aboutsummaryrefslogtreecommitdiffstats
path: root/core/portmanager.lua
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2013-04-05 10:05:18 +0100
committerMatthew Wild <mwild1@gmail.com>2013-04-05 10:05:18 +0100
commit6f71d38f1f92ef51fd9d82cbfb8c33a518010651 (patch)
tree60c4be5a40bd2c13dcfb8435083d1b23619523a4 /core/portmanager.lua
parenta5ccb8a860924f48570242e468267885137e3e9a (diff)
parenta115da90578ef0e91e7fb911421142552a4e8e4a (diff)
downloadprosody-6f71d38f1f92ef51fd9d82cbfb8c33a518010651.tar.gz
prosody-6f71d38f1f92ef51fd9d82cbfb8c33a518010651.zip
Merge 0.9->trunk
Diffstat (limited to 'core/portmanager.lua')
-rw-r--r--core/portmanager.lua31
1 files changed, 28 insertions, 3 deletions
diff --git a/core/portmanager.lua b/core/portmanager.lua
index 68c7617a..1b3740cf 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -70,6 +70,16 @@ prosody.events.add_handler("item-removed/net-provider", function (event)
unregister_service(item.name, item);
end);
+local function duplicate_ssl_config(ssl_config)
+ local ssl_config = type(ssl_config) == "table" and ssl_config or {};
+
+ local _config = {};
+ for k, v in pairs(ssl_config) do
+ _config[k] = v;
+ end
+ return _config;
+end
+
--- Public API
function activate(service_name)
@@ -114,9 +124,24 @@ function activate(service_name)
local err;
-- Create SSL context for this service/port
if service_info.encryption == "ssl" then
- local ssl_config = config.get("*", config_prefix.."ssl");
- ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config and (ssl_config[port_number]
- or (ssl_config.certificate and ssl_config)));
+ local ssl_config = duplicate_ssl_config((config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[interface])
+ or (config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[port])
+ or config.get("*", config_prefix.."ssl")
+ or (config.get("*", "ssl") and config.get("*", "ssl")[interface])
+ or (config.get("*", "ssl") and config.get("*", "ssl")[port])
+ or config.get("*", "ssl"));
+ -- add default entries for, or override ssl configuration
+ if ssl_config and service_info.ssl_config then
+ for key, value in pairs(service_info.ssl_config) do
+ if not service_info.ssl_config_override and not ssl_config[key] then
+ ssl_config[key] = value;
+ elseif service_info.ssl_config_override then
+ ssl_config[key] = value;
+ end
+ end
+ end
+
+ ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config);
if not ssl then
log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error");
end