# HG changeset patch # User Thijs Alkemade # Date 1367271136 -7200 # Node ID 17ba2c59d6618614b4767528df602dcc7cdd5b70 # Parent 7c04c5856daac089ac4285373abf61c0ff32dd54 mod_client_certs: Updated to match the specification in urn:xmpp:saslcert:1. diff -r 7c04c5856daa -r 17ba2c59d661 mod_client_certs/mod_client_certs.lua --- a/mod_client_certs/mod_client_certs.lua Mon Apr 29 22:53:39 2013 +0200 +++ b/mod_client_certs/mod_client_certs.lua Mon Apr 29 23:32:16 2013 +0200 @@ -6,8 +6,7 @@ local st = require "util.stanza"; local jid_bare = require "util.jid".bare; local jid_split = require "util.jid".split; -local xmlns_saslcert = "urn:xmpp:saslcert:0"; -local xmlns_pubkey = "urn:xmpp:tmp:pubkey"; +local xmlns_saslcert = "urn:xmpp:saslcert:1"; local dm_load = require "util.datamanager".load; local dm_store = require "util.datamanager".store; local dm_table = "client_certs"; @@ -62,7 +61,7 @@ end if not found then - return nil, "This certificate is has no valid id-on-xmppAddr field."; + return nil, "This certificate has no valid id-on-xmppAddr field."; end end @@ -71,7 +70,7 @@ info.pem = cert:pem(); local digest = cert:digest(digest_algo); info.digest = digest; - certs[info.id] = info; + certs[info.name] = info; dm_store(username, module.host, dm_table, certs); return true @@ -118,9 +117,8 @@ local certs = dm_load(origin.username, module.host, dm_table) or {}; for digest,info in pairs(certs) do - reply:tag("item", { id = info.id }) + reply:tag("item") :tag("name"):text(info.name):up() - :tag("keyinfo", { xmlns = xmlns_pubkey }):tag("name"):text(info["key_name"]):up() :tag("x509cert"):text(info.x509cert) :up(); end @@ -136,23 +134,15 @@ local append = stanza:get_child("append", xmlns_saslcert); local name = append:get_child_text("name", xmlns_saslcert); - local key_info = append:get_child("keyinfo", xmlns_pubkey); + local x509cert = append:get_child_text("x509cert", xmlns_saslcert); - if not key_info or not name then + if not x509cert or not name then origin.send(st.error_reply(stanza, "cancel", "bad-request", "Missing fields.")); -- cancel? not modify? return true end - local id = key_info:get_child_text("name", xmlns_pubkey); - local x509cert = key_info:get_child_text("x509cert", xmlns_pubkey); - - if not id or not x509cert then - origin.send(st.error_reply(stanza, "cancel", "bad-request", "No certificate found.")); - return true - end - - local can_manage = key_info:get_child("no-cert-management", xmlns_saslcert) ~= nil; - local x509cert = key_info:get_child_text("x509cert"):gsub("^%s*(.-)%s*$", "%1"); + local can_manage = append:get_child("no-cert-management", xmlns_saslcert) ~= nil; + x509cert = x509cert:gsub("^%s*(.-)%s*$", "%1"); local cert = x509.cert_from_pem( "-----BEGIN CERTIFICATE-----\n" @@ -166,7 +156,6 @@ end local ok, err = enable_cert(origin.username, cert, { - id = id, name = name, x509cert = x509cert, no_cert_management = can_manage, @@ -192,8 +181,7 @@ local disable = stanza.tags[1]; module:log("debug", "%s disabled a certificate", origin.full_jid); - local item = disable:get_child("item"); - local name = item and item.attr.id; + local name = disable:get_child_text("name"); if not name then origin.send(st.error_reply(stanza, "cancel", "bad-request", "No key specified.")); @@ -275,7 +263,7 @@ local certs = dm_load(jid_split(data.from), module.host, dm_table) or {}; for digest, info in pairs(certs) do - list_layout[#list_layout + 1] = { name = info.id, type = "text-multi", label = info.name, value = info.x509cert }; + list_layout[#list_layout + 1] = { name = info.name, type = "text-multi", label = info.name, value = info.x509cert }; end return { status = "completed", result = list_layout }; @@ -297,7 +285,7 @@ local values = {}; for digest, info in pairs(certs) do - values[#values + 1] = { label = info.name, value = info.id }; + values[#values + 1] = { label = info.name, value = info.name }; end return { status = "executing", form = { layout = layout, values = { cert = values } }, actions = { "prev", "next", "complete" } }, @@ -324,7 +312,6 @@ end local ok, err = enable_cert(jid_split(data.from), cert, { - id = cert:digest(digest_algo), name = name, x509cert = x509cert, no_cert_management = not fields.manage