verse
9f27a2075e9e
util/sasl/scram.lua
Software / code / verse
Comparison
util/sasl/scram.lua @ 454:9f27a2075e9e
util.sasl.scram: Disable 'tls-unique' channel binding on TLS 1.3
See background in https://issues.prosody.im/1542
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 03 Aug 2022 03:06:26 +0200 |
| parent | 453:e60c776b7760 |
| child | 455:753d6983dc45 |
comparison
equal
deleted
inserted
replaced
| 453:e60c776b7760 | 454:9f27a2075e9e |
|---|---|
| 35 return (gsub(str, "[,=]", { [","] = "=2C", ["="] = "=3D" })); | 35 return (gsub(str, "[,=]", { [","] = "=2C", ["="] = "=3D" })); |
| 36 end | 36 end |
| 37 | 37 |
| 38 local function cb(conn) | 38 local function cb(conn) |
| 39 if conn:ssl() then | 39 if conn:ssl() then |
| 40 if sock.getfinished then | 40 local sock = conn:socket(); |
| 41 if sock.info and sock:info().protocol == "TLSv1.3" then | |
| 42 return false | |
| 43 elseif sock.getfinished then | |
| 41 return "p=tls-unique", sock:getfinished(); | 44 return "p=tls-unique", sock:getfinished(); |
| 42 end | 45 end |
| 43 end | 46 end |
| 44 end | 47 end |
| 45 | 48 |
