platform = "posix";
lock_globals = function () end;
unlock_globals = function () end;
+ installed = CFG_SOURCEDIR ~= nil;
+ core_post_stanza = function () end; -- TODO: mod_router!
};
_G.prosody = prosody;
config = require "core.configmanager"
+local ENV_CONFIG;
do
local filenames = {};
local filename;
if arg[1] == "--config" and arg[2] then
table.insert(filenames, arg[2]);
- table.remove(arg, 1); table.remove(arg, 1);
if CFG_CONFIGDIR then
table.insert(filenames, CFG_CONFIGDIR.."/"..arg[2]);
end
+ table.remove(arg, 1); table.remove(arg, 1);
else
for _, format in ipairs(config.parsers()) do
table.insert(filenames, (CFG_CONFIGDIR or ".").."/prosody.cfg."..format);
local file = io.open(filename);
if file then
file:close();
+ ENV_CONFIG = filename;
CFG_CONFIGDIR = filename:match("^(.*)[\\/][^\\/]*$");
break;
end
os.exit(1);
end
end
-local original_logging_config = config.get("*", "core", "log");
-config.set("*", "core", "log", { { levels = { min="info" }, to = "console" } });
+local original_logging_config = config.get("*", "log");
+config.set("*", "log", { { levels = { min="info" }, to = "console" } });
-local data_path = config.get("*", "core", "data_path") or CFG_DATADIR or "data";
-local custom_plugin_paths = config.get("*", "core", "plugin_paths");
+local data_path = config.get("*", "data_path") or CFG_DATADIR or "data";
+local custom_plugin_paths = config.get("*", "plugin_paths");
if custom_plugin_paths then
local path_sep = package.config:sub(3,3);
-- path1;path2;path3;defaultpath...
prosody.paths = { source = CFG_SOURCEDIR, config = CFG_CONFIGDIR,
plugins = CFG_PLUGINDIR or "plugins", data = data_path };
+if prosody.installed then
+ -- Change working directory to data path.
+ require "lfs".chdir(data_path);
+end
+
require "core.loggingmanager"
dependencies.log_warnings();
-- Switch away from root and into the prosody user --
local switched_user, current_uid;
-local want_pposix_version = "0.3.5";
+local want_pposix_version = "0.3.6";
local ok, pposix = pcall(require, "util.pposix");
if ok and pposix then
current_uid = pposix.getuid();
if current_uid == 0 then
-- We haz root!
- local desired_user = config.get("*", "core", "prosody_user") or "prosody";
- local desired_group = config.get("*", "core", "prosody_group") or desired_user;
+ local desired_user = config.get("*", "prosody_user") or "prosody";
+ local desired_group = config.get("*", "prosody_group") or desired_user;
local ok, err = pposix.setgid(desired_group);
if ok then
ok, err = pposix.initgroups(desired_user);
end
-- Set our umask to protect data files
- pposix.umask(config.get("*", "core", "umask") or "027");
+ pposix.umask(config.get("*", "umask") or "027");
+ pposix.setenv("HOME", data_path);
+ pposix.setenv("PROSODY_CONFIG", ENV_CONFIG);
else
print("Error: Unable to load pposix module. Check that Prosody is installed correctly.")
