--- start listening on sockets
-function net_activate_ports(option, listener, default, conntype)
- local ports = config.get("*", "core", option.."_ports") or default;
- if type(ports) == "number" then ports = {ports} end;
-
- if type(ports) ~= "table" then
- log("error", "core."..option.." is not a table");
- else
- for _, port in ipairs(ports) do
- if type(port) ~= "number" then
- log("error", "Non-numeric "..option.."_ports: "..tostring(port));
- else
- cl.start(listener, {
- ssl = conntype ~= "tcp" and global_ssl_ctx,
- port = port,
- interface = config.get("*", "core", option.."_interface")
- or cl.get(listener).default_interface
- or config.get("*", "core", "interface"),
- type = conntype
- });
+ -- Load SSL settings from config, and create a ctx table
+ local certmanager = require "core.certmanager";
+ local global_ssl_ctx = certmanager.create_context("*", "server");
+ prosody.global_ssl_ctx = global_ssl_ctx;
+
+ local cl = require "net.connlisteners";
+ function prosody.net_activate_ports(option, listener, default, conntype)
+ conntype = conntype or (global_ssl_ctx and "tls") or "tcp";
+ local ports_option = option and option.."_ports" or "ports";
+ if not cl.get(listener) then return; end
+ local ports = config.get("*", "core", ports_option) or default;
+ if type(ports) == "number" then ports = {ports} end;
+
+ if type(ports) ~= "table" then
+ log("error", "core."..ports_option.." is not a table");
+ else
+ for _, port in ipairs(ports) do
+ port = tonumber(port);
+ if type(port) ~= "number" then
+ log("error", "Non-numeric "..ports_option..": "..tostring(port));
+ else
+ local ok, err = cl.start(listener, {
+ ssl = conntype == "ssl" and global_ssl_ctx,
+ port = port,
+ interface = (option and config.get("*", "core", option.."_interface"))
+ or cl.get(listener).default_interface
+ or config.get("*", "core", "interface"),
+ type = conntype
+ });
+ if not ok then
+ local friendly_message = err;
+ if err:match(" in use") then
+ if port == 5222 or port == 5223 or port == 5269 then
+ friendly_message = "check that Prosody or another XMPP server is "
+ .."not already running and using this port";
+ elseif port == 80 or port == 81 then
+ friendly_message = "check that a HTTP server is not already using "
+ .."this port";
+ elseif port == 5280 then
+ friendly_message = "check that Prosody or a BOSH connection manager "
+ .."is not already running";
+ else
+ friendly_message = "this port is in use by another application";
+ end
+ elseif err:match("permission") then
+ friendly_message = "Prosody does not have sufficient privileges to use this port";
+ elseif err == "no ssl context" then
+ if not config.get("*", "core", "ssl") then
+ friendly_message = "there is no 'ssl' config under Host \"*\" which is "
+ .."require for legacy SSL ports";
+ else
+ friendly_message = "initializing SSL support failed, see previous log entries";
+ end
+ end
+ log("error", "Failed to open server port %d, %s", port, friendly_message);
+ end
+ end