prosody-modules
e20901443eae
mod_client_certs/mod_client_certs.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Diff

mod_client_certs/mod_client_certs.lua @ 6208:e20901443eae draft

Merge
author Trần H. Trung <xmpp:trần.h.trung@trung.fun>
date Mon, 17 Mar 2025 23:42:11 +0700
parent 3447:5f2eeebcf899
line wrap: on
line diff
--- a/mod_client_certs/mod_client_certs.lua	Wed Feb 26 19:36:35 2025 +0700
+++ b/mod_client_certs/mod_client_certs.lua	Mon Mar 17 23:42:11 2025 +0700
@@ -10,7 +10,7 @@
 local dm_load = require "util.datamanager".load;
 local dm_store = require "util.datamanager".store;
 local dm_table = "client_certs";
-local ssl_x509 = require "ssl.x509";
+local ssl = require "ssl";
 local util_x509 = require "util.x509";
 local id_on_xmppAddr = "1.3.6.1.5.5.7.8.5";
 local id_ce_subjectAltName = "2.5.29.17";
@@ -141,7 +141,7 @@
 	local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil;
 	x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1");
 
-	local cert = ssl_x509.load(util_x509.der2pem(base64.decode(x509cert)));
+	local cert = ssl.loadcertificate(util_x509.der2pem(base64.decode(x509cert)));
 
 	if not cert then
 		origin.send(st.error_reply(stanza, "modify", "not-acceptable", "Could not parse X.509 certificate"));
@@ -206,8 +206,8 @@
 	instructions = "What action do you want to perform?";
 
 	{ name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/certs#subcmd" };
-	{ name = "subcmd", type = "list-single", label = "Actions", required = true,
-		value = { {label = "Add certificate", value = "add"},
+	{ name = "subcmd", type = "list-single", label = "Actions", required = false,
+		options = { {label = "Add certificate", value = "add"},
 			  {label = "List certificates", value = "list"},
 			  {label = "Disable certificate", value = "disable"},
 			  {label = "Revoke certificate", value = "revoke"},
@@ -292,7 +292,7 @@
 		local name = fields.name;
 		local x509cert = fields.cert:gsub("^%s*(.-)%s*$", "%1");
 
-		local cert = ssl_x509.load(util_x509.der2pem(base64.decode(x509cert)));
+		local cert = ssl.loadcertificate(x509cert);
 
 		if not cert then
 			return { status = "completed", error = { message = "Could not parse X.509 certificate" } };
@@ -327,7 +327,7 @@
 	end
 end
 
-local cmd_desc = adhoc_new("Manage certificates", "http://prosody.im/protocol/certs", adhoc_handler, "user");
+local cmd_desc = adhoc_new("Manage certificates", "http://prosody.im/protocol/certs", adhoc_handler, "any");
 module:provides("adhoc", cmd_desc);
 
 -- Here comes the SASL EXTERNAL stuff