23 local default_capath = "/etc/ssl/certs"; |
23 local default_capath = "/etc/ssl/certs"; |
24 |
24 |
25 function create_context(host, mode, config) |
25 function create_context(host, mode, config) |
26 local user_ssl_config = config and config.core.ssl or default_ssl_config; |
26 local user_ssl_config = config and config.core.ssl or default_ssl_config; |
27 |
27 |
28 if not(ssl and user_ssl_config) then return nil; end |
28 if not ssl then return nil, "LuaSec (required for encryption) was not found"; end |
|
29 if not user_ssl_config then return nil, "No SSL/TLS configuration present for "..host; end |
29 |
30 |
30 local ssl_config = { |
31 local ssl_config = { |
31 mode = mode; |
32 mode = mode; |
32 protocol = user_ssl_config.protocol or "sslv23"; |
33 protocol = user_ssl_config.protocol or "sslv23"; |
33 key = resolve_path(user_ssl_config.key); |
34 key = resolve_path(user_ssl_config.key); |
65 end |
66 end |
66 log("error", "SSL/TLS: Failed to load %s: %s", file, reason); |
67 log("error", "SSL/TLS: Failed to load %s: %s", file, reason); |
67 else |
68 else |
68 log("error", "SSL/TLS: Error initialising for host %s: %s", host, err ); |
69 log("error", "SSL/TLS: Error initialising for host %s: %s", host, err ); |
69 end |
70 end |
70 ssl = false |
|
71 end |
71 end |
72 return ctx, err; |
72 return ctx, err; |
73 end |
73 end |
74 |
74 |
75 function reload_ssl_config() |
75 function reload_ssl_config() |