# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1662546540 -3600
# Node ID cf8a6710c91cbdeb62200603df76529434511a1a
# Parent  140f7926946bd28e982521ebbfb2a1a20cf0ac93
mod_c2s: Add session.ssl_cfg/ssl_ctx for direct TLS connections

diff -r 140f7926946b -r cf8a6710c91c plugins/mod_c2s.lua
--- a/plugins/mod_c2s.lua	Wed Sep 07 11:26:42 2022 +0100
+++ b/plugins/mod_c2s.lua	Wed Sep 07 11:29:00 2022 +0100
@@ -11,9 +11,11 @@
 local add_task = require "prosody.util.timer".add_task;
 local new_xmpp_stream = require "prosody.util.xmppstream".new;
 local nameprep = require "prosody.util.encodings".stringprep.nameprep;
+local certmanager = require "prosody.core.certmanager";
 local sessionmanager = require "prosody.core.sessionmanager";
 local statsmanager = require "prosody.core.statsmanager";
 local st = require "prosody.util.stanza";
+local pm_get_tls_config_at = require "core.portmanager".get_tls_config_at;
 local sm_new_session, sm_destroy_session = sessionmanager.new_session, sessionmanager.destroy_session;
 local uuid_generate = require "prosody.util.uuid".generate;
 local async = require "prosody.util.async";
@@ -308,6 +310,12 @@
 		session.secure = true;
 		session.encrypted = true;
 
+		local server = conn:server();
+		local tls_config = pm_get_tls_config_at(server:ip(), server:serverport());
+		local autocert = certmanager.find_host_cert(session.conn:socket():getsniname());
+		session.ssl_cfg = autocert or tls_config;
+		session.ssl_ctx = conn:sslctx();
+
 		-- Check if TLS compression is used
 		local info = conn:ssl_info();
 		if type(info) == "table" then