Diff

plugins/mod_tls.lua @ 6832:9566a15d3e59

mod_tls: Fix inhertinance of 'ssl' option from "parent" host to subdomain (fixes #511)
author Kim Alvefur <zash@zash.se>
date Tue, 15 Sep 2015 17:51:56 +0200
parent 6710:d062314446f6
child 6918:de35feccc78e
line wrap: on
line diff
--- a/plugins/mod_tls.lua	Sat Sep 12 18:52:39 2015 +0200
+++ b/plugins/mod_tls.lua	Tue Sep 15 17:51:56 2015 +0200
@@ -7,6 +7,7 @@
 --
 
 local create_context = require "core.certmanager".create_context;
+local rawgetopt = require"core.configmanager".rawget;
 local st = require "util.stanza";
 
 local c2s_require_encryption = module:get_option("c2s_require_encryption", module:get_option("require_encryption"));
@@ -36,19 +37,20 @@
 local ssl_cfg_c2s, ssl_cfg_s2sout, ssl_cfg_s2sin;
 do
 	local NULL, err = {};
-	local global = module:context("*");
-	local parent = module:context(module.host:match("%.(.*)$"));
+	local modhost = module.host;
+	local parent = modhost:match("%.(.*)$");
 
-	local parent_ssl = parent:get_option("ssl");
-	local host_ssl   = module:get_option("ssl", parent_ssl);
+	local global_ssl = rawgetopt("*",     "ssl") or NULL;
+	local parent_ssl = rawgetopt(parent,  "ssl") or NULL;
+	local host_ssl   = rawgetopt(modhost, "ssl") or parent_ssl;
 
-	local global_c2s = global:get_option("c2s_ssl", NULL);
-	local parent_c2s = parent:get_option("c2s_ssl", NULL);
-	local host_c2s   = module:get_option("c2s_ssl", parent_c2s);
+	local global_c2s = rawgetopt("*",     "c2s_ssl") or NULL;
+	local parent_c2s = rawgetopt(parent,  "c2s_ssl") or NULL;
+	local host_c2s   = rawgetopt(modhost, "c2s_ssl") or parent_ssl;
 
-	local global_s2s = global:get_option("s2s_ssl", NULL);
-	local parent_s2s = parent:get_option("s2s_ssl", NULL);
-	local host_s2s   = module:get_option("s2s_ssl", parent_s2s);
+	local global_s2s = rawgetopt("*",     "s2s_ssl") or NULL;
+	local parent_s2s = rawgetopt(parent,  "s2s_ssl") or NULL;
+	local host_s2s   = rawgetopt(modhost, "s2s_ssl") or parent_ssl;
 
 	ssl_ctx_c2s, err, ssl_cfg_c2s = create_context(host.host, "server", host_c2s, host_ssl, global_c2s); -- for incoming client connections
 	if not ssl_ctx_c2s then module:log("error", "Error creating context for c2s: %s", err); end