print("For more help send the below error to us through http://prosody.im/discuss");
print(tostring(pposix))
+ os.exit(1);
end
local function test_writeable(filename)
["invalid-hostname"] = "The given hostname is invalid";
["no-password"] = "No password was supplied";
["no-such-user"] = "The given user does not exist on the server";
+ ["no-such-host"] = "The given hostname does not exist in the config";
["unable-to-save-data"] = "Unable to store, perhaps you don't have permission?";
["no-pidfile"] = "There is no 'pidfile' option in the configuration file, see http://prosody.im/doc/prosodyctl#pidfile for help";
["no-posix"] = "The mod_posix module is not enabled in the Prosody config file, see http://prosody.im/doc/prosodyctl for more info";
return {
type = "local",
events = prosody.events,
+ modules = {},
users = require "core.usermanager".new_null_provider(hostname)
};
end
hosts[hostname] = make_host(hostname);
end
-require "core.modulemanager"
+local modulemanager = require "core.modulemanager"
-require "util.prosodyctl"
+local prosodyctl = require "util.prosodyctl"
require "socket"
-----------------------
+ -- FIXME: Duplicate code waiting for util.startup
+function read_version()
+ -- Try to determine version
+ local version_file = io.open((CFG_SOURCEDIR or ".").."/prosody.version");
+ if version_file then
+ prosody.version = version_file:read("*a"):gsub("%s*$", "");
+ version_file:close();
+ if #prosody.version == 12 and prosody.version:match("^[a-f0-9]+$") then
+ prosody.version = "hg:"..prosody.version;
+ end
+ else
+ prosody.version = "unknown";
+ end
+end
+
local show_message, show_warning = prosodyctl.show_message, prosodyctl.show_warning;
local show_usage = prosodyctl.show_usage;
local getchar, getpass = prosodyctl.getchar, prosodyctl.getpass;
local show_yesno = prosodyctl.show_yesno;
+local show_prompt = prosodyctl.show_prompt;
local read_password = prosodyctl.read_password;
-local prosodyctl_timeout = (config.get("*", "core", "prosodyctl_timeout") or 5) * 2;
+local prosodyctl_timeout = (config.get("*", "prosodyctl_timeout") or 5) * 2;
-----------------------
local commands = {};
local command = arg[1];
function commands.adduser(arg)
+ local jid_split = require "util.jid".split;
if not arg[1] or arg[1] == "--help" then
show_usage([[adduser JID]], [[Create the specified user account in Prosody]]);
return 1;
end
- local user, host = arg[1]:match("([^@]+)@(.+)");
+ local user, host = jid_split(arg[1]);
if not user and host then
show_message [[Failed to understand JID, please supply the JID you want to create]]
show_usage [[adduser user@host]]
end
function commands.passwd(arg)
+ local jid_split = require "util.jid".split;
if not arg[1] or arg[1] == "--help" then
show_usage([[passwd JID]], [[Set the password for the specified user account in Prosody]]);
return 1;
end
- local user, host = arg[1]:match("([^@]+)@(.+)");
+ local user, host = jid_split(arg[1]);
if not user and host then
show_message [[Failed to understand JID, please supply the JID you want to set the password for]]
show_usage [[passwd user@host]]
end
function commands.deluser(arg)
+ local jid_split = require "util.jid".split;
if not arg[1] or arg[1] == "--help" then
show_usage([[deluser JID]], [[Permanently remove the specified user account from Prosody]]);
return 1;
end
- local user, host = arg[1]:match("([^@]+)@(.+)");
+ local user, host = jid_split(arg[1]);
if not user and host then
show_message [[Failed to understand JID, please supply the JID you want to set the password for]]
show_usage [[passwd user@host]]
return 1;
end
- local ok, msg = prosodyctl.passwd { user = user, host = host };
+ local ok, msg = prosodyctl.deluser { user = user, host = host };
if ok then return 0; end
local ok, ret = prosodyctl.start();
if ok then
- if config.get("*", "core", "daemonize") ~= false then
+ local daemonize = config.get("*", "daemonize");
+ if daemonize == nil then
+ daemonize = prosody.installed;
+ end
+ if daemonize then
local i=1;
while true do
local ok, running = prosodyctl.isrunning();
end
function commands.about(arg)
+ read_version();
if arg[1] == "--help" then
show_usage([[about]], [[Show information about this Prosody installation]]);
return 1;
end
- require "util.array";
- require "util.iterators";
+ local array = require "util.array";
+ local keys = require "util.iterators".keys;
print("Prosody "..(prosody.version or "(unknown version)"));
print("");
function commands.reload(arg)
if arg[1] == "--help" then
- show_usage([[reload]], [[Reload prosody configuration file]]);
+ show_usage([[reload]], [[Reload Prosody's configuration and re-open log files]]);
return 1;
end
return 1;
end
+local openssl;
+local lfs;
+
+local cert_commands = {};
+
+local function ask_overwrite(filename)
+ return lfs.attributes(filename) and not show_yesno("Overwrite "..filename .. "?");
+end
+
+function cert_commands.config(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local conf_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".cnf";
+ if ask_overwrite(conf_filename) then
+ return nil, conf_filename;
+ end
+ local conf = openssl.config.new();
+ conf:from_prosody(hosts, config, arg);
+ show_message("Please provide details to include in the certificate config file.");
+ show_message("Leave the field empty to use the default value or '.' to exclude the field.")
