Software / code / prosody-modules
Changeset
1066:83175a6af8c5
mod_auth_ccert: Add optional method for certificates which contain an email address
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 14 Jun 2013 20:12:51 +0200 |
| parents | 1065:3d04d9377a67 |
| children | 1067:8649f78b1dde |
| files | mod_auth_ccert/mod_auth_ccert.lua |
| diffstat | 1 files changed, 13 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_auth_ccert/mod_auth_ccert.lua Fri Jun 14 20:10:33 2013 +0200 +++ b/mod_auth_ccert/mod_auth_ccert.lua Fri Jun 14 20:12:51 2013 +0200 @@ -35,6 +35,19 @@ end end +function username_extractor.email(cert) + local subject = cert:subject(); + for i=1,#subject do + local ava = subject[i]; + if ava.oid == oid_emailAddress then + local username, host = jid_split(ava.value); + if host == module.host then + return username, true + end + end + end +end + local find_username = username_extractor[cert_match]; if not find_username then module:log("error", "certificate_match = %q is not supported");
