Comparison

mod_client_certs/mod_client_certs.lua @ 1096:1abb8f2a5761

mod_client_certs: Update for x509 API in LuaSec 0.5
author Kim Alvefur <zash@zash.se>
date Sun, 30 Jun 2013 01:12:24 +0200
parent 990:17ba2c59d661
child 1343:7dbde05b48a9
comparison
equal deleted inserted replaced
1095:cb21928bca1d 1096:1abb8f2a5761
41 module:log("debug", "This certificate is already expired."); 41 module:log("debug", "This certificate is already expired.");
42 return nil, "This certificate is expired."; 42 return nil, "This certificate is expired.";
43 end 43 end
44 --]] 44 --]]
45 45
46 if not cert:valid_at(os.time()) then 46 if not cert:validat(os.time()) then
47 module:log("debug", "This certificate is not valid at this moment."); 47 module:log("debug", "This certificate is not valid at this moment.");
48 end 48 end
49 49
50 local valid_id_on_xmppAddrs; 50 local valid_id_on_xmppAddrs;
51 local require_id_on_xmppAddr = true; 51 local require_id_on_xmppAddr = true;
142 end 142 end
143 143
144 local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil; 144 local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil;
145 x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1"); 145 x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1");
146 146
147 local cert = x509.cert_from_pem( 147 local cert = x509.load(
148 "-----BEGIN CERTIFICATE-----\n" 148 "-----BEGIN CERTIFICATE-----\n"
149 .. x509cert .. 149 .. x509cert ..
150 "\n-----END CERTIFICATE-----\n"); 150 "\n-----END CERTIFICATE-----\n");
151 151
152 152
300 end 300 end
301 301
302 local name = fields.name; 302 local name = fields.name;
303 local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1"); 303 local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1");
304 304
305 local cert = x509.cert_from_pem( 305 local cert = x509.load(
306 "-----BEGIN CERTIFICATE-----\n" 306 "-----BEGIN CERTIFICATE-----\n"
307 .. x509cert .. 307 .. x509cert ..
308 "\n-----END CERTIFICATE-----\n"); 308 "\n-----END CERTIFICATE-----\n");
309 309
310 if not cert then 310 if not cert then
353 if not cert then 353 if not cert then
354 module:log("error", "No Client Certificate"); 354 module:log("error", "No Client Certificate");
355 return 355 return
356 end 356 end
357 module:log("info", "Client Certificate: %s", cert:digest(digest_algo)); 357 module:log("info", "Client Certificate: %s", cert:digest(digest_algo));
358 if not cert:valid_at(now()) then 358 if not cert:validat(now()) then
359 module:log("debug", "Client has an expired certificate", cert:digest(digest_algo)); 359 module:log("debug", "Client has an expired certificate", cert:digest(digest_algo));
360 return 360 return
361 end 361 end
362 module:log("debug", "Stream features:\n%s", tostring(features)); 362 module:log("debug", "Stream features:\n%s", tostring(features));
363 local mechs = features:get_child("mechanisms", "urn:ietf:params:xml:ns:xmpp-sasl"); 363 local mechs = features:get_child("mechanisms", "urn:ietf:params:xml:ns:xmpp-sasl");