+ for i, k in ipairs(openssl._DN_order) do
+ local v = conf.distinguished_name[k];
+ if v then
+ local nv;
+ if k == "commonName" then
+ v = arg[1]
+ elseif k == "emailAddress" then
+ v = "xmpp@" .. arg[1];
+ elseif k == "countryName" then
+ local tld = arg[1]:match"%.([a-z]+)$";
+ if tld and #tld == 2 and tld ~= "uk" then
+ v = tld:upper();
+ end
+ end
+ nv = show_prompt(("%s (%s):"):format(k, nv or v));
+ nv = (not nv or nv == "") and v or nv;
+ if nv:find"[\192-\252][\128-\191]+" then
+ conf.req.string_mask = "utf8only"
+ end
+ conf.distinguished_name[k] = nv ~= "." and nv or nil;
+ end
+ end
+ local conf_file, err = io.open(conf_filename, "w");
+ if not conf_file then
+ show_warning("Could not open OpenSSL config file for writing");
+ show_warning(err);
+ os.exit(1);
+ end
+ conf_file:write(conf:serialize());
+ conf_file:close();
+ print("");
+ show_message("Config written to " .. conf_filename);
+ return nil, conf_filename;
+ else
+ show_usage("cert config HOSTNAME [HOSTNAME+]", "Builds a certificate config file covering the supplied hostname(s)")
+ end
+end
+
+function cert_commands.key(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local key_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".key";
+ if ask_overwrite(key_filename) then
+ return nil, key_filename;
+ end
+ os.remove(key_filename); -- This file, if it exists is unlikely to have write permissions
+ local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048);
+ local old_umask = pposix.umask("0377");
+ if openssl.genrsa{out=key_filename, key_size} then
+ os.execute(("chmod 400 '%s'"):format(key_filename));
+ show_message("Key written to ".. key_filename);
+ pposix.umask(old_umask);
+ return nil, key_filename;
+ end
+ show_message("There was a problem, see OpenSSL output");
+ else
+ show_usage("cert key HOSTNAME <bits>", "Generates a RSA key named HOSTNAME.key\n "
+ .."Prompts for a key size if none given")
+ end
+end
+
+function cert_commands.request(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local req_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".req";
+ if ask_overwrite(req_filename) then
+ return nil, req_filename;
+ end
+ local _, key_filename = cert_commands.key({arg[1]});
+ local _, conf_filename = cert_commands.config(arg);
+ if openssl.req{new=true, key=key_filename, utf8=true, config=conf_filename, out=req_filename} then
+ show_message("Certificate request written to ".. req_filename);
+ else
+ show_message("There was a problem, see OpenSSL output");
+ end
+ else
+ show_usage("cert request HOSTNAME [HOSTNAME+]", "Generates a certificate request for the supplied hostname(s)")
+ end
+end
+
+function cert_commands.generate(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local cert_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".crt";
+ if ask_overwrite(cert_filename) then
+ return nil, cert_filename;
+ end
+ local _, key_filename = cert_commands.key({arg[1]});
+ local _, conf_filename = cert_commands.config(arg);
+ local ret;
+ if key_filename and conf_filename and cert_filename
+ and openssl.req{new=true, x509=true, nodes=true, key=key_filename,
+ days=365, sha1=true, utf8=true, config=conf_filename, out=cert_filename} then
+ show_message("Certificate written to ".. cert_filename);
+ else
+ show_message("There was a problem, see OpenSSL output");
+ end
+ else
+ show_usage("cert generate HOSTNAME [HOSTNAME+]", "Generates a self-signed certificate for the current hostname(s)")
+ end
+end
+
+function commands.cert(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ openssl = require "util.openssl";
+ lfs = require "lfs";
+ local subcmd = table.remove(arg, 1);
+ if type(cert_commands[subcmd]) == "function" then
+ if not arg[1] then
+ show_message"You need to supply at least one hostname"
+ arg = { "--help" };
+ end
+ if arg[1] ~= "--help" and not hosts[arg[1]] then
+ show_message(error_messages["no-such-host"]);
+ return
+ end
+ return cert_commands[subcmd](arg);
+ end
+ end
+ show_usage("cert config|request|generate|key", "Helpers for generating X.509 certificates and keys.")
