X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=prosodyctl;h=247b099a94f73a30109a7139e45103a9fe32332f;hb=8785dcd4bd1ee99ad5653c0deea83e9730c06400;hp=25acbc6ab90f8e6159d449b852f2d04690ec705c;hpb=80202376eb1cc964374e2a272a50976c497e53bd;p=prosody.git diff --git a/prosodyctl b/prosodyctl index 25acbc6a..247b099a 100755 --- a/prosodyctl +++ b/prosodyctl @@ -51,6 +51,7 @@ local prosody = { lock_globals = function () end; unlock_globals = function () end; installed = CFG_SOURCEDIR ~= nil; + core_post_stanza = function () end; -- TODO: mod_router! }; _G.prosody = prosody; @@ -61,6 +62,7 @@ end config = require "core.configmanager" +local ENV_CONFIG; do local filenames = {}; @@ -81,6 +83,7 @@ do local file = io.open(filename); if file then file:close(); + ENV_CONFIG = filename; CFG_CONFIGDIR = filename:match("^(.*)[\\/][^\\/]*$"); break; end @@ -107,11 +110,11 @@ do os.exit(1); end end -local original_logging_config = config.get("*", "core", "log"); -config.set("*", "core", "log", { { levels = { min="info" }, to = "console" } }); +local original_logging_config = config.get("*", "log"); +config.set("*", "log", { { levels = { min="info" }, to = "console" } }); -local data_path = config.get("*", "core", "data_path") or CFG_DATADIR or "data"; -local custom_plugin_paths = config.get("*", "core", "plugin_paths"); +local data_path = config.get("*", "data_path") or CFG_DATADIR or "data"; +local custom_plugin_paths = config.get("*", "plugin_paths"); if custom_plugin_paths then local path_sep = package.config:sub(3,3); -- path1;path2;path3;defaultpath... @@ -132,7 +135,7 @@ dependencies.log_warnings(); -- Switch away from root and into the prosody user -- local switched_user, current_uid; -local want_pposix_version = "0.3.5"; +local want_pposix_version = "0.3.6"; local ok, pposix = pcall(require, "util.pposix"); if ok and pposix then @@ -140,8 +143,8 @@ if ok and pposix then current_uid = pposix.getuid(); if current_uid == 0 then -- We haz root! - local desired_user = config.get("*", "core", "prosody_user") or "prosody"; - local desired_group = config.get("*", "core", "prosody_group") or desired_user; + local desired_user = config.get("*", "prosody_user") or "prosody"; + local desired_group = config.get("*", "prosody_group") or desired_user; local ok, err = pposix.setgid(desired_group); if ok then ok, err = pposix.initgroups(desired_user); @@ -160,8 +163,9 @@ if ok and pposix then end -- Set our umask to protect data files - pposix.umask(config.get("*", "core", "umask") or "027"); + pposix.umask(config.get("*", "umask") or "027"); pposix.setenv("HOME", data_path); + pposix.setenv("PROSODY_CONFIG", ENV_CONFIG); else print("Error: Unable to load pposix module. Check that Prosody is installed correctly.") print("For more help send the below error to us through http://prosody.im/discuss"); @@ -264,7 +268,7 @@ local show_yesno = prosodyctl.show_yesno; local show_prompt = prosodyctl.show_prompt; local read_password = prosodyctl.read_password; -local prosodyctl_timeout = (config.get("*", "core", "prosodyctl_timeout") or 5) * 2; +local prosodyctl_timeout = (config.get("*", "prosodyctl_timeout") or 5) * 2; ----------------------- local commands = {}; local command = arg[1]; @@ -407,7 +411,7 @@ function commands.start(arg) local ok, ret = prosodyctl.start(); if ok then - if config.get("*", "core", "daemonize") ~= false then + if config.get("*", "daemonize") ~= false then local i=1; while true do local ok, running = prosodyctl.isrunning(); @@ -650,25 +654,35 @@ end function cert_commands.config(arg) if #arg >= 1 and arg[1] ~= "--help" then - local conf_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".cnf"; + local conf_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".cnf"; if ask_overwrite(conf_filename) then return nil, conf_filename; end local conf = openssl.config.new(); conf:from_prosody(hosts, config, arg); - for k, v in pairs(conf.distinguished_name) do - local nv; - if k == "commonName" then - v = arg[1] - elseif k == "emailAddress" then - v = "xmpp@" .. arg[1]; - end - nv = show_prompt(("%s (%s):"):format(k, nv or v)); - nv = (not nv or nv == "") and v or nv; - if nv:find"[\192-\252][\128-\191]+" then - conf.req.string_mask = "utf8only" + show_message("Please provide details to include in the certificate config file."); + show_message("Leave the field empty to use the default value or '.' to exclude the field.") + for i, k in ipairs(openssl._DN_order) do + local v = conf.distinguished_name[k]; + if v then + local nv; + if k == "commonName" then + v = arg[1] + elseif k == "emailAddress" then + v = "xmpp@" .. arg[1]; + elseif k == "countryName" then + local tld = arg[1]:match"%.([a-z]+)$"; + if tld and #tld == 2 and tld ~= "uk" then + v = tld:upper(); + end + end + nv = show_prompt(("%s (%s):"):format(k, nv or v)); + nv = (not nv or nv == "") and v or nv; + if nv:find"[\192-\252][\128-\191]+" then + conf.req.string_mask = "utf8only" + end + conf.distinguished_name[k] = nv ~= "." and nv or nil; end - conf.distinguished_name[k] = nv ~= "." and nv or nil; end local conf_file = io.open(conf_filename, "w"); conf_file:write(conf:serialize()); @@ -683,7 +697,7 @@ end function cert_commands.key(arg) if #arg >= 1 and arg[1] ~= "--help" then - local key_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".key"; + local key_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".key"; if ask_overwrite(key_filename) then return nil, key_filename; end @@ -705,7 +719,7 @@ end function cert_commands.request(arg) if #arg >= 1 and arg[1] ~= "--help" then - local req_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".req"; + local req_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".req"; if ask_overwrite(req_filename) then return nil, req_filename; end @@ -723,7 +737,7 @@ end function cert_commands.generate(arg) if #arg >= 1 and arg[1] ~= "--help" then - local cert_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".crt"; + local cert_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".crt"; if ask_overwrite(cert_filename) then return nil, cert_filename; end