# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1371233571 -7200
# Node ID 83175a6af8c5b5a680190d3bef9472f870b594fd
# Parent  3d04d9377a6756a06d7f371b07595d958949ce5e
mod_auth_ccert: Add optional method for certificates which contain an email address

diff -r 3d04d9377a67 -r 83175a6af8c5 mod_auth_ccert/mod_auth_ccert.lua
--- a/mod_auth_ccert/mod_auth_ccert.lua	Fri Jun 14 20:10:33 2013 +0200
+++ b/mod_auth_ccert/mod_auth_ccert.lua	Fri Jun 14 20:12:51 2013 +0200
@@ -35,6 +35,19 @@
 	end
 end
 
+function username_extractor.email(cert)
+	local subject = cert:subject();
+	for i=1,#subject do
+		local ava = subject[i];
+		if ava.oid == oid_emailAddress then
+			local username, host = jid_split(ava.value);
+			if host == module.host then
+				return username, true
+			end
+		end
+	end
+end
+
 local find_username = username_extractor[cert_match];
 if not find_username then
 	module:log("error", "certificate_match = %q is not supported");