aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-05-05 15:56:39 +0200
committerKim Alvefur <zash@zash.se>2021-05-05 15:56:39 +0200
commitf2a8b90b304f2dea38326e779bb2377921a6a20b (patch)
tree02fd07475ca771e90bb9ac91fe003c9fbe248d9f
parent2d707a905f1e1cb342014c4616e7e4fa6abe9fa3 (diff)
downloadprosody-f2a8b90b304f2dea38326e779bb2377921a6a20b.tar.gz
prosody-f2a8b90b304f2dea38326e779bb2377921a6a20b.zip
core.certmanager: Skip directly to guessing of key from cert filename
Cuts down on a ton of debug logs
-rw-r--r--core/certmanager.lua19
1 files changed, 17 insertions, 2 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 1b1bf709..e7f91fb9 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -98,6 +98,15 @@ local function find_cert(user_certs, name)
log("debug", "No certificate/key found for %s", name);
end
+local function find_matching_key(cert_path)
+ -- FIXME we shouldn't need to guess the key filename
+ if cert_path:sub(-4) == ".crt" then
+ return cert_path:sub(1, -4) .. "key";
+ elseif cert_path:sub(-14) == "/fullchain.pem" then
+ return cert_path:sub(1, -14) .. "privkey.pem";
+ end
+end
+
local function index_certs(dir, files_by_name, depth_limit)
files_by_name = files_by_name or {};
depth_limit = depth_limit or 3;
@@ -156,7 +165,10 @@ local function find_host_cert(host)
local cert_filename, services = next(certs);
if services["*"] then
log("debug", "Using cert %q from index", cert_filename);
- return find_cert(cert_filename, host);
+ return {
+ certificate = cert_filename,
+ key = find_matching_key(cert_filename),
+ }
end
end
@@ -171,7 +183,10 @@ local function find_service_cert(service, port)
for cert_filename, services in pairs(certs) do
if services[service] or services["*"] then
log("debug", "Using cert %q from index", cert_filename);
- return find_cert(cert_filename, service);
+ return {
+ certificate = cert_filename,
+ key = find_matching_key(cert_filename),
+ }
end
end
end