# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1499452955 -7200
# Node ID db82ce3deceee67c889c135b6debbc7033e0cef8
# Parent  55826e29c719672f64e2199c8319bcf99ea903f7
prosody, prosodyctl: Set up TLS settings for HTTPS requests in net.http (part of fix for #659)

diff -r 55826e29c719 -r db82ce3decee prosody
--- a/prosody	Fri Jul 07 20:31:52 2017 +0200
+++ b/prosody	Fri Jul 07 20:42:35 2017 +0200
@@ -323,7 +323,11 @@
 		return function() end
 	end});
 
-	require "net.http"
+	local http = require "net.http"
+	local config_ssl = config.get("*", "ssl")
+	local https_client = config.get("*", "client_https_ssl")
+	http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+		{ capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
 
 	require "util.array"
 	require "util.datetime"
diff -r 55826e29c719 -r db82ce3decee prosodyctl
--- a/prosodyctl	Fri Jul 07 20:31:52 2017 +0200
+++ b/prosodyctl	Fri Jul 07 20:42:35 2017 +0200
@@ -251,6 +251,13 @@
 
 local prosodyctl = require "util.prosodyctl"
 local socket = require "socket"
+
+local http = require "net.http"
+local config_ssl = config.get("*", "ssl")
+local https_client = config.get("*", "client_https_ssl")
+http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+	{ capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
+
 -----------------------
 
 -- FIXME: Duplicate code waiting for util.startup