@@ -202,37 +202,44 @@ impl CertPaths {
202202
203203 /// Load certificates from the paths.
204204///
205- /// If both are `None`, return `Ok(None)`.
206- ///
207- /// If `self.file` is `Some`, it is always used, so it must be a path to an existing,
208- /// accessible file from which certificates can be loaded successfully. While parsing,
209- /// the rustls-pki-types PEM parser will ignore parts of the file which are
210- /// not considered part of a certificate. Certificates which are not in the right
211- /// format (PEM) or are otherwise corrupted may get ignored silently.
212- ///
213- /// If `self.dir` is defined, a directory must exist at this path, and all
214- /// [hash files](`is_hash_file_name()`) contained in it must be loaded successfully,
215- /// subject to the rules outlined above for `self.file`. The directory is not
216- /// scanned recursively and may be empty.
205+ /// See [`load_certs_from_paths()`].
217206fn load ( & self ) -> CertificateResult {
218- let mut out = CertificateResult :: default ( ) ;
219- if self . file . is_none ( ) && self . dir . is_none ( ) {
220- return out;
221- }
207+ load_certs_from_paths ( self . file . as_deref ( ) , self . dir . as_deref ( ) )
208+ }
209+ }
222210
223- if let Some ( cert_file) = & self . file {
224- load_pem_certs ( cert_file, & mut out) ;
225- }
211+ /// Load certificates from the given paths.
212+ ///
213+ /// If both are `None`, returns an empty [`CertificateResult`].
214+ ///
215+ /// If `file` is `Some`, it is always used, so it must be a path to an existing,
216+ /// accessible file from which certificates can be loaded successfully. While parsing,
217+ /// the rustls-pki-types PEM parser will ignore parts of the file which are
218+ /// not considered part of a certificate. Certificates which are not in the right
219+ /// format (PEM) or are otherwise corrupted may get ignored silently.
220+ ///
221+ /// If `dir` is defined, a directory must exist at this path, and all
222+ /// hash files contained in it must be loaded successfully,
223+ /// subject to the rules outlined above for `file`. The directory is not
224+ /// scanned recursively and may be empty.
225+ pub fn load_certs_from_paths ( file : Option < & Path > , dir : Option < & Path > ) -> CertificateResult {
226+ let mut out = CertificateResult :: default ( ) ;
227+ if file. is_none ( ) && dir. is_none ( ) {
228+ return out;
229+ }
226230
227- if let Some ( cert_dir ) = & self . dir {
228- load_pem_certs_from_dir ( cert_dir , & mut out) ;
229- }
231+ if let Some ( cert_file ) = file {
232+ load_pem_certs ( cert_file , & mut out) ;
233+ }
230234
231- out. certs
232- . sort_unstable_by ( |a, b| a. cmp ( b) ) ;
233- out. certs . dedup ( ) ;
234- out
235+ if let Some ( cert_dir) = dir {
236+ load_pem_certs_from_dir ( cert_dir, & mut out) ;
235237 }
238+
239+ out. certs
240+ . sort_unstable_by ( |a, b| a. cmp ( b) ) ;
241+ out. certs . dedup ( ) ;
242+ out
236243}
237244
238245/// Load certificate from certificate directory (what OpenSSL calls CAdir)
0 commit comments