Hey, Update to prosody. Latest version.
I noticed that the SSL key generation creates the key with a permission that _prosody cannot access. Fixed this in the certs Makefile and in the sample key. Tested on my laptop connecting PSI and Pidgin and sending messages between two different users over a TLS encrypted connection. All seems well. Comments, OK? Index: Makefile =================================================================== RCS file: /home/edd/cvsync/ports/net/prosody/Makefile,v retrieving revision 1.31 diff -u -p -r1.31 Makefile --- Makefile 27 Nov 2014 08:12:51 -0000 1.31 +++ Makefile 12 Jan 2015 23:42:43 -0000 @@ -3,10 +3,9 @@ SHARED_ONLY= Yes COMMENT= communications server for Jabber/XMPP written in Lua -DISTNAME= prosody-0.9.6 +DISTNAME = prosody-0.9.7 CATEGORIES= net MASTER_SITES= http://prosody.im/downloads/source/ -REVISION = 0 HOMEPAGE= http://prosody.im/ Index: distinfo =================================================================== RCS file: /home/edd/cvsync/ports/net/prosody/distinfo,v retrieving revision 1.8 diff -u -p -r1.8 distinfo --- distinfo 27 Oct 2014 13:41:17 -0000 1.8 +++ distinfo 12 Jan 2015 21:34:11 -0000 @@ -1,2 +1,2 @@ -SHA256 (prosody-0.9.6.tar.gz) = dSGM+QeJuYIAkxE15K7se9FS+4n11Juwe63NHCxWQOc= -SIZE (prosody-0.9.6.tar.gz) = 266740 +SHA256 (prosody-0.9.7.tar.gz) = 3UuZs5l2RCBViYyTPAE1mOVYvu0R13lddv/A8ah+LgA= +SIZE (prosody-0.9.7.tar.gz) = 266638 Index: patches/patch-certs_Makefile =================================================================== RCS file: /home/edd/cvsync/ports/net/prosody/patches/patch-certs_Makefile,v retrieving revision 1.3 diff -u -p -r1.3 patch-certs_Makefile --- patches/patch-certs_Makefile 23 Apr 2014 17:59:01 -0000 1.3 +++ patches/patch-certs_Makefile 12 Jan 2015 23:31:23 -0000 @@ -1,6 +1,6 @@ $OpenBSD: patch-certs_Makefile,v 1.3 2014/04/23 17:59:01 jca Exp $ ---- certs/Makefile.orig Thu Feb 27 20:04:09 2014 -+++ certs/Makefile Thu Feb 27 20:05:11 2014 +--- certs/Makefile.orig Fri Oct 24 23:30:55 2014 ++++ certs/Makefile Mon Jan 12 23:30:53 2015 @@ -2,13 +2,13 @@ keysize=2048 @@ -19,3 +19,9 @@ $OpenBSD: patch-certs_Makefile,v 1.3 201 # to generate a self signed certificate. .PRECIOUS: %.cnf %.key +@@ -28,3 +28,5 @@ keysize=2048 + %.key: + openssl genrsa $(keysize) > $@ + @chmod 400 $@ ++ @chown _prosody $@ || \ ++ echo "***WARNING***: You will need to 'chown _prosody $@'" Index: pkg/PLIST =================================================================== RCS file: /home/edd/cvsync/ports/net/prosody/pkg/PLIST,v retrieving revision 1.8 diff -u -p -r1.8 PLIST --- pkg/PLIST 23 Apr 2014 17:59:01 -0000 1.8 +++ pkg/PLIST 12 Jan 2015 23:44:51 -0000 @@ -157,8 +157,12 @@ share/examples/prosody/certs/example.com share/examples/prosody/certs/localhost.cnf share/examples/prosody/certs/localhost.crt @sample ${SYSCONFDIR}/prosody/certs/localhost.crt +@mode 400 +@owner _prosody share/examples/prosody/certs/localhost.key @sample ${SYSCONFDIR}/prosody/certs/localhost.key +@mode +@owner share/examples/prosody/certs/openssl.cnf @sample ${SYSCONFDIR}/prosody/certs/openssl.cnf share/examples/prosody/prosody.cfg.lua -- Best Regards Edd Barrett http://www.theunixzoo.co.uk