Mercurial > prosody-modules

changeset 1066:83175a6af8c5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_auth_ccert: Add optional method for certificates which contain an email address
author Kim Alvefur <zash@zash.se>
date Fri, 14 Jun 2013 20:12:51 +0200
parents 3d04d9377a67
children 8649f78b1dde
files mod_auth_ccert/mod_auth_ccert.lua
diffstat 1 files changed, 13 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mod_auth_ccert/mod_auth_ccert.lua	Fri Jun 14 20:10:33 2013 +0200
+++ b/mod_auth_ccert/mod_auth_ccert.lua	Fri Jun 14 20:12:51 2013 +0200
@@ -35,6 +35,19 @@
 	end
 end
 
+function username_extractor.email(cert)
+	local subject = cert:subject();
+	for i=1,#subject do
+		local ava = subject[i];
+		if ava.oid == oid_emailAddress then
+			local username, host = jid_split(ava.value);
+			if host == module.host then
+				return username, true
+			end
+		end
+	end
+end
+
 local find_username = username_extractor[cert_match];
 if not find_username then
 	module:log("error", "certificate_match = %q is not supported");