-- Will be modified by configure script if run --
-CFG_SOURCEDIR=os.getenv("PROSODY_SRCDIR");
-CFG_CONFIGDIR=os.getenv("PROSODY_CFGDIR");
-CFG_PLUGINDIR=os.getenv("PROSODY_PLUGINDIR");
-CFG_DATADIR=os.getenv("PROSODY_DATADIR");
+CFG_SOURCEDIR=CFG_SOURCEDIR or os.getenv("PROSODY_SRCDIR");
+CFG_CONFIGDIR=CFG_CONFIGDIR or os.getenv("PROSODY_CFGDIR");
+CFG_PLUGINDIR=CFG_PLUGINDIR or os.getenv("PROSODY_PLUGINDIR");
+CFG_DATADIR=CFG_DATADIR or os.getenv("PROSODY_DATADIR");
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
module_versions[name] = module._VERSION;
end
end
+ if luaevent then
+ module_versions["libevent"] = luaevent.core.libevent_version();
+ end
local sorted_keys = array.collect(keys(module_versions)):sort();
- for _, name in ipairs(array.collect(keys(module_versions)):sort()) do
+ for _, name in ipairs(sorted_keys) do
print(name..":"..string.rep(" ", longest_name-#name), module_versions[name]);
end
print("");
else
show_message("Please provide details to include in the certificate config file.");
show_message("Leave the field empty to use the default value or '.' to exclude the field.")
- for i, k in ipairs(openssl._DN_order) do
+ for _, k in ipairs(openssl._DN_order) do
local v = conf.distinguished_name[k];
if v then
local nv;
print("Checking config...");
local deprecated = set.new({
"bosh_ports", "disallow_s2s", "no_daemonize", "anonymous_login", "require_encryption",
+ "vcard_compatibility",
});
local known_global_options = set.new({
"pidfile", "log", "plugin_paths", "prosody_user", "prosody_group", "daemonize",
print(" For more information see https://prosody.im/doc/storage");
end
end
+ local require_encryption = set.intersection(all_options, set.new({"require_encryption", "c2s_require_encryption", "s2s_require_encryption"})):empty();
local ssl = dependencies.softreq"ssl";
if not ssl then
- if not set.intersection(all_options, set.new({"require_encryption", "c2s_require_encryption", "s2s_require_encryption"})):empty() then
+ if not require_encryption then
print("");
print(" You require encryption but LuaSec is not available.");
print(" Connections will fail.");
ok = false;
end
end
+ elseif require_encryption and not all_modules:contains("tls") then
+ print("");
+ print(" You require encryption but mod_tls is not enabled.");
+ print(" Connections will fail.");
+ ok = false;
end
print("Done.\n");
local v6_supported = not not socket.tcp6;
- for host, host_options in enabled_hosts() do
+ for jid, host_options in enabled_hosts() do
local all_targets_ok, some_targets_ok = true, false;
+ local node, host = jid_split(jid);
local is_component = not not host_options.component_module;
- print("Checking DNS for "..(is_component and "component" or "host").." "..host.."...");
+ print("Checking DNS for "..(is_component and "component" or "host").." "..jid.."...");
+ if node then
+ print("Only the domain part ("..host..") is used in DNS.")
+ end
local target_hosts = set.new();
if not is_component then
local res = dns.lookup("_xmpp-client._tcp."..idna.to_ascii(host)..".", "SRV");
else
if c2s_srv_required then
print(" No _xmpp-client SRV record found for "..host..", but it looks like you need one.");
- all_targst_ok = false;
+ all_targets_ok = false;
else
target_hosts:add(host);
end
print(" No 'certificate' found for "..host)
cert_ok = false
elseif not ssl_config.key then
- print(" No 'key' found for for "..host)
+ print(" No 'key' found for "..host)
cert_ok = false
else
local key, err = io.open(ssl_config.key); -- Permissions check only
cert_ok = false
elseif not cert:validat(os.time() + 86400*7) then
print(" Certificate expires within one week.")
- elseif not cert:validat(os.time() + 86400*13) then
+ elseif not cert:validat(os.time() + 86400*31) then
print(" Certificate expires within one month.")
end
if config.get(host, "component_module") == nil
and not x509_verify_identity(host, "_xmpp-client", cert) then
- print(" Not vaild for client connections to "..host..".")
+ print(" Not valid for client connections to "..host..".")
cert_ok = false
end
if (not (config.get(host, "anonymous_login")
or config.get(host, "authentication") == "anonymous"))
and not x509_verify_identity(host, "_xmpp-server", cert) then
- print(" Not vaild for server-to-server connections to "..host..".")
+ print(" Not valid for server-to-server connections to "..host..".")
cert_ok = false
end
end
projects / prosody.git / blobdiff