equal
deleted
inserted
replaced
8 local jid_split = require "util.jid".split; |
8 local jid_split = require "util.jid".split; |
9 local xmlns_saslcert = "urn:xmpp:saslcert:1"; |
9 local xmlns_saslcert = "urn:xmpp:saslcert:1"; |
10 local dm_load = require "util.datamanager".load; |
10 local dm_load = require "util.datamanager".load; |
11 local dm_store = require "util.datamanager".store; |
11 local dm_store = require "util.datamanager".store; |
12 local dm_table = "client_certs"; |
12 local dm_table = "client_certs"; |
13 local x509 = require "ssl.x509"; |
13 local ssl_x509 = require "ssl.x509"; |
|
14 local util_x509 = require "util.x509"; |
14 local id_on_xmppAddr = "1.3.6.1.5.5.7.8.5"; |
15 local id_on_xmppAddr = "1.3.6.1.5.5.7.8.5"; |
15 local id_ce_subjectAltName = "2.5.29.17"; |
16 local id_ce_subjectAltName = "2.5.29.17"; |
16 local digest_algo = "sha1"; |
17 local digest_algo = "sha1"; |
17 local base64 = require "util.encodings".base64; |
18 local base64 = require "util.encodings".base64; |
18 |
19 |
117 local certs = dm_load(origin.username, module.host, dm_table) or {}; |
118 local certs = dm_load(origin.username, module.host, dm_table) or {}; |
118 |
119 |
119 for digest,info in pairs(certs) do |
120 for digest,info in pairs(certs) do |
120 reply:tag("item") |
121 reply:tag("item") |
121 :tag("name"):text(info.name):up() |
122 :tag("name"):text(info.name):up() |
122 :tag("x509cert"):text(info.x509cert) |
123 :tag("x509cert"):text(info.x509cert):up() |
123 :up(); |
124 :up(); |
124 end |
125 end |
125 |
126 |
126 origin.send(reply); |
127 origin.send(reply); |
127 return true |
128 return true |
142 end |
143 end |
143 |
144 |
144 local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil; |
145 local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil; |
145 x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1"); |
146 x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1"); |
146 |
147 |
147 local cert = x509.load( |
148 local cert = ssl_x509.load(util_x509.der2pem(base64.decode(x509cert))); |
148 "-----BEGIN CERTIFICATE-----\n" |
|
149 .. x509cert .. |
|
150 "\n-----END CERTIFICATE-----\n"); |
|
151 |
|
152 |
149 |
153 if not cert then |
150 if not cert then |
154 origin.send(st.error_reply(stanza, "modify", "not-acceptable", "Could not parse X.509 certificate")); |
151 origin.send(st.error_reply(stanza, "modify", "not-acceptable", "Could not parse X.509 certificate")); |
155 return true; |
152 return true; |
156 end |
153 end |
300 end |
297 end |
301 |
298 |
302 local name = fields.name; |
299 local name = fields.name; |
303 local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1"); |
300 local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1"); |
304 |
301 |
305 local cert = x509.load( |
302 local cert = ssl_x509.load(util_x509.der2pem(base64.decode(x509cert))); |
306 "-----BEGIN CERTIFICATE-----\n" |
|
307 .. x509cert .. |
|
308 "\n-----END CERTIFICATE-----\n"); |
|
309 |
303 |
310 if not cert then |
304 if not cert then |
311 return { status = "completed", error = { message = "Could not parse X.509 certificate" } }; |
305 return { status = "completed", error = { message = "Could not parse X.509 certificate" } }; |
312 end |
306 end |
313 |
307 |
425 end |
419 end |
426 return true; |
420 return true; |
427 end |
421 end |
428 end, 1); |
422 end, 1); |
429 |
423 |
|
424 module:add_feature(xmlns_saslcert); |