25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-22 17:28:25 +01:00

Add acme certificates for all configured hosts in ejabberd_pkix

This commit is contained in:
Konstantinos Kallas 2017-08-19 12:50:40 +03:00
parent ddfe8742c7
commit 7cc7b74f1e
2 changed files with 39 additions and 9 deletions

View File

@ -10,6 +10,8 @@
is_valid_verbose_opt/1,
is_valid_domain_opt/1,
is_valid_revoke_cert/1,
%% Called by ejabberd_pkix
certificate_exists/1,
%% Key Related
generate_key/0,
to_public/1
@ -539,6 +541,25 @@ domain_certificate_exists(Domain) ->
lists:keyfind(Domain, 1, Certs).
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%
%% Called by ejabberd_pkix to check
%% if a certificate exists for a
%% specific host
%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-spec certificate_exists(bitstring()) -> {true, file:filename()} | false.
certificate_exists(Host) ->
Certificates = read_certificates_persistent(),
case lists:keyfind(Host, 1 , Certificates) of
false ->
false;
{Host, #data_cert{path=Path}} ->
{true, Path}
end.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%
%% Certificate Request Functions

View File

@ -204,15 +204,24 @@ add_certfiles(State) ->
end, State, ejabberd_config:get_myhosts()).
add_certfiles(Host, State) ->
lists:foldl(
fun(Opt, AccState) ->
case ejabberd_config:get_option({Opt, Host}) of
undefined -> AccState;
Path ->
{_, NewAccState} = add_certfile(Path, AccState),
NewAccState
end
end, State, [c2s_certfile, s2s_certfile, domain_certfile]).
NewState =
lists:foldl(
fun(Opt, AccState) ->
case ejabberd_config:get_option({Opt, Host}) of
undefined -> AccState;
Path ->
{_, NewAccState} = add_certfile(Path, AccState),
NewAccState
end
end, State, [c2s_certfile, s2s_certfile, domain_certfile]),
%% Add acme certificate if it exists
case ejabberd_acme:certificate_exists(Host) of
{true, Path} ->
{_, FinalState} = add_certfile(Path, NewState),
FinalState;
false ->
NewState
end.
add_certfile(Path, State) ->
case maps:get(Path, State#state.certs, undefined) of