Software /
code /
prosody
File
core/certmanager.lua @ 2578:61e5eff54415
net.dns, net.adns: Changed dns:socket_wrapper_set to dns.socket_wrapper_set for consistency.
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Wed, 10 Feb 2010 01:58:49 +0500 |
parent | 2564:6b4fe320a6ea |
child | 2628:04958fb28c44 |
child | 2630:e8fc67b73820 |
line wrap: on
line source
local configmanager = require "core.configmanager"; local ssl = ssl; local ssl_newcontext = ssl and ssl.newcontext; local setmetatable = setmetatable; local prosody = prosody; module "certmanager" -- These are the defaults if not overridden in the config local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; local default_ssl_ctx_mt = { __index = default_ssl_ctx }; local default_ssl_ctx_in_mt = { __index = default_ssl_ctx_in }; -- Global SSL options if not overridden per-host local default_ssl_config = configmanager.get("*", "core", "ssl"); function get_context(host, mode, config) local ssl_config = config and config.core.ssl or default_ssl_config; if ssl and ssl_config then return ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); end return nil; end function reload_ssl_config() default_ssl_config = config.get("*", "core", "ssl"); end prosody.events.add_handler("config-reloaded", reload_ssl_config); return _M;