Log

plugins/mod_saslauth.lua @ 7831:201d0df6cce9

description author age
core.sessionmanager, mod_saslauth: Introduce intermediate session type for authenticated but unbound sessions so that resource binding is not treated as a normal stanza Kim Alvefur Tue, 13 Dec 2016 18:15:17 +0100
mod_saslauth: Disable DIGEST-MD5 by default (closes #515) Kim Alvefur Fri, 18 Mar 2016 11:51:58 +0100
mod_saslauth: Make it easier to support multiple channel binding methonds Kim Alvefur Wed, 19 Nov 2014 14:45:20 +0100
mod_saslauth: Break out tls-unique channel binding callback so it is instantiated once Kim Alvefur Wed, 19 Nov 2014 14:44:41 +0100
mod_saslauth: Keep sasl_handler in a local variable Kim Alvefur Wed, 19 Nov 2014 14:37:45 +0100
mod_saslauth: Better name for config option Kim Alvefur Tue, 21 Oct 2014 16:41:28 +0200
mod_saslauth: Make it possible to disable certain mechanisms Kim Alvefur Tue, 21 Oct 2014 14:38:40 +0200
mod_saslauth: Add LOGIN to mechanisms not allowed over unencrypted connections as it may be offered by 3rd party authentication plugins Kim Alvefur Tue, 21 Oct 2014 14:37:05 +0200
mod_saslauth: Use a configurable set of mechanisms to not allow over unencrypted connections Kim Alvefur Tue, 21 Oct 2014 14:35:32 +0200
mod_saslauth: Log warning if no SASL mechanisms were offered Kim Alvefur Tue, 21 Oct 2014 12:57:56 +0200
mod_saslauth: Use type-specific config option getters Kim Alvefur Tue, 21 Oct 2014 12:56:19 +0200
mod_legacyauth, mod_saslauth, mod_tls: Pass require_encryption as default option to s2s_require_encryption so the later overrides the former Kim Alvefur Tue, 21 Oct 2014 12:49:03 +0200
mod_saslauth: Fix encoding of missing vs empty SASL reply messages Kim Alvefur Tue, 23 Sep 2014 19:46:29 +0200
mod_saslauth: Stricter SASL EXTERNAL handling more in line with XEP-0178 Kim Alvefur Tue, 23 Sep 2014 19:29:14 +0200
mod_dialback, mod_saslauth: Remove broken fallback to dialback on SASL EXTERNAL failure Kim Alvefur Tue, 23 Sep 2014 14:23:01 +0200
mod_lastactivity, mod_legacyauth, mod_presence, mod_saslauth, mod_tls: Use the newer stanza:get_child APIs and optimize away some table lookups Kim Alvefur Fri, 04 Jul 2014 22:52:34 +0200
Merge 0.9->0.10 Kim Alvefur Tue, 25 Mar 2014 19:16:38 +0100
mod_saslauth: Only do c2s SASL on normal VirtualHosts Kim Alvefur Sat, 22 Mar 2014 12:41:38 +0100
mod_saslauth: Make sure sasl handler has add_cb_handler (fixes #392) Kim Alvefur Wed, 12 Feb 2014 19:25:15 +0100
mod_saslauth: Collect data for channel binding only if we know for sure that the stream is encrypted Kim Alvefur Mon, 07 Oct 2013 12:56:21 +0200
Merge Tobias SCRAM-PLUS work Kim Alvefur Sun, 22 Sep 2013 00:44:20 +0200
mod_saslauth: Check whether LuaSec supports getpeerfinished() binding. Tobias Markmann Mon, 17 Jan 2011 16:50:21 +0100
mod_saslauth: Add channel binding handler for tls-unique channel binding. Tobias Markmann Mon, 17 Jan 2011 16:50:21 +0100
mod_saslauth: Set secure socket as SASL object user data for secure sessions. Tobias Markmann Mon, 17 Jan 2011 16:50:21 +0100
Remove all trailing whitespace Florian Zeitz Fri, 09 Aug 2013 17:48:21 +0200
mod_saslauth, mod_compression: Fix some cases where open_stream() was not being passed to/from (see df3c78221f26 and issue #338) Matthew Wild Mon, 29 Apr 2013 10:43:44 +0100
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event Matthew Wild Fri, 22 Mar 2013 14:18:23 +0000
