Comparison

core/certmanager.lua @ 2630:e8fc67b73820

certmanager: Bring back the friendly errors when failing to load the key/certificate file
author Matthew Wild <mwild1@gmail.com>
date Sat, 13 Feb 2010 16:12:21 +0000
parent 2564:6b4fe320a6ea
child 2631:77f135c7689a
comparison
equal deleted inserted replaced
2627:ce5b5d7f87c3 2630:e8fc67b73820
1 local configmanager = require "core.configmanager"; 1 local configmanager = require "core.configmanager";
2 local log = require "util.logger".init("certmanager");
2 local ssl = ssl; 3 local ssl = ssl;
3 local ssl_newcontext = ssl and ssl.newcontext; 4 local ssl_newcontext = ssl and ssl.newcontext;
4 5
5 local setmetatable = setmetatable; 6 local setmetatable = setmetatable;
6 7
19 local default_ssl_config = configmanager.get("*", "core", "ssl"); 20 local default_ssl_config = configmanager.get("*", "core", "ssl");
20 21
21 function get_context(host, mode, config) 22 function get_context(host, mode, config)
22 local ssl_config = config and config.core.ssl or default_ssl_config; 23 local ssl_config = config and config.core.ssl or default_ssl_config;
23 if ssl and ssl_config then 24 if ssl and ssl_config then
24 return ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); 25 local ctx, err = ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt));
26 if not ctx then
27 err = err or "invalid ssl config"
28 local file = err:match("^error loading (.-) %(");
29 if file then
30 if file == "private key" then
31 file = ssl_config.key or "your private key";
32 elseif file == "certificate" then
33 file = ssl_config.certificate or "your certificate file";
34 end
35 local reason = err:match("%((.+)%)$") or "some reason";
36 if reason == "Permission denied" then
37 reason = "Check that the permissions allow Prosody to read this file.";
38 elseif reason == "No such file or directory" then
39 reason = "Check that the path is correct, and the file exists.";
40 elseif reason == "system lib" then
41 reason = "Previous error (see logs), or other system error.";
42 else
43 reason = "Reason: "..tostring(reason or "unknown"):lower();
44 end
45 log("error", "SSL/TLS: Failed to load %s: %s", file, reason);
46 else
47 log("error", "SSL/TLS: Error initialising for host %s: %s", host, err );
48 end
49 ssl = false
50 end
51 return ctx, err;
25 end 52 end
26 return nil; 53 return nil;
27 end 54 end
28 55
29 function reload_ssl_config() 56 function reload_ssl_config()