From 2c902f163f0f31ac9ea7d803cf2a493cecbaf3fe Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 7 May 2021 16:35:37 +0200
Subject: core.certmanager: Resolve certs path relative to config dir

Otherwise the default "certs" would be relative to $PWD, which works
when testing from a source checkout, but not on installed systems where
it usually points to the data directory.

Also, the LuaFileSystem dir() iterator throws a hard error, which may
cause a crash or other problems.
---
 core/certmanager.lua | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/certmanager.lua b/core/certmanager.lua
index e7f91fb9..a7432d35 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -158,7 +158,7 @@ local cert_index;
 local function find_host_cert(host)
 	if not host then return nil; end
 	if not cert_index then
-		cert_index = index_certs(global_certificates);
+		cert_index = index_certs(resolve_path(config_path, global_certificates));
 	end
 	local certs = cert_index[host];
 	if certs then
@@ -177,7 +177,7 @@ end
 
 local function find_service_cert(service, port)
 	if not cert_index then
-		cert_index = index_certs(global_certificates);
+		cert_index = index_certs(resolve_path(config_path, global_certificates));
 	end
 	for _, certs in pairs(cert_index) do
 		for cert_filename, services in pairs(certs) do
@@ -346,7 +346,7 @@ local function reload_ssl_config()
 	if luasec_has.options.no_compression then
 		core_defaults.options.no_compression = configmanager.get("*", "ssl_compression") ~= true;
 	end
-	cert_index = index_certs(global_certificates);
+	cert_index = index_certs(resolve_path(config_path, global_certificates));
 end
 
 prosody.events.add_handler("config-reloaded", reload_ssl_config);
-- 
cgit v1.2.3