Mercurial > lxmppd-hg-xmllex / file revision
core/certmanager.lua@04958fb28c44
core/certmanager.lua
Sat, 13 Feb 2010 16:08:43 +0000
- author
- Matthew Wild <mwild1@gmail.com>
- date
- Sat, 13 Feb 2010 16:08:43 +0000
- changeset 2628
- 04958fb28c44
- parent 2564
- 6b4fe320a6ea
- child 2631
- 77f135c7689a
- permissions
- -rw-r--r--
certmanager, hostmanager: Rename get_context() to create_context() to be more explicit about what it does
local configmanager = require "core.configmanager"; local ssl = ssl; local ssl_newcontext = ssl and ssl.newcontext; local setmetatable = setmetatable; local prosody = prosody; module "certmanager" -- These are the defaults if not overridden in the config local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; }; local default_ssl_ctx_mt = { __index = default_ssl_ctx }; local default_ssl_ctx_in_mt = { __index = default_ssl_ctx_in }; -- Global SSL options if not overridden per-host local default_ssl_config = configmanager.get("*", "core", "ssl"); function create_context(host, mode, config) local ssl_config = config and config.core.ssl or default_ssl_config; if ssl and ssl_config then return ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); end return nil; end function reload_ssl_config() default_ssl_config = config.get("*", "core", "ssl"); end prosody.events.add_handler("config-reloaded", reload_ssl_config); return _M;
