prosody
ef86ba720f00
plugins/mod_tls.lua
Software / code / prosody
Comparison
plugins/mod_tls.lua @ 3583:ef86ba720f00
mod_tls: Let hosts without an 'ssl' option inherit it from their parent hosts.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Wed, 10 Nov 2010 02:26:18 +0500 |
| parent | 3574:1e088ec07d33 |
| child | 4157:1b5a8e071a80 |
comparison
equal
deleted
inserted
replaced
| 3582:6a14c57b458a | 3583:ef86ba720f00 |
|---|---|
| 4 -- | 4 -- |
| 5 -- This project is MIT/X11 licensed. Please see the | 5 -- This project is MIT/X11 licensed. Please see the |
| 6 -- COPYING file in the source package for more information. | 6 -- COPYING file in the source package for more information. |
| 7 -- | 7 -- |
| 8 | 8 |
| 9 local config = require "core.configmanager"; | |
| 9 local create_context = require "core.certmanager".create_context; | 10 local create_context = require "core.certmanager".create_context; |
| 10 local st = require "util.stanza"; | 11 local st = require "util.stanza"; |
| 11 | 12 |
| 12 local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); | 13 local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption"); |
| 13 local secure_s2s_only = module:get_option("s2s_require_encryption"); | 14 local secure_s2s_only = module:get_option("s2s_require_encryption"); |
| 88 session.secure = false; | 89 session.secure = false; |
| 89 return true; | 90 return true; |
| 90 end); | 91 end); |
| 91 | 92 |
| 92 function module.load() | 93 function module.load() |
| 93 local ssl_config = module:get_option("ssl"); | 94 local global_ssl_config = config.get("*", "core", "ssl"); |
| 95 local ssl_config = config.get(module.host, "core", "ssl"); | |
| 96 local base_host = module.host:match("%.(.*)"); | |
| 97 if ssl_config == global_ssl_config and hosts[base_host] then | |
| 98 ssl_config = config.get(base_host, "core", "ssl"); | |
| 99 end | |
| 94 host.ssl_ctx = create_context(host.host, "client", ssl_config); -- for outgoing connections | 100 host.ssl_ctx = create_context(host.host, "client", ssl_config); -- for outgoing connections |
| 95 host.ssl_ctx_in = create_context(host.host, "server", ssl_config); -- for incoming connections | 101 host.ssl_ctx_in = create_context(host.host, "server", ssl_config); -- for incoming connections |
| 96 end | 102 end |
| 97 | 103 |
| 98 function module.unload() | 104 function module.unload() |
