diff options
| author | Kim Alvefur <zash@zash.se> | 2017-08-28 21:05:12 +0200 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2017-08-28 21:05:12 +0200 |
| commit | 0f00e8546042a22a56ea63a0fb7387e70bba4d1a (patch) | |
| tree | fd5a447ceea625acd90410b509ca06e498d25171 /prosodyctl | |
| parent | ab793182e77752bd08cf0347a95298312693563b (diff) | |
| parent | 672ab9595bcadcefa5c8725fd0ba4d7d6089b4f5 (diff) | |
| download | prosody-0f00e8546042a22a56ea63a0fb7387e70bba4d1a.tar.gz prosody-0f00e8546042a22a56ea63a0fb7387e70bba4d1a.zip | |
Merge 0.10->trunk
Diffstat (limited to 'prosodyctl')
| -rwxr-xr-x | prosodyctl | 16 |
1 files changed, 15 insertions, 1 deletions
@@ -249,6 +249,13 @@ local modulemanager = require "core.modulemanager" local prosodyctl = require "util.prosodyctl" local socket = require "socket" + +local http = require "net.http" +local config_ssl = config.get("*", "ssl") +local https_client = config.get("*", "client_https_ssl") +http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client", + { capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client); + ----------------------- -- FIXME: Duplicate code waiting for util.startup @@ -1334,7 +1341,14 @@ function commands.check(arg) print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking"); cert_ok = false else - for host in enabled_hosts() do + local function skip_bare_jid_hosts(host) + if jid_split(host) then + -- See issue #779 + return false; + end + return true; + end + for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do print("Checking certificate for "..host); -- First, let's find out what certificate this host uses. local host_ssl_config = config.rawget(host, "ssl") |