mod_saslauth: Advertise channel bindings via XEP-0440
|
Kim Alvefur |
Sun, 06 Dec 2020 22:04:43 +0100 |
net: isolate LuaSec-specifics
|
Jonas Schäfer |
Wed, 27 Apr 2022 17:44:14 +0200 |
usermanager, mod_saslauth: Default to internal_hashed if no auth module specified
|
Matthew Wild |
Thu, 10 Feb 2022 19:54:14 +0000 |
various: Require encryption by default for real
|
Kim Alvefur |
Sat, 25 Dec 2021 16:23:40 +0100 |
s2s et al.: Add counters for connection state transitions
|
Jonas Schäfer |
Wed, 21 Apr 2021 17:11:58 +0200 |
Merge 0.11->trunk
|
Kim Alvefur |
Sat, 10 Apr 2021 16:45:44 +0200 |
mod_saslauth: Use a defined SASL error
0.11
|
Kim Alvefur |
Thu, 18 Mar 2021 16:16:54 +0100 |
mod_saslauth: Improve code style
0.11
|
Kim Alvefur |
Thu, 18 Mar 2021 16:17:45 +0100 |
mod_saslauth: Don't throw errors in async code when connections are gone
0.11
|
tmolitor |
Thu, 18 Mar 2021 14:30:47 +0100 |
Merge 0.11->trunk
|
Kim Alvefur |
Mon, 23 Nov 2020 21:56:26 +0100 |
mod_saslauth: Only advertise channel binding if a finished message is available
0.11
|
Kim Alvefur |
Mon, 23 Nov 2020 21:52:46 +0100 |
mod_saslauth: Disable 'tls-unique' channel binding with TLS 1.3 (closes #1542)
0.11
|
Kim Alvefur |
Mon, 23 Nov 2020 21:42:52 +0100 |
mod_saslauth: Pass through any auth scope from the SASL handler to sessionmanager.make_authenticated()
|
Matthew Wild |
Wed, 05 Feb 2020 17:56:44 +0000 |
mod_saslauth: Set a nicer bounce error explaining SASL EXTERNAL failures
|
Kim Alvefur |
Sat, 07 Dec 2019 22:55:51 +0100 |
mod_saslauth: Collect SASL EXTERNAL failures into an util.error object
|
Kim Alvefur |
Sat, 07 Dec 2019 22:51:43 +0100 |
mod_saslauth: Advertise correct set of mechanisms
|
Kim Alvefur |
Mon, 02 Dec 2019 16:00:16 +0100 |
mod_saslauth: Demote "no SASL mechanisms" error back to warning
|
Kim Alvefur |
Tue, 15 Oct 2019 23:38:29 +0200 |
mod_saslauth: Improve logging of why no SASL mechanisms were offered
|
Kim Alvefur |
Tue, 15 Oct 2019 22:05:51 +0200 |
mod_saslauth: Use the power of Set Theory to mange sets of SASL mechanisms
|
Kim Alvefur |
Tue, 15 Oct 2019 21:58:10 +0200 |
mod_saslauth: Log (debug) messages about channel binding
|
Kim Alvefur |
Tue, 15 Oct 2019 21:37:19 +0200 |
mod_saslauth: Remove useless debug log line
|
Kim Alvefur |
Sun, 13 Oct 2019 00:33:35 +0200 |
mod_saslauth: Remove commented-out debug log line
|
Kim Alvefur |
Sun, 13 Oct 2019 00:32:58 +0200 |
plugins: Remove tostring call from logging
|
Kim Alvefur |
Tue, 30 Jul 2019 02:29:36 +0200 |
Fix various spelling mistakes [codespell]
|
Kim Alvefur |
Fri, 03 May 2019 20:54:24 +0200 |
mod_saslauth: Improve log message when no SASL mechanisms offered (thanks hexa)
|
Kim Alvefur |
Sat, 24 Nov 2018 02:24:48 +0100 |
mod_saslauth: Ignore unused argument [luacheck]
|
Kim Alvefur |
Sun, 04 Feb 2018 01:05:06 +0100 |
mod_saslauth: Use renamed API for hooking non-stanzas
|
Kim Alvefur |
Sun, 04 Feb 2018 01:03:44 +0100 |
mod_saslauth: Pass SASL EXTERNAL failure reason on to be used in error bounces
|
Kim Alvefur |
Sun, 04 Feb 2018 01:01:50 +0100 |
mod_saslauth: Close connection if no fallback kicks in on SASL EXTERNAL failure
|
Kim Alvefur |
Sun, 04 Feb 2018 00:58:38 +0100 |
Backed out changeset 89c42aff8510: The problem in ejabberd has reportedly been resolved and this change causes more problems than it solves (fixes #1006)
|
Kim Alvefur |
Sun, 04 Feb 2018 01:13:27 +0100 |
mod_saslauth: Log which mechanisms are offered
|
Kim Alvefur |
Thu, 21 Dec 2017 10:15:47 +0100 |
Merge 0.9->0.10
|
Kim Alvefur |
Thu, 14 Sep 2017 02:47:40 +0200 |
mod_saslauth: Use correct varible name (thanks Roi)
|
Kim Alvefur |