+end
+
+function commands.check(arg)
+ if arg[1] == "--help" then
+ show_usage([[check]], [[Perform basic checks on your Prosody installation]]);
+ return 1;
+ end
+ local what = table.remove(arg, 1);
+ local array, set = require "util.array", require "util.set";
+ local it = require "util.iterators";
+ local ok = true;
+ if not what or what == "config" then
+ print("Checking config...");
+ local known_global_options = set.new({
+ "pidfile", "log", "plugin_paths", "prosody_user", "prosody_group", "daemonize",
+ "umask", "prosodyctl_timeout", "use_ipv6", "use_libevent", "network_settings"
+ });
+ local config = config.getconfig();
+ -- Check that we have any global options (caused by putting a host at the top)
+ if it.count(it.filter("log", pairs(config["*"]))) == 0 then
+ ok = false;
+ print("");
+ print(" No global options defined. Perhaps you have put a host definition at the top")
+ print(" of the config file? They should be at the bottom, see http://prosody.im/doc/configure#overview");
+ end
+ -- Check for global options under hosts
+ local global_options = set.new(it.to_array(it.keys(config["*"])));
+ for host, options in it.filter("*", pairs(config)) do
+ local host_options = set.new(it.to_array(it.keys(options)));
+ local misplaced_options = set.intersection(host_options, known_global_options);
+ for name in pairs(options) do
+ if name:match("^interfaces?")
+ or name:match("_ports?$") or name:match("_interfaces?$")
+ or name:match("_ssl$") then
+ misplaced_options:add(name);
+ end
+ end
+ if not misplaced_options:empty() then
+ ok = false;
+ print("");
+ local n = it.count(misplaced_options);
+ print(" You have "..n.." option"..(n>1 and "s " or " ").."set under "..host.." that should be");
+ print(" in the global section of the config file, above any VirtualHost or Component definitions,")
+ print(" see http://prosody.im/doc/configure#overview for more information.")
+ print("");
+ print(" You need to move the following option"..(n>1 and "s" or "")..": "..table.concat(it.to_array(misplaced_options), ", "));
+ end
+ local subdomain = host:match("^[^.]+");
+ if not(host_options:contains("component_module")) and (subdomain == "jabber" or subdomain == "xmpp"
+ or subdomain == "chat" or subdomain == "im") then
+ print("");
+ print(" Suggestion: If "..host.. " is a new host with no real users yet, consider renaming it now to");
+ print(" "..host:gsub("^[^.]+%.", "")..". You can use SRV records to redirect XMPP clients and servers to "..host..".");
+ print(" For more information see: http://prosody.im/doc/dns");
+ end
+ end
+
+ print("Done.\n");
+ end
+ if not what or what == "dns" then
+ local dns = require "net.dns";
+ local idna = require "util.encodings".idna;
+ local ip = require "util.ip";
+ local c2s_ports = set.new(config.get("*", "c2s_ports") or {5222});
+ local s2s_ports = set.new(config.get("*", "s2s_ports") or {5269});
+
+ local c2s_srv_required, s2s_srv_required;
+ if not c2s_ports:contains(5222) then
+ c2s_srv_required = true;
+ end
+ if not s2s_ports:contains(5269) then
+ s2s_srv_required = true;
+ end
+
+ local problem_hosts = set.new();
+
+ local external_addresses, internal_addresses = set.new(), set.new();
+
+ local fqdn = socket.dns.tohostname(socket.dns.gethostname());
+ if fqdn then
+ local res = dns.lookup(idna.to_ascii(fqdn), "A");
+ if res then
+ for _, record in ipairs(res) do
+ external_addresses:add(record.a);
+ end
+ end
+ local res = dns.lookup(idna.to_ascii(fqdn), "AAAA");
+ if res then
+ for _, record in ipairs(res) do
+ external_addresses:add(record.aaaa);
+ end
+ end
+ end
+
+ local local_addresses = require"util.net".local_addresses() or {};
+
+ for addr in it.values(local_addresses) do
+ if not ip.new_ip(addr).private then
+ external_addresses:add(addr);
+ else
+ internal_addresses:add(addr);
