prosody
207691ad98fe
util/sasl/scram.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

util/sasl/scram.lua @ 10774:207691ad98fe

util.sasl.scram: Mention if clients try PLUS without channel binding This isn't normal, but is it invalid? Likely a client bug in any case.
author Kim Alvefur <zash@zash.se>
date Sun, 26 Apr 2020 14:31:43 +0200
parent 10499:79c568d4146c
child 10916:c7ed8f754033
comparison
equal deleted inserted replaced
10773:3e1046b39484 10774:207691ad98fe
110 local server_key = HMAC(salted_password, "Server Key"); 110 local server_key = HMAC(salted_password, "Server Key");
111 return true, stored_key, server_key 111 return true, stored_key, server_key
112 end 112 end
113 end 113 end
114 114
115 local function scram_gen(hash_name, H_f, HMAC_f, get_auth_db) 115 local function scram_gen(hash_name, H_f, HMAC_f, get_auth_db, expect_cb)
116 local profile_name = "scram_" .. hashprep(hash_name); 116 local profile_name = "scram_" .. hashprep(hash_name);
117 local function scram_hash(self, message) 117 local function scram_hash(self, message)
118 local support_channel_binding = false; 118 local support_channel_binding = false;
119 if self.profile.cb then support_channel_binding = true; end 119 if self.profile.cb then support_channel_binding = true; end
120 120
139 return "failure", "malformed-request"; 139 return "failure", "malformed-request";
140 end 140 end
141 141
142 if gs2_cbind_flag == "n" then 142 if gs2_cbind_flag == "n" then
143 -- "n" -> client doesn't support channel binding. 143 -- "n" -> client doesn't support channel binding.
144 if expect_cb then
145 log("debug", "Client unexpectedly doesn't support channel binding");
146 -- XXX Is it sensible to abort if the client starts -PLUS but doesn't use channel binding?
147 end
144 support_channel_binding = false; 148 support_channel_binding = false;
145 end 149 end
146 150
147 if support_channel_binding and gs2_cbind_flag == "p" then 151 if support_channel_binding and gs2_cbind_flag == "p" then
148 -- check whether we support the proposed channel binding type 152 -- check whether we support the proposed channel binding type
258 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db)); 262 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db));
259 263
260 -- register channel binding equivalent 264 -- register channel binding equivalent
261 registerMechanism("SCRAM-"..hash_name.."-PLUS", 265 registerMechanism("SCRAM-"..hash_name.."-PLUS",
262 {"plain", "scram_"..(hashprep(hash_name))}, 266 {"plain", "scram_"..(hashprep(hash_name))},
263 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db), {"tls-unique"}); 267 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db, true), {"tls-unique"});
264 end 268 end
265 269
266 registerSCRAMMechanism("SHA-1", hashes.sha1, hashes.hmac_sha1, hashes.pbkdf2_hmac_sha1); 270 registerSCRAMMechanism("SHA-1", hashes.sha1, hashes.hmac_sha1, hashes.pbkdf2_hmac_sha1);
267 registerSCRAMMechanism("SHA-256", hashes.sha256, hashes.hmac_sha256, hashes.pbkdf2_hmac_sha256); 271 registerSCRAMMechanism("SHA-256", hashes.sha256, hashes.hmac_sha256, hashes.pbkdf2_hmac_sha256);
268 end 272 end