prosody
c8e3a0caa0a9
plugins/mod_tls.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_tls.lua @ 8131:c8e3a0caa0a9

mod_tls: Rebuild SSL context objects on configuration reload - #701
author Kim Alvefur <zash@zash.se>
date Tue, 25 Apr 2017 21:50:36 +0200
parent 7959:3941d609ff85
child 9740:4b34687ede3f
child 9971:5b048ccd106f
comparison
equal deleted inserted replaced
8130:12440a0043ab 8131:c8e3a0caa0a9
33 local hosts = prosody.hosts; 33 local hosts = prosody.hosts;
34 local host = hosts[module.host]; 34 local host = hosts[module.host];
35 35
36 local ssl_ctx_c2s, ssl_ctx_s2sout, ssl_ctx_s2sin; 36 local ssl_ctx_c2s, ssl_ctx_s2sout, ssl_ctx_s2sin;
37 local ssl_cfg_c2s, ssl_cfg_s2sout, ssl_cfg_s2sin; 37 local ssl_cfg_c2s, ssl_cfg_s2sout, ssl_cfg_s2sin;
38 do 38
39 function module.load()
39 local NULL, err = {}; 40 local NULL, err = {};
40 local modhost = module.host; 41 local modhost = module.host;
41 local parent = modhost:match("%.(.*)$"); 42 local parent = modhost:match("%.(.*)$");
42 43
43 local parent_ssl = rawgetopt(parent, "ssl") or NULL; 44 local parent_ssl = rawgetopt(parent, "ssl") or NULL;
58 if not ssl_ctx_s2sout then module:log("error", "Error creating contexts for s2sout: %s", err); end 59 if not ssl_ctx_s2sout then module:log("error", "Error creating contexts for s2sout: %s", err); end
59 60
60 ssl_ctx_s2sin, err, ssl_cfg_s2sin = create_context(host.host, "server", host_s2s, host_ssl, global_s2s); -- for incoming server connections 61 ssl_ctx_s2sin, err, ssl_cfg_s2sin = create_context(host.host, "server", host_s2s, host_ssl, global_s2s); -- for incoming server connections
61 if not ssl_ctx_s2sin then module:log("error", "Error creating contexts for s2sin: %s", err); end 62 if not ssl_ctx_s2sin then module:log("error", "Error creating contexts for s2sin: %s", err); end
62 end 63 end
64
65 module:hook_global("config-reloaded", module.load);
63 66
64 local function can_do_tls(session) 67 local function can_do_tls(session)
65 if not session.conn.starttls then 68 if not session.conn.starttls then
66 if not session.secure then 69 if not session.secure then
67 session.log("debug", "Underlying connection does not support STARTTLS"); 70 session.log("debug", "Underlying connection does not support STARTTLS");