diff options
| -rw-r--r-- | core/certmanager.lua | 2 | ||||
| -rw-r--r-- | core/componentmanager.lua | 7 | ||||
| -rw-r--r-- | core/hostmanager.lua | 4 |
3 files changed, 7 insertions, 6 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index b42c6706..5794ba6e 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -19,7 +19,7 @@ local default_ssl_ctx_in_mt = { __index = default_ssl_ctx_in }; -- Global SSL options if not overridden per-host local default_ssl_config = configmanager.get("*", "core", "ssl"); -function get_context(host, mode, config) +function create_context(host, mode, config) local ssl_config = config and config.core.ssl or default_ssl_config; if ssl and ssl_config then local ctx, err = ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); diff --git a/core/componentmanager.lua b/core/componentmanager.lua index a7c24617..cc505894 100644 --- a/core/componentmanager.lua +++ b/core/componentmanager.lua @@ -8,6 +8,7 @@ local prosody = _G.prosody; local log = require "util.logger".init("componentmanager"); +local certmanager = require "core.certmanager"; local configmanager = require "core.configmanager"; local modulemanager = require "core.modulemanager"; local jid_split = require "util.jid".split; @@ -84,11 +85,11 @@ function create_component(host, component, events) if hosts[base_host] then ssl_ctx = hosts[base_host].ssl_ctx; ssl_ctx_in = hosts[base_host].ssl_ctx_in; - elseif prosody.global_ssl_ctx then + else -- We have no cert, and no parent host to borrow a cert from -- Use global/default cert if there is one - ssl_ctx = ssl.newcontext(prosody.global_ssl_ctx); - ssl_ctx_in = ssl.newcontext(setmetatable({ mode = "server" }, { __index = prosody.global_ssl_ctx })); + ssl_ctx = certmanager.create_context(host, "client"); + ssl_ctx_in = certmanager.create_context(host, "server"); end end return { type = "component", host = host, connected = true, s2sout = {}, diff --git a/core/hostmanager.lua b/core/hostmanager.lua index f8d7400d..7071296f 100644 --- a/core/hostmanager.lua +++ b/core/hostmanager.lua @@ -65,8 +65,8 @@ function activate(host, host_config) end end - hosts[host].ssl_ctx = certmanager.get_context(host, "client", host_config); -- for outgoing connections - hosts[host].ssl_ctx_in = certmanager.get_context(host, "server", host_config); -- for incoming connections + hosts[host].ssl_ctx = certmanager.create_context(host, "client", host_config); -- for outgoing connections + hosts[host].ssl_ctx_in = certmanager.create_context(host, "server", host_config); -- for incoming connections log((hosts_loaded_once and "info") or "debug", "Activated host: %s", host); eventmanager.fire_event("host-activated", host, host_config); |