X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=prosody;h=4b016e504e3d9c60c60670704027c2ba8f6f974e;hb=9149c8a40277450a42ced286638787ede4938c08;hp=96223c72f2b7506e88745e1757911a822c66b092;hpb=4899743c62b06d41dd6092fa3435bb64b2d9ce98;p=prosody.git

diff --git a/prosody b/prosody
index 96223c72..4b016e50 100755
--- a/prosody
+++ b/prosody
@@ -22,9 +22,6 @@ if CFG_SOURCEDIR then
 	package.cpath = CFG_SOURCEDIR.."/?.so;"..package.cpath;
 end
 
-package.path = package.path..";"..(CFG_SOURCEDIR or ".").."/fallbacks/?.lua";
-package.cpath = package.cpath..";"..(CFG_SOURCEDIR or ".").."/fallbacks/?.so";
-
 -- Substitute ~ with path to home directory in data path
 if CFG_DATADIR then
 	if os.getenv("HOME") then
@@ -32,31 +29,6 @@ if CFG_DATADIR then
 	end
 end
 
--- Check runtime dependencies
-if not require "util.dependencies".check_dependencies() then
-	os.exit(1);
-end
-
--- Replace require() with one that doesn't pollute _G, required
--- for neat sandboxing of modules
-do
-	local _realG = _G;
-	local _real_require = require;
-	function require(...)
-		local curr_env = getfenv(2);
-		local curr_env_mt = getmetatable(getfenv(2));
-		local _realG_mt = getmetatable(_realG);
-		if curr_env_mt and curr_env_mt.__index and not curr_env_mt.__newindex and _realG_mt then
-			local old_newindex
-			old_newindex, _realG_mt.__newindex = _realG_mt.__newindex, curr_env;
-			local ret = _real_require(...);
-			_realG_mt.__newindex = old_newindex;
-			return ret;
-		end
-		return _real_require(...);
-	end
-end
-
 -- Load the config-parsing module
 config = require "core.configmanager"
 
@@ -112,13 +84,42 @@ function read_config()
 end
 
 function load_libraries()
-	-- Initialize logging
-	require "core.loggingmanager"
-	
 	-- Load socket framework
 	server = require "net.server"
 end	
 
+function init_logging()
+	-- Initialize logging
+	require "core.loggingmanager"
+end
+
+function check_dependencies()
+	-- Check runtime dependencies
+	if not require "util.dependencies".check_dependencies() then
+		os.exit(1);
+	end
+end
+
+function sandbox_require()
+	-- Replace require() with one that doesn't pollute _G, required
+	-- for neat sandboxing of modules
+	local _realG = _G;
+	local _real_require = require;
+	function require(...)
+		local curr_env = getfenv(2);
+		local curr_env_mt = getmetatable(getfenv(2));
+		local _realG_mt = getmetatable(_realG);
+		if curr_env_mt and curr_env_mt.__index and not curr_env_mt.__newindex and _realG_mt then
+			local old_newindex
+			old_newindex, _realG_mt.__newindex = _realG_mt.__newindex, curr_env;
+			local ret = _real_require(...);
+			_realG_mt.__newindex = old_newindex;
+			return ret;
+		end
+		return _real_require(...);
+	end
+end
+
 function init_global_state()
 	bare_sessions = {};
 	full_sessions = {};
@@ -182,12 +183,9 @@ function init_global_state()
 	end
 
 	-- Load SSL settings from config, and create a ctx table
-	local global_ssl_ctx = rawget(_G, "ssl") and config.get("*", "core", "ssl");
-	if global_ssl_ctx then
-		local default_ssl_ctx = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2" };
-		setmetatable(global_ssl_ctx, { __index = default_ssl_ctx });
-		prosody.global_ssl_ctx = global_ssl_ctx;
-	end
+	local certmanager = require "core.certmanager";
+	local global_ssl_ctx = certmanager.create_context("*", "server");
+	prosody.global_ssl_ctx = global_ssl_ctx;
 
 	local cl = require "net.connlisteners";
 	function prosody.net_activate_ports(option, listener, default, conntype)
@@ -225,9 +223,18 @@ function init_global_state()
 							elseif port == 5280 then
 								friendly_message = "check that Prosody or a BOSH connection manager "
 									.."is not already running";
+							else
+								friendly_message = "this port is in use by another application";
 							end
 						elseif err:match("permission") then
 							friendly_message = "Prosody does not have sufficient privileges to use this port";
+						elseif err == "no ssl context" then
+							if not config.get("*", "core", "ssl") then
+								friendly_message = "there is no 'ssl' config under Host \"*\" which is "
+									.."require for legacy SSL ports";
+							else
+								friendly_message = "initializing SSL support failed, see previous log entries";
+							end
 						end
 						log("error", "Failed to open server port %d, %s", port, friendly_message);
 					end
@@ -298,7 +305,7 @@ function init_data_store()
 end
 
 function prepare_to_start()
-	log("debug", "Prosody is using the %s backend for connection handling", server.get_backend());
+	log("info", "Prosody is using the %s backend for connection handling", server.get_backend());
 	-- Signal to modules that we are ready to start
 	eventmanager.fire_event("server-starting");
 	prosody.events.fire_event("server-starting");
@@ -402,7 +409,12 @@ function cleanup()
 end
 
 -- Are you ready? :)
+-- These actions are in a strict order, as many depend on
+-- previous steps to have already been performed
 read_config();
+init_logging();
+check_dependencies();
+sandbox_require();
 load_libraries();
 init_global_state();
 read_version();