Software / code / prosody
Diff
net/server_epoll.lua @ 12594:29685403be32
mod_saslauth: Implement RFC 9266 'tls-exporter' channel binding (#1760)
Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier
channel binding method being undefined for TLS 1.3, and the increasing
deployment of TLS 1.3.
See 1bfd238e05ad and #1542
Requires future version of LuaSec, once support for this key material
export method is merged.
See https://github.com/brunoos/luasec/pull/187
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 01 Jun 2022 15:06:59 +0200 |
| parent | 12542:5ec9d6913162 |
| child | 12827:0605d4f03e25 |
line wrap: on
line diff
--- a/net/server_epoll.lua Mon Jul 11 20:02:10 2022 +0200 +++ b/net/server_epoll.lua Wed Jun 01 15:06:59 2022 +0200 @@ -649,6 +649,14 @@ return sock:getpeerfinished(); end +function interface:ssl_exportkeyingmaterial(label, len, context) + local sock = self.conn; + if sock.exportkeyingmaterial then + return sock:exportkeyingmaterial(label, len, context); + end +end + + function interface:starttls(tls_ctx) if tls_ctx then self.tls_ctx = tls_ctx; end self.starttls = false;
