diff options
author | Roger Planas <roger.planas@isode.com> | 2015-07-20 11:09:59 (GMT) |
---|---|---|
committer | Roger Planas <roger.planas@isode.com> | 2015-07-21 12:30:00 (GMT) |
commit | 02ecf91d261276ec6f1e46b537ac0e10ebae3170 (patch) | |
tree | ca7ac3d8c0b12870f43587f87d1bdcaf7ca0e1f5 | |
parent | f10bd4cc1f570b27943d27e536d1dcfbcd55ec6a (diff) | |
download | swift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.zip swift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.tar.bz2 |
Sluift: Add set_certificate for sluift clients
This patch introduces a 'set_certificate' API for Sluift
clients, which it is just a wrapper around Swiften's
Core client setCertificate.
Test-Information:
Generated different user certificates for a user (trusted,
untrusted, invalid, expired...) and set M-Link to enable flag
'tls_require_client_cert'. Calling 'set_certificate' with these
certificates behaved as expected, either letting the Sluift
client to authenticate or not.
Also tested caling 'set_certificate' with no parameter, and the
certificate was successfully cleared (that is, client would no
longer be able to connect)
Change-Id: Ieb56d59f7f7c1c7027f0fe56905fb83ac3b25298
-rw-r--r-- | Sluift/client.cpp | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/Sluift/client.cpp b/Sluift/client.cpp index f1fc2c7..813c180 100644 --- a/Sluift/client.cpp +++ b/Sluift/client.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2014 Isode Limited. + * Copyright (c) 2013-2015 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -28,6 +28,7 @@ #include <Swiften/Roster/XMPPRosterItem.h> #include <Swiften/Queries/IQRouter.h> #include <Swiften/Queries/Requests/GetSoftwareVersionRequest.h> +#include <Swiften/TLS/PKCS12Certificate.h> #include <Sluift/Lua/FunctionRegistration.h> #include <Swiften/Base/foreach.h> #include <Swiften/Base/IDGenerator.h> @@ -732,6 +733,29 @@ SLUIFT_LUA_FUNCTION_WITH_HELP( } SLUIFT_LUA_FUNCTION_WITH_HELP( + Client, set_certificate, + "Sets a client certificate to use for strong authentication with the server.", + "self\n" + "file PKCS #12 file\n" + "pwd passphrase for the certificate private key\n", + "" +) { + std::string file; + std::string pwd; + int index = 2; + if (!lua_isnoneornil(L, index)) { + file = Lua::checkString(L, index); + ++index; + if (!lua_isnoneornil(L, index)) { + pwd = Lua::checkString(L, index); + ++index; + } + } + getClient(L)->getClient()->setCertificate(boost::make_shared<PKCS12Certificate>(file, createSafeByteArray(pwd))); + return 0; +} + +SLUIFT_LUA_FUNCTION_WITH_HELP( Client, jid, "Returns the JID of this client", "self\n", |