aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2017-07-07 20:42:35 +0200
committerKim Alvefur <zash@zash.se>2017-07-07 20:42:35 +0200
commit24e2e04d48d106aa68d3be26f37d36e56cc52fe0 (patch)
treee5694415c5775c3429c316f3b49f72ad7426edc6
parenteb481bfb43e58d6f6c1bd18f0761c077fa0263a4 (diff)
downloadprosody-24e2e04d48d106aa68d3be26f37d36e56cc52fe0.tar.gz
prosody-24e2e04d48d106aa68d3be26f37d36e56cc52fe0.zip
prosody, prosodyctl: Set up TLS settings for HTTPS requests in net.http (part of fix for #659)
-rwxr-xr-xprosody6
-rwxr-xr-xprosodyctl7
2 files changed, 12 insertions, 1 deletions
diff --git a/prosody b/prosody
index 0a48eba4..7d9e76b8 100755
--- a/prosody
+++ b/prosody
@@ -323,7 +323,11 @@ function load_secondary_libraries()
return function() end
end});
- require "net.http"
+ local http = require "net.http"
+ local config_ssl = config.get("*", "ssl")
+ local https_client = config.get("*", "client_https_ssl")
+ http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+ { capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
require "util.array"
require "util.datetime"
diff --git a/prosodyctl b/prosodyctl
index 800dddbf..cd58212e 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -251,6 +251,13 @@ local modulemanager = require "core.modulemanager"
local prosodyctl = require "util.prosodyctl"
local socket = require "socket"
+
+local http = require "net.http"
+local config_ssl = config.get("*", "ssl")
+local https_client = config.get("*", "client_https_ssl")
+http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+ { capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
+
-----------------------
-- FIXME: Duplicate code waiting for util.startup