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams Kim Alvefur Sat, 16 Mar 2013 17:46:43 +0100
mod_saslauth: Pass session to usermanager.get_sasl_handler() Matthew Wild Wed, 04 Jul 2012 23:44:13 +0100
mod_saslauth: Remove unused declaration of xmlns_stanzas Matthew Wild Sat, 28 Apr 2012 03:05:35 +0100
mod_saslauth: Remove useless import of, and call to nodeprep. Kim Alvefur Sun, 12 Feb 2012 15:14:35 +0100
mod_saslauth: Fire authentication-failure if make_authenticated() failed. Kim Alvefur Sun, 12 Feb 2012 15:08:12 +0100
mod_saslauth: Move authentication-success event to after session has been made authenticated. Kim Alvefur Sun, 12 Feb 2012 15:05:31 +0100
mod_saslauth: "" ~= nil (thanks, Zash!) Paul Aurich Tue, 24 Jan 2012 14:57:53 -0800
mod_saslauth: Never send empty <mechanisms/>, for real this time. Waqas Hussain Thu, 13 Oct 2011 00:24:09 +0500
mod_saslauth: Never send empty <mechanisms/>. Waqas Hussain Thu, 13 Oct 2011 00:10:02 +0500
mod_saslauth: Fire authentication-success and authentication-failure events (thanks scitor) Matthew Wild Mon, 29 Aug 2011 12:01:42 -0400
Merge 0.8->trunk Matthew Wild Thu, 06 Jan 2011 14:46:59 +0000
mod_saslauth: Remove special handling for SASL ANONYMOUS, and let mod_auth_anonymous handle it. Waqas Hussain Tue, 28 Dec 2010 05:28:15 +0500
util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks. Waqas Hussain Mon, 27 Dec 2010 19:57:04 +0500
mod_saslauth: Handle session bind requests to the host, fixes OneTeam login Matthew Wild Fri, 24 Dec 2010 18:54:54 +0000
mod_saslauth: Remove special handling for SASL ANONYMOUS, and let mod_auth_anonymous handle it. Waqas Hussain Tue, 28 Dec 2010 05:28:15 +0500
util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks. Waqas Hussain Mon, 27 Dec 2010 19:57:04 +0500
mod_saslauth: Handle session bind requests to the host, fixes OneTeam login Matthew Wild Fri, 24 Dec 2010 18:54:54 +0000
core.s2smanager, mod_console, mod_saslauth, util.certverification: rename util.certverification to util.x509 Kim Alvefur Sun, 12 Dec 2010 02:03:32 +0100
s2s: SASL EXTERNAL Paul Aurich Sun, 21 Nov 2010 21:10:43 -0800
mod_saslauth: Allow restarting SASL negotiation from scratch. Waqas Hussain Tue, 02 Nov 2010 22:23:07 +0500
mod_saslauth: Separated processing of <auth/> and <response/> elements, and return proper error on out-of-order <response/> elements. Waqas Hussain Tue, 02 Nov 2010 22:05:19 +0500
mod_saslauth: Moved SASL mechanism selection and CDATA handling into separate functions. Waqas Hussain Tue, 02 Nov 2010 21:19:50 +0500
mod_saslauth: Handle SASL <abort/> properly. Waqas Hussain Tue, 02 Nov 2010 15:07:25 +0500
mod_saslauth: Updated to use the new events API. Waqas Hussain Sat, 16 Oct 2010 07:18:01 +0500
mod_saslauth: Improved logging a bit. Waqas Hussain Sat, 16 Oct 2010 05:16:45 +0500
mod_saslauth: Updated to use the new events API. Waqas Hussain Sat, 16 Oct 2010 05:03:00 +0500
mod_saslauth, mod_auth_cyrus, util.sasl_cyrus: Moved cyrus account provisioning check out of mod_saslauth. Waqas Hussain Mon, 23 Aug 2010 16:54:56 +0500
mod_saslauth: Get rid of the sasl_backend option (use auth modules instead). Waqas Hussain Mon, 23 Aug 2010 16:28:06 +0500
mod_saslauth: Get rid of most Cyrus SASL related code (use authentication='cyrus' instead). Waqas Hussain Mon, 23 Aug 2010 16:22:58 +0500
mod_saslauth: Fixed a nil global access. Waqas Hussain Sat, 31 Jul 2010 15:16:15 +0500
