prosody
29685403be32
net/server_epoll.lua
Software / code / prosody
Comparison
net/server_epoll.lua @ 12594:29685403be32
mod_saslauth: Implement RFC 9266 'tls-exporter' channel binding (#1760)
Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier
channel binding method being undefined for TLS 1.3, and the increasing
deployment of TLS 1.3.
See 1bfd238e05ad and #1542
Requires future version of LuaSec, once support for this key material
export method is merged.
See https://github.com/brunoos/luasec/pull/187
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 01 Jun 2022 15:06:59 +0200 |
| parent | 12542:5ec9d6913162 |
| child | 12827:0605d4f03e25 |
comparison
equal
deleted
inserted
replaced
| 12591:494577d883ff | 12594:29685403be32 |
|---|---|
| 646 function interface:ssl_peerfinished() | 646 function interface:ssl_peerfinished() |
| 647 local sock = self.conn; | 647 local sock = self.conn; |
| 648 if not sock.getpeerfinished then return nil, "not-implemented"; end | 648 if not sock.getpeerfinished then return nil, "not-implemented"; end |
| 649 return sock:getpeerfinished(); | 649 return sock:getpeerfinished(); |
| 650 end | 650 end |
| 651 | |
| 652 function interface:ssl_exportkeyingmaterial(label, len, context) | |
| 653 local sock = self.conn; | |
| 654 if sock.exportkeyingmaterial then | |
| 655 return sock:exportkeyingmaterial(label, len, context); | |
| 656 end | |
| 657 end | |
| 658 | |
| 651 | 659 |
| 652 function interface:starttls(tls_ctx) | 660 function interface:starttls(tls_ctx) |
| 653 if tls_ctx then self.tls_ctx = tls_ctx; end | 661 if tls_ctx then self.tls_ctx = tls_ctx; end |
| 654 self.starttls = false; | 662 self.starttls = false; |
| 655 if self.writebuffer and (self.writebuffer[1] or type(self.writebuffer) == "string") then | 663 if self.writebuffer and (self.writebuffer[1] or type(self.writebuffer) == "string") then |
