equal
deleted
inserted
replaced
41 module:log("debug", "This certificate is already expired."); |
41 module:log("debug", "This certificate is already expired."); |
42 return nil, "This certificate is expired."; |
42 return nil, "This certificate is expired."; |
43 end |
43 end |
44 --]] |
44 --]] |
45 |
45 |
46 if not cert:valid_at(os.time()) then |
46 if not cert:validat(os.time()) then |
47 module:log("debug", "This certificate is not valid at this moment."); |
47 module:log("debug", "This certificate is not valid at this moment."); |
48 end |
48 end |
49 |
49 |
50 local valid_id_on_xmppAddrs; |
50 local valid_id_on_xmppAddrs; |
51 local require_id_on_xmppAddr = true; |
51 local require_id_on_xmppAddr = true; |
142 end |
142 end |
143 |
143 |
144 local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil; |
144 local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil; |
145 x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1"); |
145 x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1"); |
146 |
146 |
147 local cert = x509.cert_from_pem( |
147 local cert = x509.load( |
148 "-----BEGIN CERTIFICATE-----\n" |
148 "-----BEGIN CERTIFICATE-----\n" |
149 .. x509cert .. |
149 .. x509cert .. |
150 "\n-----END CERTIFICATE-----\n"); |
150 "\n-----END CERTIFICATE-----\n"); |
151 |
151 |
152 |
152 |
300 end |
300 end |
301 |
301 |
302 local name = fields.name; |
302 local name = fields.name; |
303 local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1"); |
303 local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1"); |
304 |
304 |
305 local cert = x509.cert_from_pem( |
305 local cert = x509.load( |
306 "-----BEGIN CERTIFICATE-----\n" |
306 "-----BEGIN CERTIFICATE-----\n" |
307 .. x509cert .. |
307 .. x509cert .. |
308 "\n-----END CERTIFICATE-----\n"); |
308 "\n-----END CERTIFICATE-----\n"); |
309 |
309 |
310 if not cert then |
310 if not cert then |
353 if not cert then |
353 if not cert then |
354 module:log("error", "No Client Certificate"); |
354 module:log("error", "No Client Certificate"); |
355 return |
355 return |
356 end |
356 end |
357 module:log("info", "Client Certificate: %s", cert:digest(digest_algo)); |
357 module:log("info", "Client Certificate: %s", cert:digest(digest_algo)); |
358 if not cert:valid_at(now()) then |
358 if not cert:validat(now()) then |
359 module:log("debug", "Client has an expired certificate", cert:digest(digest_algo)); |
359 module:log("debug", "Client has an expired certificate", cert:digest(digest_algo)); |
360 return |
360 return |
361 end |
361 end |
362 module:log("debug", "Stream features:\n%s", tostring(features)); |
362 module:log("debug", "Stream features:\n%s", tostring(features)); |
363 local mechs = features:get_child("mechanisms", "urn:ietf:params:xml:ns:xmpp-sasl"); |
363 local mechs = features:get_child("mechanisms", "urn:ietf:params:xml:ns:xmpp-sasl"); |