prosody
5de6b93d0190
util/x509.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

util/x509.lua @ 6777:5de6b93d0190

util.*: Remove use of module() function, make all module functions local and return them in a table at the end
author Kim Alvefur <zash@zash.se>
date Sat, 21 Feb 2015 10:36:37 +0100
parent 6708:d2beb98ece29
child 8555:4f0f5b49bb03
comparison
equal deleted inserted replaced
6774:3965662ae091 6777:5de6b93d0190
22 local idna_to_ascii = require "util.encodings".idna.to_ascii; 22 local idna_to_ascii = require "util.encodings".idna.to_ascii;
23 local base64 = require "util.encodings".base64; 23 local base64 = require "util.encodings".base64;
24 local log = require "util.logger".init("x509"); 24 local log = require "util.logger".init("x509");
25 local s_format = string.format; 25 local s_format = string.format;
26 26
27 module "x509" 27 local _ENV = nil;
28 28
29 local oid_commonname = "2.5.4.3"; -- [LDAP] 2.3 29 local oid_commonname = "2.5.4.3"; -- [LDAP] 2.3
30 local oid_subjectaltname = "2.5.29.17"; -- [PKIX] 4.2.1.6 30 local oid_subjectaltname = "2.5.29.17"; -- [PKIX] 4.2.1.6
31 local oid_xmppaddr = "1.3.6.1.5.5.7.8.5"; -- [XMPP-CORE] 31 local oid_xmppaddr = "1.3.6.1.5.5.7.8.5"; -- [XMPP-CORE]
32 local oid_dnssrv = "1.3.6.1.5.5.7.8.7"; -- [SRV-ID] 32 local oid_dnssrv = "1.3.6.1.5.5.7.8.7"; -- [SRV-ID]
145 end 145 end
146 146
147 return false 147 return false
148 end 148 end
149 149
150 function verify_identity(host, service, cert) 150 local function verify_identity(host, service, cert)
151 if cert.setencode then 151 if cert.setencode then
152 cert:setencode("utf8"); 152 cert:setencode("utf8");
153 end 153 end
154 local ext = cert:extensions() 154 local ext = cert:extensions()
155 if ext[oid_subjectaltname] then 155 if ext[oid_subjectaltname] then
216 end 216 end
217 217
218 local pat = "%-%-%-%-%-BEGIN ([A-Z ]+)%-%-%-%-%-\r?\n".. 218 local pat = "%-%-%-%-%-BEGIN ([A-Z ]+)%-%-%-%-%-\r?\n"..
219 "([0-9A-Za-z+/=\r\n]*)\r?\n%-%-%-%-%-END %1%-%-%-%-%-"; 219 "([0-9A-Za-z+/=\r\n]*)\r?\n%-%-%-%-%-END %1%-%-%-%-%-";
220 220
221 function pem2der(pem) 221 local function pem2der(pem)
222 local typ, data = pem:match(pat); 222 local typ, data = pem:match(pat);
223 if typ and data then 223 if typ and data then
224 return base64.decode(data), typ; 224 return base64.decode(data), typ;
225 end 225 end
226 end 226 end
227 227
228 local wrap = ('.'):rep(64); 228 local wrap = ('.'):rep(64);
229 local envelope = "-----BEGIN %s-----\n%s\n-----END %s-----\n" 229 local envelope = "-----BEGIN %s-----\n%s\n-----END %s-----\n"
230 230
231 function der2pem(data, typ) 231 local function der2pem(data, typ)
232 typ = typ and typ:upper() or "CERTIFICATE"; 232 typ = typ and typ:upper() or "CERTIFICATE";
233 data = base64.encode(data); 233 data = base64.encode(data);
234 return s_format(envelope, typ, data:gsub(wrap, '%0\n', (#data-1)/64), typ); 234 return s_format(envelope, typ, data:gsub(wrap, '%0\n', (#data-1)/64), typ);
235 end 235 end
236 236
237 return _M; 237 return {
238 verify_identity = verify_identity;
239 pem2der = pem2der;
240 der2pem = der2pem;
241 };