prosody
db82ce3decee

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

8198:db82ce3decee

prosody, prosodyctl: Set up TLS settings for HTTPS requests in net.http (part of fix for #659)
author Kim Alvefur <zash@zash.se>
date Fri, 07 Jul 2017 20:42:35 +0200
parents 8197:55826e29c719
children 8199:8f82d3cd0631
files prosody prosodyctl
diffstat 2 files changed, 12 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/prosody	Fri Jul 07 20:31:52 2017 +0200
+++ b/prosody	Fri Jul 07 20:42:35 2017 +0200
@@ -323,7 +323,11 @@
 		return function() end
 	end});
 
-	require "net.http"
+	local http = require "net.http"
+	local config_ssl = config.get("*", "ssl")
+	local https_client = config.get("*", "client_https_ssl")
+	http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+		{ capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
 
 	require "util.array"
 	require "util.datetime"
--- a/prosodyctl	Fri Jul 07 20:31:52 2017 +0200
+++ b/prosodyctl	Fri Jul 07 20:42:35 2017 +0200
@@ -251,6 +251,13 @@
 
 local prosodyctl = require "util.prosodyctl"
 local socket = require "socket"
+
+local http = require "net.http"
+local config_ssl = config.get("*", "ssl")
+local https_client = config.get("*", "client_https_ssl")
+http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+	{ capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
+
 -----------------------
 
 -- FIXME: Duplicate code waiting for util.startup