aboutsummaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2014-07-03 15:33:11 +0200
committerKim Alvefur <zash@zash.se>2014-07-03 15:33:11 +0200
commitc24bed529f750d1b4108502d7d035ae491bac2ef (patch)
tree49bbb7abbfdd27e3100ec0840aa9efee8e726ef6 /core
parent349d03f965ef0aa20556591c44d290f5d40e7557 (diff)
downloadprosody-c24bed529f750d1b4108502d7d035ae491bac2ef.tar.gz
prosody-c24bed529f750d1b4108502d7d035ae491bac2ef.zip
core.portmanager: Simplify and take advantage of new ssl config merging in certmanager
Diffstat (limited to 'core')
-rw-r--r--core/portmanager.lua37
1 files changed, 9 insertions, 28 deletions
diff --git a/core/portmanager.lua b/core/portmanager.lua
index 4cbf3eb3..bc2d4264 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -72,16 +72,6 @@ prosody.events.add_handler("item-removed/net-provider", function (event)
unregister_service(item.name, item);
end);
-local function duplicate_ssl_config(ssl_config)
- local ssl_config = type(ssl_config) == "table" and ssl_config or {};
-
- local _config = {};
- for k, v in pairs(ssl_config) do
- _config[k] = v;
- end
- return _config;
-end
-
--- Public API
function activate(service_name)
@@ -127,24 +117,15 @@ function activate(service_name)
local err;
-- Create SSL context for this service/port
if service_info.encryption == "ssl" then
- local ssl_config = duplicate_ssl_config((config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[interface])
- or (config.get("*", config_prefix.."ssl") and config.get("*", config_prefix.."ssl")[port])
- or config.get("*", config_prefix.."ssl")
- or (config.get("*", "ssl") and config.get("*", "ssl")[interface])
- or (config.get("*", "ssl") and config.get("*", "ssl")[port])
- or config.get("*", "ssl"));
- -- add default entries for, or override ssl configuration
- if ssl_config and service_info.ssl_config then
- for key, value in pairs(service_info.ssl_config) do
- if not service_info.ssl_config_override and not ssl_config[key] then
- ssl_config[key] = value;
- elseif service_info.ssl_config_override then
- ssl_config[key] = value;
- end
- end
- end
-
- ssl, err = certmanager.create_context(service_info.name.." port "..port, "server", ssl_config);
+ local global_ssl_config = config.get("*", "ssl") or {};
+ local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config;
+ ssl, err = certmanager.create_context(service_info.name.." port "..port, "server",
+ service_info.ssl_config or {},
+ prefix_ssl_config[interface],
+ prefix_ssl_config[port],
+ prefix_ssl_config,
+ global_ssl_config[interface],
+ global_ssl_config[port]);
if not ssl then
log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error");
end