---[[\r
-\r
- server.lua by blastbeat\r
-\r
- - this script contains the server loop of the program\r
- - other scripts can reg a server here\r
-\r
-]]--\r
+-- \r
+-- server.lua by blastbeat of the luadch project\r
+-- Re-used here under the MIT/X Consortium License\r
+-- \r
+-- Modifications (C) 2008-2009 Matthew Wild, Waqas Hussain\r
+--\r
\r
-- // wrapping luadch stuff // --\r
\r
local ssl = false\r
\r
if sslctx then\r
+ ssl = true\r
if not ssl_newcontext then\r
- return nil, "luasec not found"\r
+ out_error "luasec not found"\r
+ ssl = false\r
end\r
if type( sslctx ) ~= "table" then\r
out_error "server.lua: wrong server sslctx"\r
- return nil, "wrong server sslctx"\r
+ ssl = false\r
end\r
- sslctx, err = ssl_newcontext( sslctx )\r
- if not sslctx then\r
+ local ctx;\r
+ ctx, err = ssl_newcontext( sslctx )\r
+ if not ctx then\r
err = err or "wrong sslctx parameters"\r
- out_error( "server.lua: ", err )\r
- return nil, err\r
+ local file;\r
+ file = err:match("^error loading (.-) %(");\r
+ if file then\r
+ if file == "private key" then\r
+ file = sslctx.key or "your private key";\r
+ elseif file == "certificate" then\r
+ file = sslctx.certificate or "your certificate file";\r
+ end\r
+ local reason = err:match("%((.+)%)$") or "some reason";\r
+ if reason == "Permission denied" then\r
+ reason = "Check that the permissions allow Prosody to read this file.";\r
+ elseif reason == "No such file or directory" then\r
+ reason = "Check that the path is correct, and the file exists.";\r
+ elseif reason == "system lib" then\r
+ reason = "Previous error (see logs), or other system error.";\r
+ else\r
+ reason = "Reason: "..tostring(reason or "unknown"):lower();\r
+ end\r
+ log("error", "SSL/TLS: Failed to load %s: %s", file, reason);\r
+ else\r
+ log("error", "SSL/TLS: Error initialising for port %d: %s", serverport, err );\r
+ end\r
+ ssl = false\r
end\r
- ssl = true\r
- else\r
- out_put("server.lua: ", "ssl not enabled on ", serverport);\r
+ sslctx = ctx;\r
+ end\r
+ if not ssl then\r
+ sslctx = false;\r
+ if startssl then\r
+ log("error", "Failed to listen on port %d due to SSL/TLS to SSL/TLS initialisation errors (see logs)", serverport )\r
+ return nil, "Cannot start ssl, see log for details"\r
+ end\r
end\r
\r
local accept = socket.accept\r
end\r
end\r
disconnect( handler, "ssl handshake failed" )\r
- handler.close( true ) -- forced disconnect\r
+ _ = handler and handler.close( true ) -- forced disconnect\r
return false -- handshake failed\r
end\r
)\r
socket:settimeout( 0 )\r
handler.readbuffer = handshake\r
handler.sendbuffer = handshake\r
- handshake( socket ) -- do handshake\r
+ handshake( socket ) -- do handshake\r
+ if not socket then\r
+ return nil, nil, "ssl handshake failed";\r
+ end\r
else\r
-- We're not automatically doing SSL, so we're not secure (yet)\r
ssl = false\r
return nil, "no server found on port '" .. tostring( port ) "'"\r
end\r
handler.close( )\r
+ _server[ port ] = nil\r
return true\r
end\r
\r