Sluift: Add set_certificate for sluift clients

This patch introduces a 'set_certificate' API for Sluift clients, which it is just a wrapper around Swiften's Core client setCertificate. Test-Information: Generated different user certificates for a user (trusted, untrusted, invalid, expired...) and set M-Link to enable flag 'tls_require_client_cert'. Calling 'set_certificate' with these certificates behaved as expected, either letting the Sluift client to authenticate or not. Also tested caling 'set_certificate' with no parameter, and the certificate was successfully cleared (that is, client would no longer be able to connect) Change-Id: Ieb56d59f7f7c1c7027f0fe56905fb83ac3b25298
author: Roger Planas <roger.planas@isode.com> 2015-07-20 11:09:59 (GMT)
committer: Roger Planas <roger.planas@isode.com> 2015-07-21 12:30:00 (GMT)
commit: 02ecf91d261276ec6f1e46b537ac0e10ebae3170 (patch)
tree: ca7ac3d8c0b12870f43587f87d1bdcaf7ca0e1f5 /Sluift/client.cpp
parent: f10bd4cc1f570b27943d27e536d1dcfbcd55ec6a (diff)
download: swift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.zip
swift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.tar.bz2
1 files changed, 25 insertions, 1 deletions
diff --git a/Sluift/client.cpp b/Sluift/client.cpp
index f1fc2c7..813c180 100644
--- a/Sluift/client.cpp
+++ b/Sluift/client.cpp
@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 2013-2014 Isode Limited.
+ * Copyright (c) 2013-2015 Isode Limited.
 * All rights reserved.
 * See the COPYING file for more information.
 */
 #include <boost/lambda/lambda.hpp>
@@ -26,10 +26,11 @@
 #include <Swiften/Roster/SetRosterRequest.h>
 #include <Swiften/Presence/SubscriptionManager.h>
 #include <Swiften/Roster/XMPPRosterItem.h>
 #include <Swiften/Queries/IQRouter.h>
 #include <Swiften/Queries/Requests/GetSoftwareVersionRequest.h>
+#include <Swiften/TLS/PKCS12Certificate.h>
 #include <Sluift/Lua/FunctionRegistration.h>
 #include <Swiften/Base/foreach.h>
 #include <Swiften/Base/IDGenerator.h>
 #include <Sluift/Lua/Check.h>
 #include <Sluift/Lua/Value.h>
@@ -730,10 +731,33 @@ SLUIFT_LUA_FUNCTION_WITH_HELP(
        client->getClient()->getDiscoManager()->setCapsNode(Lua::checkString(L, 2));
        return 0;
 }
 SLUIFT_LUA_FUNCTION_WITH_HELP(
+                Client, set_certificate,
+                "Sets a client certificate to use for strong authentication with the server.",
+                "self\n"
+                "file  PKCS #12 file\n"
+                "pwd  passphrase for the certificate private key\n",
+                ""
+) {
+        std::string file;
+        std::string pwd;
+        int index = 2;
+        if (!lua_isnoneornil(L, index)) {
+                file = Lua::checkString(L, index);
+                ++index;
+                if (!lua_isnoneornil(L, index)) {
+                        pwd = Lua::checkString(L, index);
+                        ++index;
+                }
+        }
+        getClient(L)->getClient()->setCertificate(boost::make_shared<PKCS12Certificate>(file, createSafeByteArray(pwd)));
+        return 0;
+}
+SLUIFT_LUA_FUNCTION_WITH_HELP(
                Client, jid,
                "Returns the JID of this client",
                "self\n",
                ""
 ) {
author	Roger Planas <roger.planas@isode.com>	2015-07-20 11:09:59 (GMT)
committer	Roger Planas <roger.planas@isode.com>	2015-07-21 12:30:00 (GMT)
commit	02ecf91d261276ec6f1e46b537ac0e10ebae3170 (patch)
tree	ca7ac3d8c0b12870f43587f87d1bdcaf7ca0e1f5 /Sluift/client.cpp
parent	f10bd4cc1f570b27943d27e536d1dcfbcd55ec6a (diff)
download	swift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.zip swift-02ecf91d261276ec6f1e46b537ac0e10ebae3170.tar.bz2