From 86ed7cd44e4415a2b729c7d251184d14d5ced809 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Tue, 23 Apr 2019 19:13:50 +0200
Subject: mod_tls: Log debug message for each kind of TLS context created

Creating TLS contexts triggers a lot of messages from certmanager that
don't really describe their purpose. This is meant to provide hints
about that.
---
 plugins/mod_tls.lua | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index 029ddd1d..eb208e28 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -52,12 +52,15 @@ function module.load()
 	local parent_s2s = rawgetopt(parent,  "s2s_ssl") or NULL;
 	local host_s2s   = rawgetopt(modhost, "s2s_ssl") or parent_s2s;
 
+	module:log("debug", "Creating context for c2s");
 	ssl_ctx_c2s, err, ssl_cfg_c2s = create_context(host.host, "server", host_c2s, host_ssl, global_c2s); -- for incoming client connections
 	if not ssl_ctx_c2s then module:log("error", "Error creating context for c2s: %s", err); end
 
+	module:log("debug", "Creating context for s2sout");
 	ssl_ctx_s2sout, err, ssl_cfg_s2sout = create_context(host.host, "client", host_s2s, host_ssl, global_s2s); -- for outgoing server connections
 	if not ssl_ctx_s2sout then module:log("error", "Error creating contexts for s2sout: %s", err); end
 
+	module:log("debug", "Creating context for s2sin");
 	ssl_ctx_s2sin, err, ssl_cfg_s2sin = create_context(host.host, "server", host_s2s, host_ssl, global_s2s); -- for incoming server connections
 	if not ssl_ctx_s2sin then module:log("error", "Error creating contexts for s2sin: %s", err); end
 end
-- 
cgit v1.2.3


From 06cf2e641afcf6c55b3ed8788c1ee56dc7ced9cf Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Tue, 23 Apr 2019 19:21:06 +0200
Subject: core.portmanager: Log debug message for each kind of TLS context
 created

---
 core/portmanager.lua | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/portmanager.lua b/core/portmanager.lua
index 1ed37da0..bed5eca5 100644
--- a/core/portmanager.lua
+++ b/core/portmanager.lua
@@ -112,6 +112,7 @@ local function activate(service_name)
 				if service_info.encryption == "ssl" then
 					local global_ssl_config = config.get("*", "ssl") or {};
 					local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config;
+					log("debug", "Creating context for direct TLS service %s on port %d", service_info.name, port);
 					ssl, err = certmanager.create_context(service_info.name.." port "..port, "server",
 						prefix_ssl_config[interface],
 						prefix_ssl_config[port],
-- 
cgit v1.2.3


From c42a786ec79fcfe936a3dccde9d0cdf70d6255b0 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 24 Apr 2019 16:16:19 +0200
Subject: util.encodings: Allow unassigned code points in ICU mode to match
 libidn behavior (fixes #1348)

---
 util-src/encodings.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/util-src/encodings.c b/util-src/encodings.c
index f7e8131f..e55a3f44 100644
--- a/util-src/encodings.c
+++ b/util-src/encodings.c
@@ -299,7 +299,7 @@ static int icu_stringprep_prep(lua_State *L, const UStringPrepProfile *profile)
 		return 1;
 	}
 
-	prepped_len = usprep_prepare(profile, unprepped, unprepped_len, prepped, 1024, 0, NULL, &err);
+	prepped_len = usprep_prepare(profile, unprepped, unprepped_len, prepped, 1024, USPREP_ALLOW_UNASSIGNED, NULL, &err);
 
 	if(U_FAILURE(err)) {
 		lua_pushnil(L);
-- 
cgit v1.2.3