From 2c902f163f0f31ac9ea7d803cf2a493cecbaf3fe Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Fri, 7 May 2021 16:35:37 +0200 Subject: core.certmanager: Resolve certs path relative to config dir Otherwise the default "certs" would be relative to $PWD, which works when testing from a source checkout, but not on installed systems where it usually points to the data directory. Also, the LuaFileSystem dir() iterator throws a hard error, which may cause a crash or other problems. --- core/certmanager.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/core/certmanager.lua b/core/certmanager.lua index e7f91fb9..a7432d35 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -158,7 +158,7 @@ local cert_index; local function find_host_cert(host) if not host then return nil; end if not cert_index then - cert_index = index_certs(global_certificates); + cert_index = index_certs(resolve_path(config_path, global_certificates)); end local certs = cert_index[host]; if certs then @@ -177,7 +177,7 @@ end local function find_service_cert(service, port) if not cert_index then - cert_index = index_certs(global_certificates); + cert_index = index_certs(resolve_path(config_path, global_certificates)); end for _, certs in pairs(cert_index) do for cert_filename, services in pairs(certs) do @@ -346,7 +346,7 @@ local function reload_ssl_config() if luasec_has.options.no_compression then core_defaults.options.no_compression = configmanager.get("*", "ssl_compression") ~= true; end - cert_index = index_certs(global_certificates); + cert_index = index_certs(resolve_path(config_path, global_certificates)); end prosody.events.add_handler("config-reloaded", reload_ssl_config); -- cgit v1.2.3