net.tls_luasec: Expose method for loading a certificate
Further isolates LuaSec from Prosody core, with the ultimate goal of
allowing LuaSec to be replaced more easily.
--- a/core/certmanager.lua Sat May 27 15:39:26 2023 +0200
+++ b/core/certmanager.lua Sat May 27 15:40:49 2023 +0200
@@ -6,7 +6,6 @@
-- COPYING file in the source package for more information.
--
-local ssl = require "ssl";
local configmanager = require "prosody.core.configmanager";
local log = require "prosody.util.logger".init("certmanager");
local new_config = require"prosody.net.server".tls_builder;
@@ -98,7 +97,7 @@
local firstline = f:read();
if firstline == "-----BEGIN CERTIFICATE-----" and lfs.attributes(find_matching_key(full), "mode") == "file" then
f:seek("set")
- local cert = ssl.loadcertificate(f:read("*a"))
+ local cert = tls.load_certificate(f:read("*a"))
-- TODO if more than one cert is found for a name, the most recently
-- issued one should be used.
-- for now, just filter out expired certs
--- a/net/tls_luasec.lua Sat May 27 15:39:26 2023 +0200
+++ b/net/tls_luasec.lua Sat May 27 15:40:49 2023 +0200
@@ -110,4 +110,5 @@
return {
features = luasec_has;
new_context = new_context,
+ load_certificate = ssl.loadcertificate;
};