From 7c93370ad564fc9176b97cf981ed7e10e05d8890 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20Sch=C3=A4fer?= Date: Tue, 21 Dec 2021 21:20:21 +0100 Subject: prosodyctl cert: use the indexing functions for better UX These provide (a) a way to deal with random assortments of certs and (b) avoid unnecessary error messages and warnings, according to #1669 anyway, which this fixes. --- core/certmanager.lua | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'core') diff --git a/core/certmanager.lua b/core/certmanager.lua index e2324db5..017271d9 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -167,12 +167,10 @@ end local cert_index; -local function find_host_cert(host) +local function find_cert_in_index(index, host) if not host then return nil; end - if not cert_index then - cert_index = index_certs(resolve_path(config_path, global_certificates)); - end - local certs = cert_index[host]; + if not index then return nil; end + local certs = index[host]; if certs then local cert_filename, services = next(certs); if services["*"] then @@ -183,8 +181,16 @@ local function find_host_cert(host) } end end + return nil +end + +local function find_host_cert(host) + if not host then return nil; end + if not cert_index then + cert_index = index_certs(resolve_path(config_path, global_certificates)); + end - return find_cert(configmanager.get(host, "certificate"), host) or find_host_cert(host:match("%.(.+)$")); + return find_cert_in_index(cert_index, host) or find_cert(configmanager.get(host, "certificate"), host) or find_host_cert(host:match("%.(.+)$")); end local function find_service_cert(service, port) @@ -439,5 +445,7 @@ return { create_context = create_context; reload_ssl_config = reload_ssl_config; find_cert = find_cert; + index_certs = index_certs; find_host_cert = find_host_cert; + find_cert_in_index = find_cert_in_index; }; -- cgit v1.2.3