Sat, 08 Jul 2017 18:21:45 +0200 |
mod_saslauth: Remove unused argument [luacheck]
|
Kim Alvefur |
Sat, 01 Apr 2017 22:34:15 +0200 |
mod_saslauth: Fix typoed variable name [luacheck]
|
Kim Alvefur |
Mon, 06 Mar 2017 16:05:24 +0100 |
mod_saslauth: Switch to hook_tag from hook_stanza which was renamed in 2087d42f1e77
|
Kim Alvefur |
Mon, 06 Mar 2017 15:56:12 +0100 |
Merge 0.9->0.10
|
Kim Alvefur |
Thu, 02 Mar 2017 15:21:07 +0100 |
mod_saslauth: Log SASL failure reason
|
Kim Alvefur |
Thu, 02 Mar 2017 15:17:32 +0100 |
mod_saslauth: Ignore shadowing of logger [luacheck]
|
Kim Alvefur |
Wed, 15 Feb 2017 23:04:44 +0100 |
mod_saslauth: Improve logging as to why when SASL is not offered
|
Kim Alvefur |
Wed, 15 Feb 2017 23:00:03 +0100 |
mod_saslauth: Cache logger in local for less typing
|
Kim Alvefur |
Wed, 15 Feb 2017 22:59:19 +0100 |
core.sessionmanager, mod_saslauth: Introduce intermediate session type for authenticated but unbound sessions so that resource binding is not treated as a normal stanza
|
Kim Alvefur |
Tue, 13 Dec 2016 18:15:17 +0100 |
mod_saslauth: Disable DIGEST-MD5 by default (closes #515)
|
Kim Alvefur |
Fri, 18 Mar 2016 11:51:58 +0100 |
mod_saslauth: Make it easier to support multiple channel binding methonds
|
Kim Alvefur |
Wed, 19 Nov 2014 14:45:20 +0100 |
mod_saslauth: Break out tls-unique channel binding callback so it is instantiated once
|
Kim Alvefur |
Wed, 19 Nov 2014 14:44:41 +0100 |
mod_saslauth: Keep sasl_handler in a local variable
|
Kim Alvefur |
Wed, 19 Nov 2014 14:37:45 +0100 |
mod_saslauth: Better name for config option
|
Kim Alvefur |
Tue, 21 Oct 2014 16:41:28 +0200 |
mod_saslauth: Make it possible to disable certain mechanisms
|
Kim Alvefur |
Tue, 21 Oct 2014 14:38:40 +0200 |
mod_saslauth: Add LOGIN to mechanisms not allowed over unencrypted connections as it may be offered by 3rd party authentication plugins
|
Kim Alvefur |
Tue, 21 Oct 2014 14:37:05 +0200 |
mod_saslauth: Use a configurable set of mechanisms to not allow over unencrypted connections
|
Kim Alvefur |
Tue, 21 Oct 2014 14:35:32 +0200 |
mod_saslauth: Log warning if no SASL mechanisms were offered
|
Kim Alvefur |
Tue, 21 Oct 2014 12:57:56 +0200 |
mod_saslauth: Use type-specific config option getters
|
Kim Alvefur |
Tue, 21 Oct 2014 12:56:19 +0200 |
mod_legacyauth, mod_saslauth, mod_tls: Pass require_encryption as default option to s2s_require_encryption so the later overrides the former
|
Kim Alvefur |
Tue, 21 Oct 2014 12:49:03 +0200 |
mod_saslauth: Fix encoding of missing vs empty SASL reply messages
|
Kim Alvefur |
Tue, 23 Sep 2014 19:46:29 +0200 |
mod_saslauth: Stricter SASL EXTERNAL handling more in line with XEP-0178
|
Kim Alvefur |
Tue, 23 Sep 2014 19:29:14 +0200 |
mod_dialback, mod_saslauth: Remove broken fallback to dialback on SASL EXTERNAL failure
|
Kim Alvefur |
Tue, 23 Sep 2014 14:23:01 +0200 |
mod_lastactivity, mod_legacyauth, mod_presence, mod_saslauth, mod_tls: Use the newer stanza:get_child APIs and optimize away some table lookups
|
Kim Alvefur |
Fri, 04 Jul 2014 22:52:34 +0200 |
Merge 0.9->0.10
|
Kim Alvefur |
Tue, 25 Mar 2014 19:16:38 +0100 |
mod_saslauth: Only do c2s SASL on normal VirtualHosts
|
Kim Alvefur |
Sat, 22 Mar 2014 12:41:38 +0100 |
mod_saslauth: Make sure sasl handler has add_cb_handler (fixes #392)
|
Kim Alvefur |
Wed, 12 Feb 2014 19:25:15 +0100 |
mod_saslauth: Collect data for channel binding only if we know for sure that the stream is encrypted
|
Kim Alvefur |
Mon, 07 Oct 2013 12:56:21 +0200 |
Merge Tobias SCRAM-PLUS work
|
Kim Alvefur |
Sun, 22 Sep 2013 00:44:20 +0200 |
mod_saslauth: Check whether LuaSec supports getpeerfinished() binding.
