# HG changeset patch # User Kim Alvefur <zash@zash.se> # Date 1659488836 -7200 # Node ID 753d6983dc456c783dd80ecb003598fd6f25e12c # Parent 9f27a2075e9e8e7678470f33ffea0c8c32f3cb45 util.sasl.scram: Add support for 'tls-exporter' channel binding Ref https://issues.prosody.im/1760 diff -r 9f27a2075e9e -r 753d6983dc45 util/sasl/scram.lua --- a/util/sasl/scram.lua Wed Aug 03 03:06:26 2022 +0200 +++ b/util/sasl/scram.lua Wed Aug 03 03:07:16 2022 +0200 @@ -39,7 +39,9 @@ if conn:ssl() then local sock = conn:socket(); if sock.info and sock:info().protocol == "TLSv1.3" then - return false + if sock.exportkeyingmaterial then + return "p=tls-exporter", sock:exportkeyingmaterial("EXPORTER-Channel-Binding", 32, ""); + end elseif sock.getfinished then return "p=tls-unique", sock:getfinished(); end