From 10fc065796852f28bdb086abd019603cb8631bc0 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Wed, 5 May 2021 17:52:51 +0200 Subject: core.portmanager: Allow overriding expected SNI name per service E.g. VirtualHost"example.com" https_name = "xmpp.example.com" --- core/portmanager.lua | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'core') diff --git a/core/portmanager.lua b/core/portmanager.lua index ff12d447..46976368 100644 --- a/core/portmanager.lua +++ b/core/portmanager.lua @@ -237,11 +237,12 @@ local function add_sni_host(host, service) local config_prefix = (active_service.config_prefix or name).."_"; if config_prefix == "_" then config_prefix = ""; end local prefix_ssl_config = config.get(host, config_prefix.."ssl"); - local autocert = certmanager.find_host_cert(host); + local alternate_host = service and config.get(host, service.."_host"); + local autocert = certmanager.find_host_cert(alternate_host or host); -- luacheck: ignore 211/cfg local ssl, err, cfg = certmanager.create_context(host, "server", prefix_ssl_config, autocert, active_service.tls_cfg); if ssl then - active_service.server.hosts[host] = ssl; + active_service.server.hosts[alternate_host or host] = ssl; else log("error", "Error creating TLS context for SNI host %s: %s", host, err); end -- cgit v1.2.3