From e6f0e0b9d0065fcc94e1c570e48a64b5587a058b Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sat, 27 May 2023 15:40:49 +0200 Subject: net.tls_luasec: Expose method for loading a certificate Further isolates LuaSec from Prosody core, with the ultimate goal of allowing LuaSec to be replaced more easily. --- core/certmanager.lua | 3 +-- net/tls_luasec.lua | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/core/certmanager.lua b/core/certmanager.lua index 82cfd277..5775018d 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -6,7 +6,6 @@ -- COPYING file in the source package for more information. -- -local ssl = require "ssl"; local configmanager = require "prosody.core.configmanager"; local log = require "prosody.util.logger".init("certmanager"); local new_config = require"prosody.net.server".tls_builder; @@ -98,7 +97,7 @@ local function index_certs(dir, files_by_name, depth_limit) local firstline = f:read(); if firstline == "-----BEGIN CERTIFICATE-----" and lfs.attributes(find_matching_key(full), "mode") == "file" then f:seek("set") - local cert = ssl.loadcertificate(f:read("*a")) + local cert = tls.load_certificate(f:read("*a")) -- TODO if more than one cert is found for a name, the most recently -- issued one should be used. -- for now, just filter out expired certs diff --git a/net/tls_luasec.lua b/net/tls_luasec.lua index 917669b8..3af2fc6b 100644 --- a/net/tls_luasec.lua +++ b/net/tls_luasec.lua @@ -110,4 +110,5 @@ local luasec_has = ssl.config or { return { features = luasec_has; new_context = new_context, + load_certificate = ssl.loadcertificate; }; -- cgit v1.2.3