net_activate_ports: Use the default config option 'ports' when no option is specified.

[prosody.git] / core / hostmanager.lua

diff --git a/core/hostmanager.lua b/core/hostmanager.lua
index 61aeefb9e6dd7df0131e34aaf309f93918888584..713788ddeee2e0b32e68f1e02f02722b7a39d579 100644 (file)
--- a/core/hostmanager.lua
+++ b/core/hostmanager.lua
@@ -20,7 +20,8 @@ end
 local incoming_s2s = _G.prosody.incoming_s2s;
 
 -- These are the defaults if not overridden in the config
-local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none"; };
+local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; };
+local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; };
 
 local log = require "util.logger".init("hostmanager");
 
@@ -61,6 +62,7 @@ function activate(host, host_config)
                local ssl_config = host_config.core.ssl or configmanager.get("*", "core", "ssl");
                if ssl_config then
                        hosts[host].ssl_ctx = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx }));
+                       hosts[host].ssl_ctx_in = ssl.newcontext(setmetatable(ssl_config, { __index = default_ssl_ctx_in }));
                end
         end