mod_saslauth: Check for unencrypted PLAIN auth in mod_saslauth instead of the SASL handler (makes it work for Cyrus SASL). Waqas Hussain Sat, 31 Jul 2010 13:55:46 +0500
mod_saslauth: Move mandatory encryption enforcement to before sasl_handler:select(). Waqas Hussain Sat, 31 Jul 2010 13:49:22 +0500
mod_saslauth: Got rid of undocumented and useless 'sasl_realm' config option (was only used for anonymous auth, and that didn't make sense). Waqas Hussain Sun, 18 Jul 2010 17:50:38 +0500
mod_saslauth: Cleaned up unused requires. Waqas Hussain Sat, 17 Jul 2010 19:02:56 +0500
mod_saslauth: A little cleanup for anonymous_login. Waqas Hussain Sat, 17 Jul 2010 18:58:25 +0500
SASL: Simplified sasl_handler:mechanisms() to return a set, and not an array. Waqas Hussain Wed, 14 Jul 2010 19:56:57 +0500
mod_saslauth: Rename variable 'aret' to 'ok' as per convention Matthew Wild Mon, 12 Jul 2010 16:44:56 +0100
Merge 0.7->trunk Matthew Wild Sat, 12 Jun 2010 02:39:18 +0100
mod_saslauth: Return proper error on invalid usernames. Waqas Hussain Fri, 11 Jun 2010 21:01:17 +0500
mod_saslauth: Updated to use usermanager.get_sasl_handler. Waqas Hussain Mon, 07 Jun 2010 02:40:14 +0500
mod_saslauth: Fix log level Matthew Wild Fri, 04 Jun 2010 13:55:39 +0100
Correct out of order logic in mod_hashpassauth Jeff Mitchell Fri, 28 May 2010 14:47:32 -0400
Check in mod_hashpassauth -- works! Jeff Mitchell Wed, 26 May 2010 18:16:58 -0400
mod_saslauth: Split out cyrus SASL config options into locals, and add support for cyrus_application_name (default: 'prosody') Matthew Wild Thu, 20 May 2010 11:51:55 +0100
usermanager, mod_saslauth: Make account provisioning for Cyrus SASL optional (default: not required) Matthew Wild Thu, 20 May 2010 11:32:24 +0100
mod_saslauth: Add return value and error message to the Cyrus SASL handle_status callback Matthew Wild Thu, 20 May 2010 11:08:51 +0100
mod_saslauth: Allow the Cyrus SASL realm to be configurable Matthew Wild Thu, 20 May 2010 11:05:43 +0100
mod_saslauth: Tidier code for SASL backend selection. Waqas Hussain Tue, 23 Mar 2010 20:17:46 +0500
mod_saslauth: Fail with an error when the requested SASL backend cannot be used. Waqas Hussain Tue, 23 Mar 2010 20:11:39 +0500
Merge 0.6->0.7 Matthew Wild Mon, 22 Mar 2010 17:24:55 +0000
Update copyright headers for 2010 Matthew Wild Mon, 22 Mar 2010 17:06:15 +0000
mod_saslauth: Add a sasl_realm option Paul Aurich Wed, 17 Mar 2010 15:29:14 -0700
Merge 0.6.2/waqas with 0.6.2/MattJ Matthew Wild Wed, 03 Mar 2010 22:05:05 +0000
mod_saslauth: Don't print raw SASL data to avoid logging passwords unnecessarily Matthew Wild Sat, 13 Feb 2010 19:35:12 +0000
mod_saslauth: Requiring c2s encryption means requiring c2s encryption... thanks Flo Matthew Wild Mon, 21 Dec 2009 22:00:49 +0000
mod_saslauth: Add FIXME to remind myself to fix this as soon as I have time Matthew Wild Mon, 01 Mar 2010 16:23:26 +0000
mod_saslauth: Unlock globals while loading cyrus Matthew Wild Mon, 01 Mar 2010 16:02:59 +0000
mod_saslauth: Log debug message with full error if cyrussasl couldn't be loaded Matthew Wild Mon, 15 Feb 2010 22:56:36 +0000
mod_saslauth: Correct syntax for gracefully handling a missing cyrussasl library Matthew Wild Mon, 15 Feb 2010 22:56:15 +0000
mod_saslauth: Warn and fallback gracefully when Cyrus SASL is requested, but missing. Waqas Hussain Mon, 15 Feb 2010 02:51:07 +0500
