From e6f0e0b9d0065fcc94e1c570e48a64b5587a058b Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Sat, 27 May 2023 15:40:49 +0200
Subject: net.tls_luasec: Expose method for loading a certificate

Further isolates LuaSec from Prosody core, with the ultimate goal of
allowing LuaSec to be replaced more easily.
---
 core/certmanager.lua | 3 +--
 net/tls_luasec.lua   | 1 +
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/certmanager.lua b/core/certmanager.lua
index 82cfd277..5775018d 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -6,7 +6,6 @@
 -- COPYING file in the source package for more information.
 --
 
-local ssl = require "ssl";
 local configmanager = require "prosody.core.configmanager";
 local log = require "prosody.util.logger".init("certmanager");
 local new_config = require"prosody.net.server".tls_builder;
@@ -98,7 +97,7 @@ local function index_certs(dir, files_by_name, depth_limit)
 				local firstline = f:read();
 				if firstline == "-----BEGIN CERTIFICATE-----" and lfs.attributes(find_matching_key(full), "mode") == "file" then
 					f:seek("set")
-					local cert = ssl.loadcertificate(f:read("*a"))
+					local cert = tls.load_certificate(f:read("*a"))
 					-- TODO if more than one cert is found for a name, the most recently
 					-- issued one should be used.
 					-- for now, just filter out expired certs
diff --git a/net/tls_luasec.lua b/net/tls_luasec.lua
index 917669b8..3af2fc6b 100644
--- a/net/tls_luasec.lua
+++ b/net/tls_luasec.lua
@@ -110,4 +110,5 @@ local luasec_has = ssl.config or {
 return {
 	features = luasec_has;
 	new_context = new_context,
+	load_certificate = ssl.loadcertificate;
 };
-- 
cgit v1.2.3