aboutsummaryrefslogtreecommitdiffstats
path: root/core/portmanager.lua
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-05-28 17:09:22 +0200
committerKim Alvefur <zash@zash.se>2021-05-28 17:09:22 +0200
commit01c869407dce484716ba1f0d9e359383c63fce6b (patch)
tree468bedca75adbfecbbbdde8808859a09ce7d54b2 /core/portmanager.lua
parent0516d963354beb4106e5d6597bf0579a7c44e596 (diff)
downloadprosody-01c869407dce484716ba1f0d9e359383c63fce6b.tar.gz
prosody-01c869407dce484716ba1f0d9e359383c63fce6b.zip
core.portmanager: Fix race condition in initialization of SNI cert map
Under some circumstances when hosts and modules are loaded in some certain order, entries end up missing from the SNI map. This manifests in e.g. `curl https://localhost:5281/` giving an error about "unrecognized name". The `service` argument is `nil` when invoked from the "host-activated" event, leading it to iterating over every service. And then it would not be fetching e.g. `http_host` from the config, which explains why https would sometimes not work due to the missing name entry. Because when `service` is included, this limits the iteration to matching entries, while also returning the same value as the `name` loop variable. Because `name == service when service != nil` we can use name instead in the body of the loop.
Diffstat (limited to 'core/portmanager.lua')
-rw-r--r--core/portmanager.lua4
1 files changed, 2 insertions, 2 deletions
diff --git a/core/portmanager.lua b/core/portmanager.lua
index dc0d0abc..e3bc4c49 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -237,8 +237,8 @@ local function add_sni_host(host, service)
local config_prefix = (active_service.config_prefix or name).."_";
if config_prefix == "_" then config_prefix = ""; end
local prefix_ssl_config = config.get(host, config_prefix.."ssl");
- local alternate_host = service and config.get(host, service.."_host");
- if not alternate_host and service == "https" then
+ local alternate_host = name and config.get(host, name.."_host");
+ if not alternate_host and name == "https" then
-- TODO should this be some generic thing? e.g. in the service definition
alternate_host = config.get(host, "http_host");
end