.ssl_config or {}, | 119 service_info.ssl_config or {}, |
| 120 global_ssl_config[interface], | 120 global_ssl_config[interface], |
| 128 -- Start listening on interface+port | 128 -- Start listening on interface+port |
| 129 local handler, err = server.listen(interface, port_number, listener, { | 129 local handler, err = server.listen(interface, port_number, listener, { |
| 130 read_size = mode, | 130 read_size = mode, |
| 131 tls_ctx = ssl, | 131 tls_ctx = ssl, |
| 132 tls_direct = service_info.encryption == "ssl"; | 132 tls_direct = service_info.encryption == "ssl"; |
| 133 sni_hosts = {}, | |
| 133 }); | 134 }); |
| 134 if not handler then | 135 if not handler then |
| 135 log("error", "Failed to open server port %d on %s, %s", port_number, interface, | 136 log("error", "Failed to open server port %d on %s, %s", port_number, interface, |
| 136 error_to_friendly_message(service_name, port_number, err)); | 137 error_to_friendly_message(service_name, port_number, err)); |
| 137 else | 138 else |
| 138 table.insert(hooked_ports, "["..interface.."]:"..port_number); | 139 table.insert(hooked_ports, "["..interface.."]:"..port_number); |
| 139 log("debug", "Added listening service %s to [%s]:%d", service_name, interface, port_number); | 140 log("debug", "Added listening service %s to [%s]:%d", service_name, interface, port_number); |
| 140 active_services:add(service_name, interface, port_number, { | 141 active_services:add(service_name, interface, port_number, { |
| 141 server = handler; | 142 server = handler; |
| 142 service = service_info; | 143 service = service_info; |
| 144 tls_cfg = cfg; | |
| 143 }); | 145 }); |
| 144 end | 146 end |
| 145 end | 147 end |
| 146 end | 148 end |
| 147 end | 149 end |