+ end
+ end
+
+ if external_addresses:empty() then
+ print("");
+ print(" Failed to determine the external addresses of this server. Checks may be inaccurate.");
+ c2s_srv_required, s2s_srv_required = true, true;
+ end
+
+ local v6_supported = not not socket.tcp6;
+
+ for host, host_options in it.filter("*", pairs(config.getconfig())) do
+ local all_targets_ok, some_targets_ok = true, false;
+
+ local is_component = not not host_options.component_module;
+ print("Checking DNS for "..(is_component and "component" or "host").." "..host.."...");
+ local target_hosts = set.new();
+ if not is_component then
+ local res = dns.lookup("_xmpp-client._tcp."..idna.to_ascii(host)..".", "SRV");
+ if res then
+ for _, record in ipairs(res) do
+ target_hosts:add(record.srv.target);
+ if not c2s_ports:contains(record.srv.port) then
+ print(" SRV target "..record.srv.target.." contains unknown client port: "..record.srv.port);
+ end
+ end
+ else
+ if c2s_srv_required then
+ print(" No _xmpp-client SRV record found for "..host..", but it looks like you need one.");
+ all_targst_ok = false;
+ else
+ target_hosts:add(host);
+ end
+ end
+ end
+ local res = dns.lookup("_xmpp-server._tcp."..idna.to_ascii(host)..".", "SRV");
+ if res then
+ for _, record in ipairs(res) do
+ target_hosts:add(record.srv.target);
+ if not s2s_ports:contains(record.srv.port) then
+ print(" SRV target "..record.srv.target.." contains unknown server port: "..record.srv.port);
+ end
+ end
+ else
+ if s2s_srv_required then
+ print(" No _xmpp-server SRV record found for "..host..", but it looks like you need one.");
+ all_targets_ok = false;
+ else
+ target_hosts:add(host);
+ end
+ end
+ if target_hosts:empty() then
+ target_hosts:add(host);
+ end
+
+ if target_hosts:contains("localhost") then
+ print(" Target 'localhost' cannot be accessed from other servers");
+ target_hosts:remove("localhost");
+ end
+
+ local modules = set.new(it.to_array(it.values(host_options.modules_enabled)))
+ + set.new(it.to_array(it.values(config.get("*", "modules_enabled"))))
+ + set.new({ config.get(host, "component_module") });
+
+ if modules:contains("proxy65") then
+ local proxy65_target = config.get(host, "proxy65_address") or host;
+ local A, AAAA = dns.lookup(idna.to_ascii(proxy65_target), "A"), dns.lookup(idna.to_ascii(proxy65_target), "AAAA");
+ local prob = {};
+ if not A then
+ table.insert(prob, "A");
+ end
+ if v6_supported and not AAAA then
+ table.insert(prob, "AAAA");
+ end
+ if #prob > 0 then
+ print(" File transfer proxy "..proxy65_target.." has no "..table.concat(prob, "/").." record. Create one or set 'proxy65_address' to the correct host/IP.");
+ end
+ end
+
+ for host in target_hosts do
+ local host_ok_v4, host_ok_v6;
+ local res = dns.lookup(idna.to_ascii(host), "A");
+ if res then
+ for _, record in ipairs(res) do
+ if external_addresses:contains(record.a) then
+ some_targets_ok = true;
+ host_ok_v4 = true;
+ elseif internal_addresses:contains(record.a) then
+ host_ok_v4 = true;
+ some_targets_ok = true;
+ print(" "..host.." A record points to internal address, external connections might fail");
+ else
+ print(" "..host.." A record points to unknown address "..record.a);
+ all_targets_ok = false;
+ end
+ end
+ end
+ local res = dns.lookup(idna.to_ascii(host), "AAAA");
+ if res then
+ for _, record in ipairs(res) do
+ if external_addresses:contains(record.aaaa) then
+ some_targets_ok = true;
+ host_ok_v6 = true;
+ elseif internal_addresses:contains(record.aaaa) then
+ host_ok_v6 = true;
+ some_targets_ok = true;
+ print(" "..host.." AAAA record points to internal address, external connections might fail");
+ else
+ print(" "..host.." AAAA record points to unknown address "..record.aaaa);
+ all_targets_ok = false;
+ end
+ end
+ end
+
+ local bad_protos = {}
