prosody
f0fc6e7cc4de
util/prosodyctl/check.lua
Software / code / prosody
Comparison
util/prosodyctl/check.lua @ 13327:f0fc6e7cc4de
util.prosodyctl.check: Disable https cert check if http_external_url set
This would indicate that a reverse proxy is used, which gets to be
responsible for that since it probably holds the actual cert.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 13 Nov 2023 09:58:56 +0100 |
| parent | 13326:76b6556c0f67 |
| child | 13466:5d9ec2e55d74 |
comparison
equal
deleted
inserted
replaced
| 13326:76b6556c0f67 | 13327:f0fc6e7cc4de |
|---|---|
| 1187 or not set.intersection(modules, known_http_modules):empty() | 1187 or not set.intersection(modules, known_http_modules):empty() |
| 1188 or contains_match(modules, "^http_") | 1188 or contains_match(modules, "^http_") |
| 1189 or contains_match(modules, "_web$"); | 1189 or contains_match(modules, "_web$"); |
| 1190 | 1190 |
| 1191 local http_host = api(host):get_option_string("http_host", host); | 1191 local http_host = api(host):get_option_string("http_host", host); |
| 1192 if api(host):get_option_string("http_external_url") then | |
| 1193 -- Assumed behind a reverse proxy | |
| 1194 http_loaded = false; | |
| 1195 end | |
| 1192 if http_loaded and not x509_verify_identity(http_host, nil, cert) then | 1196 if http_loaded and not x509_verify_identity(http_host, nil, cert) then |
| 1193 print(" Not valid for HTTPS connections to "..host..".") | 1197 print(" Not valid for HTTPS connections to "..host..".") |
| 1194 cert_ok = false | 1198 cert_ok = false |
| 1195 end | 1199 end |
| 1196 if use_dane then | 1200 if use_dane then |
