From 02ecf91d261276ec6f1e46b537ac0e10ebae3170 Mon Sep 17 00:00:00 2001
From: Roger Planas <roger.planas@isode.com>
Date: Mon, 20 Jul 2015 12:09:59 +0100
Subject: Sluift: Add set_certificate for sluift clients

This patch introduces a 'set_certificate' API for Sluift
clients, which it is just a wrapper around Swiften's
Core client setCertificate.

Test-Information:

Generated different user certificates for a user (trusted,
untrusted, invalid, expired...) and set M-Link to enable flag
'tls_require_client_cert'. Calling 'set_certificate' with these
certificates behaved as expected, either letting the Sluift
client to authenticate or not.
Also tested caling 'set_certificate' with no parameter, and the
certificate was successfully cleared (that is, client would no
longer be able to connect)

Change-Id: Ieb56d59f7f7c1c7027f0fe56905fb83ac3b25298

diff --git a/Sluift/client.cpp b/Sluift/client.cpp
index f1fc2c7..813c180 100644
--- a/Sluift/client.cpp
+++ b/Sluift/client.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013-2014 Isode Limited.
+ * Copyright (c) 2013-2015 Isode Limited.
  * All rights reserved.
  * See the COPYING file for more information.
  */
@@ -28,6 +28,7 @@
 #include <Swiften/Roster/XMPPRosterItem.h>
 #include <Swiften/Queries/IQRouter.h>
 #include <Swiften/Queries/Requests/GetSoftwareVersionRequest.h>
+#include <Swiften/TLS/PKCS12Certificate.h>
 #include <Sluift/Lua/FunctionRegistration.h>
 #include <Swiften/Base/foreach.h>
 #include <Swiften/Base/IDGenerator.h>
@@ -732,6 +733,29 @@ SLUIFT_LUA_FUNCTION_WITH_HELP(
 }
 
 SLUIFT_LUA_FUNCTION_WITH_HELP(
+		Client, set_certificate,
+		"Sets a client certificate to use for strong authentication with the server.",
+		"self\n"
+		"file  PKCS #12 file\n"
+		"pwd  passphrase for the certificate private key\n",
+		""
+) {
+	std::string file;
+	std::string pwd;
+	int index = 2;
+	if (!lua_isnoneornil(L, index)) {
+		file = Lua::checkString(L, index);
+		++index;
+		if (!lua_isnoneornil(L, index)) {
+			pwd = Lua::checkString(L, index);
+			++index;
+		}
+	}
+	getClient(L)->getClient()->setCertificate(boost::make_shared<PKCS12Certificate>(file, createSafeByteArray(pwd)));
+	return 0;
+}
+
+SLUIFT_LUA_FUNCTION_WITH_HELP(
 		Client, jid,
 		"Returns the JID of this client",
 		"self\n",
-- 
cgit v0.10.2-6-g49f6