diff options
author | Matthew Wild <mwild1@gmail.com> | 2013-04-05 10:05:18 +0100 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2013-04-05 10:05:18 +0100 |
commit | 6f71d38f1f92ef51fd9d82cbfb8c33a518010651 (patch) | |
tree | 60c4be5a40bd2c13dcfb8435083d1b23619523a4 /core/portmanager.lua | |
parent | a5ccb8a860924f48570242e468267885137e3e9a (diff) | |
parent | a115da90578ef0e91e7fb911421142552a4e8e4a (diff) | |
download | prosody-6f71d38f1f92ef51fd9d82cbfb8c33a518010651.tar.gz prosody-6f71d38f1f92ef51fd9d82cbfb8c33a518010651.zip |
Merge 0.9->trunk
Diffstat (limited to 'core/portmanager.lua')
-rw-r--r-- | core/portmanager.lua | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/core/portmanager.lua b/core/portmanager.lua index 68c7617a..1b3740cf 100644 --- a/core/portmanager.lua +++ b/core/portmanager.lua @@ -70,6 +70,16 @@ prosody.events.add_handler("item-removed/net-provider", function (event) unregister_service(item.name, item); end); +local function duplicate_ssl_config(ssl_config) + local ssl_config = type(ssl_config) == "table" and ssl_config or {}; + + local _config = {}; + for k, v in pairs(ssl_config) do + _config[k] = v; + end + return _config; +end + --- Public API function activate(service_name) @@ -114,9 +124,24 @@ function activate(service_name) local err; -- Create SSL context for this service/port if service_info.encryption == "ssl" then - local ssl_config = config.get("*", config_prefix.."ssl"); - ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config and (ssl_config[port_number] - or (ssl_config.certificate and ssl_config))); + local ssl_config = duplicate_ssl_config((config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[interface]) + or (config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[port]) + or config.get("*", config_prefix.."ssl") + or (config.get("*", "ssl") and config.get("*", "ssl")[interface]) + or (config.get("*", "ssl") and config.get("*", "ssl")[port]) + or config.get("*", "ssl")); + -- add default entries for, or override ssl configuration + if ssl_config and service_info.ssl_config then + for key, value in pairs(service_info.ssl_config) do + if not service_info.ssl_config_override and not ssl_config[key] then + ssl_config[key] = value; + elseif service_info.ssl_config_override then + ssl_config[key] = value; + end + end + end + + ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config); if not ssl then log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error"); end |