What steps will reproduce the problem?
1. Component "foo@bar"
2. Have certificate for "bar"
3. prosodyctl check
What is the expected output?
Duno, ignore that maybe?
What do you see instead?
x509 info Host foo@bar failed IDNA ToASCII operation
Zash
on
Changes
tags Milestone-0.10
Zash
on
How about this:
diff -r 56abe6a8e761 prosodyctl
--- a/prosodyctl Tue Nov 29 08:20:42 2016 +0100
+++ b/prosodyctl Tue Nov 29 08:51:48 2016 +0100
@@ -1220,7 +1220,15 @@ function commands.check(arg)
print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking");
cert_ok = false
else
- for host in enabled_hosts() do
+ local function skip_bare_jid_hosts(host)
+ -- See issue #779
+ if jid_split(host) then
+ print("Skipping checks for "..host.." because reasons"); -- FIXME How to word this?
+ return false;
+ end
+ return true;
+ end
+ for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do
print("Checking certificate for "..host);
-- First, let's find out what certificate this host uses.
local host_ssl_config = config.rawget(host, "ssl")
MattJ
on
Changes
tags Status-Accepted
Zash
on
This just needs some wordsmithing and the above patch.
What steps will reproduce the problem? 1. Component "foo@bar" 2. Have certificate for "bar" 3. prosodyctl check What is the expected output? Duno, ignore that maybe? What do you see instead? x509 info Host foo@bar failed IDNA ToASCII operation
How about this: diff -r 56abe6a8e761 prosodyctl --- a/prosodyctl Tue Nov 29 08:20:42 2016 +0100 +++ b/prosodyctl Tue Nov 29 08:51:48 2016 +0100 @@ -1220,7 +1220,15 @@ function commands.check(arg) print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking"); cert_ok = false else - for host in enabled_hosts() do + local function skip_bare_jid_hosts(host) + -- See issue #779 + if jid_split(host) then + print("Skipping checks for "..host.." because reasons"); -- FIXME How to word this? + return false; + end + return true; + end + for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do print("Checking certificate for "..host); -- First, let's find out what certificate this host uses. local host_ssl_config = config.rawget(host, "ssl")
This just needs some wordsmithing and the above patch.
Maybe just silently ignore such hosts?
Committed without message for now: https://hg.prosody.im/0.10/rev/331caee0c774
Changes