prosody
c793f9d13a36
core/certmanager.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

core/certmanager.lua @ 7146:c793f9d13a36

Merge 0.10->trunk
author Kim Alvefur <zash@zash.se>
date Fri, 05 Feb 2016 16:31:34 +0100
parent 7145:b1a109858502
child 7160:5c1ee8c06235
comparison
equal deleted inserted replaced
7143:fa6cd0e9105d 7146:c793f9d13a36
61 for i = 1, #crt_try do 61 for i = 1, #crt_try do
62 local crt_path = certs .. crt_try[i]:format(name); 62 local crt_path = certs .. crt_try[i]:format(name);
63 local key_path = certs .. key_try[i]:format(name); 63 local key_path = certs .. key_try[i]:format(name);
64 64
65 if stat(crt_path, "mode") == "file" then 65 if stat(crt_path, "mode") == "file" then
66 if stat(key_path, "mode") == "file" then
67 return { certificate = crt_path, key = key_path };
68 end
69 if key_path:sub(-4) == ".crt" then 66 if key_path:sub(-4) == ".crt" then
70 key_path = key_path:sub(1, -4) .. "key"; 67 key_path = key_path:sub(1, -4) .. "key";
71 if stat(key_path, "mode") == "file" then 68 if stat(key_path, "mode") == "file" then
72 return { certificate = crt_path, key = key_path }; 69 return { certificate = crt_path, key = key_path };
73 end 70 end
71 elseif stat(key_path, "mode") == "file" then
72 return { certificate = crt_path, key = key_path };
74 end 73 end
75 end 74 end
76 end 75 end
77 end 76 end
78 77
118 end 117 end
119 118
120 local function create_context(host, mode, ...) 119 local function create_context(host, mode, ...)
121 local cfg = new_config(); 120 local cfg = new_config();
122 cfg:apply(core_defaults); 121 cfg:apply(core_defaults);
123 cfg:apply(global_ssl_config);
124 local service_name, port = host:match("^(%w+) port (%d+)$"); 122 local service_name, port = host:match("^(%w+) port (%d+)$");
125 if service_name then 123 if service_name then
126 cfg:apply(find_service_cert(service_name, tonumber(port))); 124 cfg:apply(find_service_cert(service_name, tonumber(port)));
127 else 125 else
128 cfg:apply(find_host_cert(host)); 126 cfg:apply(find_host_cert(host));
130 cfg:apply({ 128 cfg:apply({
131 mode = mode, 129 mode = mode,
132 -- We can't read the password interactively when daemonized 130 -- We can't read the password interactively when daemonized
133 password = function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end; 131 password = function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end;
134 }); 132 });
133 cfg:apply(global_ssl_config);
135 134
136 for i = select('#', ...), 1, -1 do 135 for i = select('#', ...), 1, -1 do
137 cfg:apply(select(i, ...)); 136 cfg:apply(select(i, ...));
138 end 137 end
139 local user_ssl_config = cfg:final(); 138 local user_ssl_config = cfg:final();