mod_saslauth: Don't print raw SASL data to avoid logging passwords unnecessarily Matthew Wild Sat, 13 Feb 2010 19:35:12 +0000
mod_saslauth: Hook stream-features event using new events API. Waqas Hussain Fri, 12 Feb 2010 04:25:37 +0500
mod_saslauth: Fixed some indentation and added some semi-colons. Waqas Hussain Mon, 11 Jan 2010 19:17:26 +0500
mod_saslauth: Made some variables local to avoid unnecessary global access. Waqas Hussain Mon, 11 Jan 2010 19:05:08 +0500
mod_saslauth: Oops. Paul Aurich Sun, 03 Jan 2010 10:07:20 -0800
mod_saslauth: Use module:get_option() Paul Aurich Sun, 03 Jan 2010 09:51:01 -0800
mod_saslauth: Add sasl_backend config parameter Paul Aurich Sat, 02 Jan 2010 20:03:24 -0800
mod_saslauth: Adjust sanitizing. Tobias Markmann Wed, 23 Dec 2009 23:13:39 +0100
mod_saslauth: Sanitize debugging information so it won't break terminal emulation when using GSSAPI auth. Tobias Markmann Wed, 23 Dec 2009 23:09:44 +0100
added comment to remind us to fix binary output breaking the terminal jorj Wed, 23 Dec 2009 16:45:03 -0500
mod_saslauth: Make service_name configurable for CyrusSASL users. Tobias Markmann Tue, 22 Dec 2009 20:20:37 +0100
mod_saslauth: Add support for CyrusSASL. Tobias Markmann Tue, 22 Dec 2009 19:27:19 +0100
mod_saslauth: Requiring c2s encryption means requiring c2s encryption... thanks Flo Matthew Wild Mon, 21 Dec 2009 22:00:49 +0000
mod_saslauth: Fix typo in variable name Matthew Wild Sat, 28 Nov 2009 15:12:07 +0000
mod_saslauth: Allow relogins after failed SASL login. Tobias Markmann Thu, 26 Nov 2009 23:18:26 +0100
Use new cofig option reading API. Tobias Markmann Thu, 19 Nov 2009 16:44:37 +0100
Allow SASL PLAIN over unsecure connections when intended by admin. Tobias Markmann Thu, 19 Nov 2009 16:43:38 +0100
Provide SASL PLAIN mechanism only if TLS is active. Tobias Markmann Wed, 18 Nov 2009 23:26:35 +0100
Merge with sasl branch. Tobias Markmann Mon, 16 Nov 2009 21:43:57 +0100
Making mod_saslauth use the new SASL API. sasl Tobias Markmann Fri, 28 Aug 2009 13:04:38 +0200
mod_saslauth: Fixed access of globals. Waqas Hussain Sun, 18 Oct 2009 18:50:35 +0500
mod_saslauth: Marked the im-session stream feature as optional. This allows smart clients to save a round trip. Waqas Hussain Sun, 18 Oct 2009 18:48:34 +0500
require_encryption deprecated, use c2s_require_encryption instead Matthew Wild Mon, 05 Oct 2009 14:59:30 +0100
Merge with 0.5 Matthew Wild Tue, 29 Sep 2009 19:56:23 +0100
mod_saslauth: Prep username used for authenticating a session Matthew Wild Tue, 29 Sep 2009 19:54:31 +0100
Add NODEprepping to SASL Digest-MD5 authentication handling. Tobias Markmann Sun, 06 Sep 2009 22:07:59 +0200
Uncertain merge with 0.5's SASL Matthew Wild Thu, 20 Aug 2009 13:57:50 +0100
Use NODEprep for prepping usernames used during SASL logins. Tobias Markmann Wed, 19 Aug 2009 21:59:16 +0200
mod_saslauth: Fix coding style and layout, and use of arg[] for vararg Matthew Wild Wed, 05 Aug 2009 16:37:28 +0100
mod_saslauth: Fix indentation Matthew Wild Wed, 05 Aug 2009 16:35:13 +0100
mod_saslauth: Fix traceback on attempted login for non-existent users Matthew Wild Wed, 05 Aug 2009 16:31:56 +0100
Switch to using a more generic credentials_callback/handler for SASL auth. nick Fri, 24 Jul 2009 01:34:25 +0100
mod_saslauth, usermanager: Fetch list of mechanisms from usermanager Nick Thomas Thu, 23 Jul 2009 22:15:06 +0100