1 files changed, 29 insertions, 23 deletions

diff --git a/core/portmanager.lua b/core/portmanager.lua
index 38c74b66..904c979c 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -1,11 +1,11 @@
-local config = require "core.configmanager";
-local certmanager = require "core.certmanager";
-local server = require "net.server";
+local config = require "prosody.core.configmanager";
+local certmanager = require "prosody.core.certmanager";
+local server = require "prosody.net.server";
 local socket = require "socket";
 
-local log = require "util.logger".init("portmanager");
-local multitable = require "util.multitable";
-local set = require "util.set";
+local log = require "prosody.util.logger".init("portmanager");
+local multitable = require "prosody.util.multitable";
+local set = require "prosody.util.set";
 
 local table = table;
 local setmetatable, rawset, rawget = setmetatable, rawset, rawget;
@@ -48,14 +48,11 @@ local function error_to_friendly_message(service_name, port, err) --luacheck: ig
 	if err:match(" in use") then
 		-- FIXME: Use service_name here
 		if port == 5222 or port == 5223 or port == 5269 then
-			friendly_message = "check that Prosody or another XMPP server is "
-				.."not already running and using this port";
-		elseif port == 80 or port == 81 then
-			friendly_message = "check that a HTTP server is not already using "
-				.."this port";
+			friendly_message = "check that Prosody or another XMPP server is not already running and using this port";
+		elseif port == 80 or port == 81 or port == 443 then
+			friendly_message = "check that a HTTP server is not already using this port";
 		elseif port == 5280 then
-			friendly_message = "check that Prosody or a BOSH connection manager "
-				.."is not already running";
+			friendly_message = "check that Prosody or a BOSH connection manager is not already running";
 		else
 			friendly_message = "this port is in use by another application";
 		end
@@ -222,6 +219,13 @@ function get_service_at(interface, port)
 	return data.service, data.server;
 end
 
+local function get_tls_config_at(interface, port)
+	local data = active_services:search(nil, interface, port);
+	if not data or not data[1] or not data[1][1] then return nil, "not-found"; end
+	data = data[1][1];
+	return data.tls_cfg;
+end
+
 local function get_service(service_name)
 	return (services[service_name] or {})[1];
 end
@@ -240,21 +244,22 @@ local function add_sni_host(host, service)
 	log("debug", "Gathering certificates for SNI for host %s, %s service", host, service or "default");
 	for name, interface, port, n, active_service --luacheck: ignore 213
 		in active_services:iter(service, nil, nil, nil) do
-		if active_service.server.hosts and active_service.tls_cfg then
-			local config_prefix = (active_service.config_prefix or name).."_";
-			if config_prefix == "_" then config_prefix = ""; end
-			local prefix_ssl_config = config.get(host, config_prefix.."ssl");
+		if active_service.server and active_service.tls_cfg then
 			local alternate_host = name and config.get(host, name.."_host");
 			if not alternate_host and name == "https" then
 				-- TODO should this be some generic thing? e.g. in the service definition
 				alternate_host = config.get(host, "http_host");
 			end
 			local autocert = certmanager.find_host_cert(alternate_host or host);
-			-- luacheck: ignore 211/cfg
-			local ssl, err, cfg = certmanager.create_context(host, "server", prefix_ssl_config, autocert, active_service.tls_cfg);
-			if ssl then
-				active_service.server.hosts[alternate_host or host] = ssl;
-			else
+			local manualcert = active_service.tls_cfg;
+			local certificate = (autocert and autocert.certificate) or manualcert.certificate;
+			local key = (autocert and autocert.key) or manualcert.key;
+			local ok, err = active_service.server:sslctx():set_sni_host(
+				host,
+				certificate,
+				key
+			);
+			if not ok then
 				log("error", "Error creating TLS context for SNI host %s: %s", host, err);
 			end
 		end
@@ -277,7 +282,7 @@ prosody.events.add_handler("host-deactivated", function (host)
 	for name, interface, port, n, active_service --luacheck: ignore 213
 		in active_services:iter(nil, nil, nil, nil) do
 		if active_service.tls_cfg then
-			active_service.server.hosts[host] = nil;
+			active_service.server:sslctx():remove_sni_host(host)
 		end
 	end
 end);
@@ -312,6 +317,7 @@ return {
 	unregister_service = unregister_service;
 	close = close;
 	get_service_at = get_service_at;
+	get_tls_config_at = get_tls_config_at;
 	get_service = get_service;
 	get_active_services = get_active_services;
 	get_registered_services = get_registered_services;