|
Tobias Markmann |
Mon, 17 Jan 2011 16:50:21 +0100 |
mod_saslauth: Add channel binding handler for tls-unique channel binding.
|
Tobias Markmann |
Mon, 17 Jan 2011 16:50:21 +0100 |
mod_saslauth: Set secure socket as SASL object user data for secure sessions.
|
Tobias Markmann |
Mon, 17 Jan 2011 16:50:21 +0100 |
Remove all trailing whitespace
|
Florian Zeitz |
Fri, 09 Aug 2013 17:48:21 +0200 |
mod_saslauth, mod_compression: Fix some cases where open_stream() was not being passed to/from (see df3c78221f26 and issue #338)
|
Matthew Wild |
Mon, 29 Apr 2013 10:43:44 +0100 |
s2smanager, mod_s2s, mod_dialback, mod_saslauth: Move s2smanager.make_authenticated() to mod_s2s, and plugins now signal authentication via the s2s-authenticated event
|
Matthew Wild |
Fri, 22 Mar 2013 14:18:23 +0000 |
mod_s2s, mod_saslauth, mod_compression: Refactor to have common code for opening streams
|
Kim Alvefur |
Sat, 16 Mar 2013 17:46:43 +0100 |
mod_saslauth: Pass session to usermanager.get_sasl_handler()
|
Matthew Wild |
Wed, 04 Jul 2012 23:44:13 +0100 |
mod_saslauth: Remove unused declaration of xmlns_stanzas
|
Matthew Wild |
Sat, 28 Apr 2012 03:05:35 +0100 |
mod_saslauth: Remove useless import of, and call to nodeprep.
|
Kim Alvefur |
Sun, 12 Feb 2012 15:14:35 +0100 |
mod_saslauth: Fire authentication-failure if make_authenticated() failed.
|
Kim Alvefur |
Sun, 12 Feb 2012 15:08:12 +0100 |
mod_saslauth: Move authentication-success event to after session has been made authenticated.
|
Kim Alvefur |
Sun, 12 Feb 2012 15:05:31 +0100 |
mod_saslauth: "" ~= nil (thanks, Zash!)
|
Paul Aurich |
Tue, 24 Jan 2012 14:57:53 -0800 |
mod_saslauth: Never send empty <mechanisms/>, for real this time.
|
Waqas Hussain |
Thu, 13 Oct 2011 00:24:09 +0500 |
mod_saslauth: Never send empty <mechanisms/>.
|
Waqas Hussain |
Thu, 13 Oct 2011 00:10:02 +0500 |
mod_saslauth: Fire authentication-success and authentication-failure events (thanks scitor)
|
Matthew Wild |
Mon, 29 Aug 2011 12:01:42 -0400 |
Merge 0.8->trunk
|
Matthew Wild |
Thu, 06 Jan 2011 14:46:59 +0000 |
mod_saslauth: Remove special handling for SASL ANONYMOUS, and let mod_auth_anonymous handle it.
|
Waqas Hussain |
Tue, 28 Dec 2010 05:28:15 +0500 |
util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks.
|
Waqas Hussain |
Mon, 27 Dec 2010 19:57:04 +0500 |
mod_saslauth: Handle session bind requests to the host, fixes OneTeam login
|
Matthew Wild |
Fri, 24 Dec 2010 18:54:54 +0000 |
mod_saslauth: Remove special handling for SASL ANONYMOUS, and let mod_auth_anonymous handle it.
|
Waqas Hussain |
Tue, 28 Dec 2010 05:28:15 +0500 |
util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks.
