Software /
code /
prosody
Diff
core/portmanager.lua @ 11596:f6f1b50cbedf
core.portmanager: Factor out base TLS context creation for reuse
Thinking I can use this to reload certificates after config reload
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 10 Jun 2021 15:21:07 +0200 |
parent | 11590:5aafb832c91b |
child | 11597:7e1ca18fdfb3 |
line wrap: on
line diff
--- a/core/portmanager.lua Thu Jun 10 13:48:20 2021 -0003 +++ b/core/portmanager.lua Thu Jun 10 15:21:07 2021 +0200 @@ -65,6 +65,20 @@ return friendly_message; end +local function get_port_ssl_ctx(port, interface, config_prefix, service_info) + local global_ssl_config = config.get("*", "ssl") or {}; + local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config; + log("debug", "Creating context for direct TLS service %s on port %d", service_info.name, port); + local ssl, err, cfg = certmanager.create_context(service_info.name.." port "..port, "server", + prefix_ssl_config[interface], + prefix_ssl_config[port], + prefix_ssl_config, + service_info.ssl_config or {}, + global_ssl_config[interface], + global_ssl_config[port]); + return ssl, cfg, err; +end + --- Public API local function activate(service_name) @@ -111,16 +125,7 @@ local ssl, cfg, err; -- Create SSL context for this service/port if service_info.encryption == "ssl" then - local global_ssl_config = config.get("*", "ssl") or {}; - local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config; - log("debug", "Creating context for direct TLS service %s on port %d", service_info.name, port); - ssl, err, cfg = certmanager.create_context(service_info.name.." port "..port, "server", - prefix_ssl_config[interface], - prefix_ssl_config[port], - prefix_ssl_config, - service_info.ssl_config or {}, - global_ssl_config[interface], - global_ssl_config[port]); + ssl, cfg, err = get_port_ssl_ctx(port, interface, config_prefix, service_info); if not ssl then log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error");