diff options
author | Kim Alvefur <zash@zash.se> | 2015-09-24 20:15:19 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2015-09-24 20:15:19 +0200 |
commit | 8a539ac1ee9de45326aabefaa124bc7792134521 (patch) | |
tree | 12d7f0ee52b21fe124cc849278902ba715a35b32 /prosodyctl | |
parent | 5dcb0569722d6feea8942fd5acc8af7805060f8b (diff) | |
parent | fabb7c056162683bf2da290348bf3c1efaa9e672 (diff) | |
download | prosody-8a539ac1ee9de45326aabefaa124bc7792134521.tar.gz prosody-8a539ac1ee9de45326aabefaa124bc7792134521.zip |
Merge 0.10->trunk
Diffstat (limited to 'prosodyctl')
-rwxr-xr-x | prosodyctl | 37 |
1 files changed, 37 insertions, 0 deletions
@@ -913,6 +913,43 @@ function commands.check(arg) print(" For more information see: http://prosody.im/doc/dns"); end end + local all_options = set.new(); + for host in enabled_hosts() do + all_options:include(set.new(it.to_array(it.keys(config[host])))); + end + local ssl = nil, dependencies.softreq"ssl"; + if not ssl then + if not set.intersection(all_options, set.new({"require_encryption", "c2s_require_encryption", "s2s_require_encryption"})):empty() then + print(""); + print(" You require encryption but LuaSec is not available."); + print(" Connections will fail."); + ok = false; + end + elseif not ssl.loadcertificate then + if all_options:contains("s2s_secure_auth") then + print(""); + print(" You have set s2s_secure_auth but your version of LuaSec does "); + print(" not support certificate validation, so all s2s connections will"); + print(" fail."); + ok = false; + elseif all_options:contains("s2s_secure_domains") then + local secure_domains = set.new(); + for host in enabled_hosts() do + if config[host].s2s_secure_auth == true then + secure_domains:add("*"); + else + secure_domains:include(set.new(config[host].s2s_secure_domains)); + end + end + if not secure_domains:empty() then + print(""); + print(" You have set s2s_secure_domains but your version of LuaSec does "); + print(" not support certificate validation, so s2s connections to/from "); + print(" these domains will fail."); + ok = false; + end + end + end print("Done.\n"); end |