Software /
code /
prosody-modules
Comparison
mod_auth_ccert/mod_auth_ccert.lua @ 1067:8649f78b1dde
mod_auth_ccert: Pass on the authz to the configurable username-figure-outer function
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 14 Jun 2013 20:22:17 +0200 |
parent | 1066:83175a6af8c5 |
child | 1068:8ad0d234608c |
comparison
equal
deleted
inserted
replaced
1066:83175a6af8c5 | 1067:8649f78b1dde |
---|---|
12 | 12 |
13 local cert_match = module:get_option("certificate_match", "xmppaddr"); | 13 local cert_match = module:get_option("certificate_match", "xmppaddr"); |
14 | 14 |
15 local username_extractor = {} | 15 local username_extractor = {} |
16 | 16 |
17 function username_extractor.xmppaddr(cert) | 17 function username_extractor.xmppaddr(cert, authz) |
18 local extensions = cert:extensions(); | 18 local extensions = cert:extensions(); |
19 local SANs = extensions[subject_alternative_name]; | 19 local SANs = extensions[subject_alternative_name]; |
20 local xmppAddrs = SANs and SANs[id_on_xmppAddr]; | 20 local xmppAddrs = SANs and SANs[id_on_xmppAddr]; |
21 | 21 |
22 if not xmppAddrs then | 22 if not xmppAddrs then |
82 (session.log or log)("warn", "%d: %s", i, table.concat(chain_errors, ", ")); | 82 (session.log or log)("warn", "%d: %s", i, table.concat(chain_errors, ", ")); |
83 end | 83 end |
84 return nil, false; | 84 return nil, false; |
85 end | 85 end |
86 | 86 |
87 return find_username(cert); | 87 return find_username(cert, authz); |
88 end | 88 end |
89 }); | 89 }); |
90 end | 90 end |
91 | 91 |
92 module:provides "auth"; | 92 module:provides "auth"; |