diff options
| author | Kim Alvefur <zash@zash.se> | 2017-08-28 21:05:12 +0200 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2017-08-28 21:05:12 +0200 |
| commit | 38f73e28ae61f2222667b06ce99e44193ef82d78 (patch) | |
| tree | fd5a447ceea625acd90410b509ca06e498d25171 /prosodyctl | |
| parent | e9d37d780b2e50e4f3ed34d3c355d651c0375cb2 (diff) | |
| parent | 7e28119b3d3fe91b2f8541da2af90b232ab38412 (diff) | |
| download | prosody-38f73e28ae61f2222667b06ce99e44193ef82d78.tar.gz prosody-38f73e28ae61f2222667b06ce99e44193ef82d78.zip | |
Merge 0.10->trunk
Diffstat (limited to 'prosodyctl')
| -rwxr-xr-x | prosodyctl | 16 |
1 files changed, 15 insertions, 1 deletions
@@ -249,6 +249,13 @@ local modulemanager = require "core.modulemanager" local prosodyctl = require "util.prosodyctl" local socket = require "socket" + +local http = require "net.http" +local config_ssl = config.get("*", "ssl") +local https_client = config.get("*", "client_https_ssl") +http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client", + { capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client); + ----------------------- -- FIXME: Duplicate code waiting for util.startup @@ -1334,7 +1341,14 @@ function commands.check(arg) print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking"); cert_ok = false else - for host in enabled_hosts() do + local function skip_bare_jid_hosts(host) + if jid_split(host) then + -- See issue #779 + return false; + end + return true; + end + for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do print("Checking certificate for "..host); -- First, let's find out what certificate this host uses. local host_ssl_config = config.rawget(host, "ssl") |