|
Waqas Hussain |
Mon, 27 Dec 2010 19:57:04 +0500 |
mod_saslauth: Handle session bind requests to the host, fixes OneTeam login
|
Matthew Wild |
Fri, 24 Dec 2010 18:54:54 +0000 |
core.s2smanager, mod_console, mod_saslauth, util.certverification: rename util.certverification to util.x509
|
Kim Alvefur |
Sun, 12 Dec 2010 02:03:32 +0100 |
s2s: SASL EXTERNAL
|
Paul Aurich |
Sun, 21 Nov 2010 21:10:43 -0800 |
mod_saslauth: Allow restarting SASL negotiation from scratch.
|
Waqas Hussain |
Tue, 02 Nov 2010 22:23:07 +0500 |
mod_saslauth: Separated processing of <auth/> and <response/> elements, and return proper error on out-of-order <response/> elements.
|
Waqas Hussain |
Tue, 02 Nov 2010 22:05:19 +0500 |
mod_saslauth: Moved SASL mechanism selection and CDATA handling into separate functions.
|
Waqas Hussain |
Tue, 02 Nov 2010 21:19:50 +0500 |
mod_saslauth: Handle SASL <abort/> properly.
|
Waqas Hussain |
Tue, 02 Nov 2010 15:07:25 +0500 |
mod_saslauth: Updated to use the new events API.
|
Waqas Hussain |
Sat, 16 Oct 2010 07:18:01 +0500 |
mod_saslauth: Improved logging a bit.
|
Waqas Hussain |
Sat, 16 Oct 2010 05:16:45 +0500 |
mod_saslauth: Updated to use the new events API.
|
Waqas Hussain |
Sat, 16 Oct 2010 05:03:00 +0500 |
mod_saslauth, mod_auth_cyrus, util.sasl_cyrus: Moved cyrus account provisioning check out of mod_saslauth.
|
Waqas Hussain |
Mon, 23 Aug 2010 16:54:56 +0500 |
mod_saslauth: Get rid of the sasl_backend option (use auth modules instead).
|
Waqas Hussain |
Mon, 23 Aug 2010 16:28:06 +0500 |
mod_saslauth: Get rid of most Cyrus SASL related code (use authentication='cyrus' instead).
|
Waqas Hussain |
Mon, 23 Aug 2010 16:22:58 +0500 |
mod_saslauth: Fixed a nil global access.
|
Waqas Hussain |
Sat, 31 Jul 2010 15:16:15 +0500 |
mod_saslauth: Check for unencrypted PLAIN auth in mod_saslauth instead of the SASL handler (makes it work for Cyrus SASL).
|
Waqas Hussain |
Sat, 31 Jul 2010 13:55:46 +0500 |
mod_saslauth: Move mandatory encryption enforcement to before sasl_handler:select().
|
Waqas Hussain |
Sat, 31 Jul 2010 13:49:22 +0500 |
mod_saslauth: Got rid of undocumented and useless 'sasl_realm' config option (was only used for anonymous auth, and that didn't make sense).
|
Waqas Hussain |
Sun, 18 Jul 2010 17:50:38 +0500 |
mod_saslauth: Cleaned up unused requires.
|
Waqas Hussain |
Sat, 17 Jul 2010 19:02:56 +0500 |
mod_saslauth: A little cleanup for anonymous_login.
|
Waqas Hussain |
Sat, 17 Jul 2010 18:58:25 +0500 |
SASL: Simplified sasl_handler:mechanisms() to return a set, and not an array.
|
Waqas Hussain |
Wed, 14 Jul 2010 19:56:57 +0500 |
mod_saslauth: Rename variable 'aret' to 'ok' as per convention
|
Matthew Wild |
Mon, 12 Jul 2010 16:44:56 +0100 |
Merge 0.7->trunk
|
Matthew Wild |
Sat, 12 Jun 2010 02:39:18 +0100 |
mod_saslauth: Return proper error on invalid usernames.
|
Waqas Hussain |
Fri, 11 Jun 2010 21:01:17 +0500 |
mod_saslauth: Updated to use usermanager.get_sasl_handler.
|
Waqas Hussain |
Mon, 07 Jun 2010 02:40:14 +0500 |
mod_saslauth: Fix log level
|
Matthew Wild |
Fri, 04 Jun 2010 13:55:39 +0100 |
Correct out of order logic in mod_hashpassauth
|
Jeff Mitchell |
Fri, 28 May 2010 14:47:32 -0400 |
Check in mod_hashpassauth -- works!
|
Jeff Mitchell |
Wed, 26 May 2010 18:16:58 -0400 |
mod_saslauth: Split out cyrus SASL config options into locals, and add support for cyrus_application_name (default: 'prosody')
|
Matthew Wild |
Thu, 20 May 2010 11:51:55 +0100 |