# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1367235059 -7200
# Node ID d911d9fb3929186bcf32efdcf02ce3eda761c502
# Parent  329ebdfb39a2360394f5ce89afa072b07b802fee
util.openssl: Write the distinguished_name part of the config in a consistent order

diff -r 329ebdfb39a2 -r d911d9fb3929 util/openssl.lua
--- a/util/openssl.lua	Mon Apr 29 11:25:12 2013 +0100
+++ b/util/openssl.lua	Mon Apr 29 13:30:59 2013 +0200
@@ -23,11 +23,12 @@
 			prompt = "no",
 		},
 		distinguished_name = {
-			commonName = "example.com",
 			countryName = "GB",
+			-- stateOrProvinceName = "",
 			localityName = "The Internet",
 			organizationName = "Your Organisation",
 			organizationalUnitName = "XMPP Department",
+			commonName = "example.com",
 			emailAddress = "xmpp@example.com",
 		},
 		v3_extensions = {
@@ -43,6 +44,17 @@
 	}, ssl_config_mt);
 end
 
+local DN_order = {
+	"countryName";
+	"stateOrProvinceName";
+	"localityName";
+	"streetAddress";
+	"organizationName";
+	"organizationalUnitName";
+	"commonName";
+	"emailAddress";
+}
+_M._DN_order = DN_order;
 function ssl_config:serialize()
 	local s = "";
 	for k, t in pairs(self) do
@@ -53,6 +65,14 @@
 					s = s .. s_format("%s.%d = %s\n", san, i -1, n[i]);
 				end
 			end
+		elseif k == "distinguished_name" then
+			for i=1,#DN_order do
+				local k = DN_order[i]
+				local v = t[k];
+				if v then
+					s = s .. ("%s = %s\n"):format(k, v);
+				end
+			end
 		else
 			for k, v in pairs(t) do
 				s = s .. ("%s = %s\n"):format(k, v);