local show_usage = prosodyctl.show_usage;
local getchar, getpass = prosodyctl.getchar, prosodyctl.getpass;
local show_yesno = prosodyctl.show_yesno;
+local show_prompt = prosodyctl.show_prompt;
local read_password = prosodyctl.read_password;
local prosodyctl_timeout = (config.get("*", "core", "prosodyctl_timeout") or 5) * 2;
end
require "util.array";
- require "util.iterators";
+ local keys = require "util.iterators".keys;
print("Prosody "..(prosody.version or "(unknown version)"));
print("");
print("");
end
+function commands.reload(arg)
+ if arg[1] == "--help" then
+ show_usage([[reload]], [[Reload Prosody's configuration and re-open log files]]);
+ return 1;
+ end
+
+ if not prosodyctl.isrunning() then
+ show_message("Prosody is not running");
+ return 1;
+ end
+
+ local ok, ret = prosodyctl.reload();
+ if ok then
+
+ show_message("Prosody log files re-opened and config file reloaded. You may need to reload modules for some changes to take effect.");
+ return 0;
+ end
+
+ show_message(error_messages[ret]);
+ return 1;
+end
-- ejabberdctl compatibility
function commands.register(arg)
return 1;
end
+local openssl = require "util.openssl";
+
+local cert_commands = {};
+
+function cert_commands.config(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local conf_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".cnf";
+ if os.execute("test -f "..conf_filename) == 0
+ and not show_yesno("Overwrite "..conf_filename .. "?") then
+ return nil, conf_filename;
+ end
+ local conf = openssl.config.new();
+ conf:from_prosody(hosts, config, arg);
+ for k, v in pairs(conf.distinguished_name) do
+ local nv;
+ if k == "commonName" then
+ v = arg[1]
+ elseif k == "emailAddress" then
+ v = "xmpp@" .. arg[1];
+ end
+ nv = show_prompt(("%s (%s):"):format(k, nv or v));
+ nv = (not nv or nv == "") and v or nv;
+ conf.distinguished_name[k] = nv ~= "." and nv or nil;
+ end
+ local conf_file = io.open(conf_filename, "w");
+ conf_file:write(conf:serialize());
+ conf_file:close();
+ print("");
+ show_message("Config written to " .. conf_filename);
+ return nil, conf_filename;
+ else
+ show_usage("cert config HOSTNAME", "generates config for OpenSSL")
+ end
+end
+
+function cert_commands.key(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local key_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".key";
+ if os.execute("test -f "..key_filename) == 0 then
+ if not show_yesno("Overwrite "..key_filename .. "?") then
+ return nil, key_filename;
+ end
+ os.remove(key_filename); -- We chmod this file to not have write permissions
+ end
+ local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048);
+ if openssl.genrsa{out=key_filename, key_size} then
+ os.execute(("chmod 400 '%s'"):format(key_filename));
+ show_message("Key written to ".. key_filename);
+ return nil, key_filename;
+ end
+ show_message("There was a problem, see OpenSSL output");
+ else
+ show_usage("cert key HOSTNAME <bits>", "Generates a RSA key")
+ end
+end
+
+function cert_commands.request(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local req_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".req";
+ if os.execute("test -f "..req_filename) == 0
+ and not show_yesno("Overwrite "..req_filename .. "?") then
+ return nil, req_filename;
+ end
+ local _, key_filename = cert_commands.key({arg[1]});
+ local _, conf_filename = cert_commands.config({arg[1]});
+ if openssl.req{new=true, key=key_filename, utf8=true, config=conf_filename, out=req_filename} then
+ show_message("Certificate request written to ".. req_filename);
+ else
+ show_message("There was a problem, see OpenSSL output");
+ end
+ else
+ show_usage("cert request HOSTNAME", "Generates a certificate request")
+ end
+end
+
+function cert_commands.generate(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local cert_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".cert";
+ if os.execute("test -f "..cert_filename) == 0
+ and not show_yesno("Overwrite "..cert_filename .. "?") then
+ return nil, cert_filename;
+ end
+ local _, key_filename = cert_commands.key({arg[1]});
+ local _, conf_filename = cert_commands.config({arg[1]});
+ local ret;
+ if key_filename and conf_filename and cert_filename
+ and openssl.req{new=true, x509=true, nodes=true, key=key_filename,
+ days=365, sha1=true, utf8=true, config=conf_filename, out=cert_filename} then
+ show_message("Certificate written to ".. cert_filename);
+ else
+ show_message("There was a problem, see OpenSSL output");
+ end
+ else
+ show_usage("cert generate HOSTNAME", "Generates a self-signed certificate")
+ end
+end
+
+function commands.cert(arg)
+ if #arg >= 1 and arg[1] ~= "--help" then
+ local subcmd = table.remove(arg, 1);
+ if type(cert_commands[subcmd]) == "function" then
+ return cert_commands[subcmd](arg);
+ end
+ end
+ show_usage("cert config|request|generate|key", "Helpers for X.509 certificates.")
+end
+
---------------------
if command and command:match("^mod_") then -- Is a command in a module
print("Where COMMAND may be one of:\n");
local hidden_commands = require "util.set".new{ "register", "unregister", "addplugin" };
- local commands_order = { "adduser", "passwd", "deluser", "start", "stop", "restart", "about" };
+ local commands_order = { "adduser", "passwd", "deluser", "start", "stop", "restart", "reload", "about" };
local done = {};