X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=prosodyctl;h=74681e7cd9c66863c31fff1c71371cd4323b025b;hb=HEAD;hp=e3bc6ffabbf0aa20531fac918bcefacae64fd099;hpb=987e2bf92d9d2ff695af42cfaf450ace1c511f6f;p=prosody.git

diff --git a/prosodyctl b/prosodyctl
index e3bc6ffa..74681e7c 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -717,7 +717,7 @@ function cert_commands.config(arg)
 		else
 			show_message("Please provide details to include in the certificate config file.");
 			show_message("Leave the field empty to use the default value or '.' to exclude the field.")
-			for i, k in ipairs(openssl._DN_order) do
+			for _, k in ipairs(openssl._DN_order) do
 				local v = conf.distinguished_name[k];
 				if v then
 					local nv;
@@ -974,9 +974,10 @@ function commands.check(arg)
 				print("    For more information see https://prosody.im/doc/storage");
 			end
 		end
+		local require_encryption = set.intersection(all_options, set.new({"require_encryption", "c2s_require_encryption", "s2s_require_encryption"})):empty();
 		local ssl = dependencies.softreq"ssl";
 		if not ssl then
-			if not set.intersection(all_options, set.new({"require_encryption", "c2s_require_encryption", "s2s_require_encryption"})):empty() then
+			if not require_encryption then
 				print("");
 				print("    You require encryption but LuaSec is not available.");
 				print("    Connections will fail.");
@@ -1006,6 +1007,11 @@ function commands.check(arg)
 					ok = false;
 				end
 			end
+		elseif require_encryption and not all_modules:contains("tls") then
+			print("");
+			print("    You require encryption but mod_tls is not enabled.");
+			print("    Connections will fail.");
+			ok = false;
 		end
 		
 		print("Done.\n");
@@ -1261,13 +1267,13 @@ function commands.check(arg)
 						end
 						if config.get(host, "component_module") == nil
 							and not x509_verify_identity(host, "_xmpp-client", cert) then
-							print("    Not vaild for client connections to "..host..".")
+							print("    Not valid for client connections to "..host..".")
 							cert_ok = false
 						end
 						if (not (config.get(host, "anonymous_login")
 							or config.get(host, "authentication") == "anonymous"))
 							and not x509_verify_identity(host, "_xmpp-server", cert) then
-							print("    Not vaild for server-to-server connections to "..host..".")
+							print("    Not valid for server-to-server connections to "..host..".")
 							cert_ok = false
 						end
 					end