+ if not host_ok_v4 then
+ table.insert(bad_protos, "IPv4");
+ end
+ if not host_ok_v6 then
+ table.insert(bad_protos, "IPv6");
+ end
+ if #bad_protos > 0 then
+ print(" Host "..host.." does not seem to resolve to this server ("..table.concat(bad_protos, "/")..")");
+ end
+ if host_ok_v6 and not v6_supported then
+ print(" Host "..host.." has AAAA records, but your version of LuaSocket does not support IPv6.");
+ print(" Please see http://prosody.im/doc/ipv6 for more information.");
+ end
+ end
+ if not all_targets_ok then
+ print(" "..(some_targets_ok and "Only some" or "No").." targets for "..host.." appear to resolve to this server.");
+ if is_component then
+ print(" DNS records are necessary if you want users on other servers to access this component.");
+ end
+ problem_hosts:add(host);
+ end
+ print("");
+ end
+ if not problem_hosts:empty() then
+ print("");
+ print("For more information about DNS configuration please see http://prosody.im/doc/dns");
+ print("");
+ ok = false;
+ end
+ end
+ if not what or what == "certs" then
+ local cert_ok;
+ print"Checking certificates..."
+ local x509_verify_identity = require"util.x509".verify_identity;
+ local ssl = dependencies.softreq"ssl";
+ -- local datetime_parse = require"util.datetime".parse_x509;
+ local load_cert = ssl and ssl.x509 and ssl.x509.load;
+ -- or ssl.cert_from_pem
+ if not ssl then
+ print("LuaSec not available, can't perform certificate checks")
+ if what == "certs" then cert_ok = false end
+ elseif not load_cert then
+ print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking");
+ cert_ok = false
+ else
+ for host in pairs(hosts) do
+ if host ~= "*" then -- Should check global certs too.
+ print("Checking certificate for "..host);
+ -- First, let's find out what certificate this host uses.
+ local ssl_config = config.rawget(host, "ssl");
+ if not ssl_config then
+ local base_host = host:match("%.(.*)");
+ ssl_config = config.get(base_host, "ssl");
+ end
+ if not ssl_config then
+ print(" No 'ssl' option defined for "..host)
+ cert_ok = false
+ elseif not ssl_config.certificate then
+ print(" No 'certificate' set in ssl option for "..host)
+ cert_ok = false
+ elseif not ssl_config.key then
+ print(" No 'key' set in ssl option for "..host)
+ cert_ok = false
+ else
+ local key, err = io.open(ssl_config.key); -- Permissions check only
+ if not key then
+ print(" Could not open "..ssl_config.key..": "..err);
+ cert_ok = false
+ else
+ key:close();
+ end
+ local cert_fh, err = io.open(ssl_config.certificate); -- Load the file.
+ if not cert_fh then
+ print(" Could not open "..ssl_config.certificate..": "..err);
+ cert_ok = false
+ else
+ print(" Certificate: "..ssl_config.certificate)
+ local cert = load_cert(cert_fh:read"*a"); cert_fh = cert_fh:close();
+ if not cert:validat(os.time()) then
+ print(" Certificate has expired.")
+ cert_ok = false
+ end
+ if config.get(host, "component_module") == nil
+ and not x509_verify_identity(host, "_xmpp-client", cert) then
+ print(" Not vaild for client connections to "..host..".")
+ cert_ok = false
+ end
+ if (not (config.get(name, "anonymous_login")
+ or config.get(name, "authentication") == "anonymous"))
+ and not x509_verify_identity(host, "_xmpp-client", cert) then
+ print(" Not vaild for server-to-server connections to "..host..".")
+ cert_ok = false
+ end
+ end
+ end
+ end
+ end
+ if cert_ok == false then
+ print("")
+ print("For more information about certificates please see http://prosody.im/doc/certificates");
+ ok = false
+ end
+ end
+ print("")
+ end
+ if not ok then
+ print("Problems found, see above.");
+ else
+ print("All checks passed, congratulations!");
+ end
+ return ok and 0 or 2;
+end
+
---------------------
if command and command:match("^mod_") then -- Is a command in a module