aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2010-01-31 17:23:39 +0000
committerMatthew Wild <mwild1@gmail.com>2010-01-31 17:23:39 +0000
commit382b21b91261dc5b0ac64f564d5a2cf1a623363d (patch)
tree4b6755ab4d3ec47c2dc33b999cd7af3f60c29f4a
parentfb51d84fd2e3568d2acdcd86584f75fc8ad35a36 (diff)
downloadprosody-382b21b91261dc5b0ac64f564d5a2cf1a623363d.tar.gz
prosody-382b21b91261dc5b0ac64f564d5a2cf1a623363d.zip
hostmanager: Use certmanager for obtaining SSL contexts
-rw-r--r--core/hostmanager.lua16
1 files changed, 4 insertions, 12 deletions
diff --git a/core/hostmanager.lua b/core/hostmanager.lua
index a145e7c1..038085c3 100644
--- a/core/hostmanager.lua
+++ b/core/hostmanager.lua
@@ -9,6 +9,7 @@
local ssl = ssl
local hosts = hosts;
+local certmanager = require "core.certmanager";
local configmanager = require "core.configmanager";
local eventmanager = require "core.eventmanager";
local modulemanager = require "core.modulemanager";
@@ -21,10 +22,6 @@ if not _G.prosody.incoming_s2s then
end
local incoming_s2s = _G.prosody.incoming_s2s;
--- These are the defaults if not overridden in the config
-local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; };
-local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; };
-
local log = require "util.logger".init("hostmanager");
local pairs, setmetatable = pairs, setmetatable;
@@ -61,14 +58,9 @@ function activate(host, host_config)
end
end
- if ssl then
- local ssl_config = host_config.core.ssl or configmanager.get("*", "core", "ssl");
- if ssl_config then
- hosts[host].ssl_ctx = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx }));
- hosts[host].ssl_ctx_in = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx_in }));
- end
- end
-
+ hosts[host].ssl_ctx = certmanager.get_context(host, "client", host_config); -- for outgoing connections
+ hosts[host].ssl_ctx_in = certmanager.get_context(host, "server", host_config); -- for incoming connections
+
log((hosts_loaded_once and "info") or "debug", "Activated host: %s", host);
eventmanager.fire_event("host-activated", host, host_config);
end