summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoger Planas <roger.planas@isode.com>2015-07-20 11:09:59 (GMT)
committerRoger Planas <roger.planas@isode.com>2015-07-21 12:30:00 (GMT)
commit02ecf91d261276ec6f1e46b537ac0e10ebae3170 (patch)
treeca7ac3d8c0b12870f43587f87d1bdcaf7ca0e1f5
parentf10bd4cc1f570b27943d27e536d1dcfbcd55ec6a (diff)
downloadswift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.zip
swift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.tar.bz2
Sluift: Add set_certificate for sluift clients
This patch introduces a 'set_certificate' API for Sluift clients, which it is just a wrapper around Swiften's Core client setCertificate. Test-Information: Generated different user certificates for a user (trusted, untrusted, invalid, expired...) and set M-Link to enable flag 'tls_require_client_cert'. Calling 'set_certificate' with these certificates behaved as expected, either letting the Sluift client to authenticate or not. Also tested caling 'set_certificate' with no parameter, and the certificate was successfully cleared (that is, client would no longer be able to connect) Change-Id: Ieb56d59f7f7c1c7027f0fe56905fb83ac3b25298
-rw-r--r--Sluift/client.cpp26
1 files changed, 25 insertions, 1 deletions
diff --git a/Sluift/client.cpp b/Sluift/client.cpp
index f1fc2c7..813c180 100644
--- a/Sluift/client.cpp
+++ b/Sluift/client.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2014 Isode Limited.
+ * Copyright (c) 2013-2015 Isode Limited.
* All rights reserved.
* See the COPYING file for more information.
*/
@@ -28,6 +28,7 @@
#include <Swiften/Roster/XMPPRosterItem.h>
#include <Swiften/Queries/IQRouter.h>
#include <Swiften/Queries/Requests/GetSoftwareVersionRequest.h>
+#include <Swiften/TLS/PKCS12Certificate.h>
#include <Sluift/Lua/FunctionRegistration.h>
#include <Swiften/Base/foreach.h>
#include <Swiften/Base/IDGenerator.h>
@@ -732,6 +733,29 @@ SLUIFT_LUA_FUNCTION_WITH_HELP(
}
SLUIFT_LUA_FUNCTION_WITH_HELP(
+ Client, set_certificate,
+ "Sets a client certificate to use for strong authentication with the server.",
+ "self\n"
+ "file PKCS #12 file\n"
+ "pwd passphrase for the certificate private key\n",
+ ""
+) {
+ std::string file;
+ std::string pwd;
+ int index = 2;
+ if (!lua_isnoneornil(L, index)) {
+ file = Lua::checkString(L, index);
+ ++index;
+ if (!lua_isnoneornil(L, index)) {
+ pwd = Lua::checkString(L, index);
+ ++index;
+ }
+ }
+ getClient(L)->getClient()->setCertificate(boost::make_shared<PKCS12Certificate>(file, createSafeByteArray(pwd)));
+ return 0;
+}
+
+SLUIFT_LUA_FUNCTION_WITH_HELP(
Client, jid,
"Returns the JID of this client",
"self\n",