prosody
fbeb7a3fc4eb
core/portmanager.lua
Software / code / prosody
Comparison
core/portmanager.lua @ 10463:fbeb7a3fc4eb
core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI support)
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 29 Nov 2019 23:24:14 +0100 |
| parent | 10462:9af6ab2623b0 |
| child | 10468:7341d2f4749a |
comparison
equal
deleted
inserted
replaced
| 10462:9af6ab2623b0 | 10463:fbeb7a3fc4eb |
|---|---|
| 228 end | 228 end |
| 229 | 229 |
| 230 -- Event handlers | 230 -- Event handlers |
| 231 | 231 |
| 232 local function add_sni_host(host, service) | 232 local function add_sni_host(host, service) |
| 233 -- local global_ssl_config = config.get(host, "ssl") or {}; | |
| 234 for name, interface, port, n, active_service --luacheck: ignore 213 | 233 for name, interface, port, n, active_service --luacheck: ignore 213 |
| 235 in active_services:iter(service, nil, nil, nil) do | 234 in active_services:iter(service, nil, nil, nil) do |
| 236 if active_service.server.hosts and active_service.tls_cfg then | 235 if active_service.server.hosts and active_service.tls_cfg then |
| 237 -- local config_prefix = (active_service.config_prefix or name).."_"; | 236 local config_prefix = (active_service.config_prefix or name).."_"; |
| 238 -- if config_prefix == "_" then | 237 if config_prefix == "_" then config_prefix = ""; end |
| 239 -- config_prefix = ""; | 238 local prefix_ssl_config = config.get(host, config_prefix.."ssl"); |
| 240 -- end | 239 local autocert = certmanager.find_host_cert(host); |
| 241 -- local prefix_ssl_config = config.get(host, config_prefix.."ssl") or global_ssl_config; | 240 local ssl, err, cfg = certmanager.create_context(host, "server", prefix_ssl_config, autocert, active_service.tls_cfg); |
| 242 -- FIXME only global 'ssl' settings are mixed in here | |
| 243 -- TODO per host and per service settings should be merged in, | |
| 244 -- without overriding the per-host certificate | |
| 245 local ssl, err, cfg = certmanager.create_context(host, "server"); | |
| 246 if ssl then | 241 if ssl then |
| 247 active_service.server.hosts[host] = ssl; | 242 active_service.server.hosts[host] = ssl; |
| 248 else | 243 else |
| 249 log("error", "err = %q", err); | 244 log("error", "err = %q", err); |
| 250 end | 245 end |
