equal
deleted
inserted
replaced
13 |
13 |
14 local setmetatable, tostring = setmetatable, tostring; |
14 local setmetatable, tostring = setmetatable, tostring; |
15 |
15 |
16 local prosody = prosody; |
16 local prosody = prosody; |
17 local resolve_path = prosody.resolve_relative_path; |
17 local resolve_path = prosody.resolve_relative_path; |
|
18 local config_path = prosody.paths.config; |
18 |
19 |
19 module "certmanager" |
20 module "certmanager" |
20 |
21 |
21 -- Global SSL options if not overridden per-host |
22 -- Global SSL options if not overridden per-host |
22 local default_ssl_config = configmanager.get("*", "core", "ssl"); |
23 local default_ssl_config = configmanager.get("*", "core", "ssl"); |
29 if not user_ssl_config then return nil, "No SSL/TLS configuration present for "..host; end |
30 if not user_ssl_config then return nil, "No SSL/TLS configuration present for "..host; end |
30 |
31 |
31 local ssl_config = { |
32 local ssl_config = { |
32 mode = mode; |
33 mode = mode; |
33 protocol = user_ssl_config.protocol or "sslv23"; |
34 protocol = user_ssl_config.protocol or "sslv23"; |
34 key = resolve_path(user_ssl_config.key); |
35 key = resolve_path(config_path, user_ssl_config.key); |
35 password = user_ssl_config.password; |
36 password = user_ssl_config.password; |
36 certificate = resolve_path(user_ssl_config.certificate); |
37 certificate = resolve_path(config_path, user_ssl_config.certificate); |
37 capath = resolve_path(user_ssl_config.capath or default_capath); |
38 capath = resolve_path(config_path, user_ssl_config.capath or default_capath); |
38 cafile = resolve_path(user_ssl_config.cafile); |
39 cafile = resolve_path(config_path, user_ssl_config.cafile); |
39 verify = user_ssl_config.verify or "none"; |
40 verify = user_ssl_config.verify or "none"; |
40 options = user_ssl_config.options or "no_sslv2"; |
41 options = user_ssl_config.options or "no_sslv2"; |
41 ciphers = user_ssl_config.ciphers; |
42 ciphers = user_ssl_config.ciphers; |
42 depth = user_ssl_config.depth; |
43 depth = user_ssl_config.depth; |
43 }; |
44 }; |