aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2020-11-23 21:42:52 +0100
committerKim Alvefur <zash@zash.se>2020-11-23 21:42:52 +0100
commitb62216fab3d49402161f55e12791e716292245c6 (patch)
tree1a4da0d3d9c25be4b6cd838bbfc8eb6b47027d18
parenta247cea4dfd98a09f78b5b5bcc2c832e7583b887 (diff)
downloadprosody-b62216fab3d49402161f55e12791e716292245c6.tar.gz
prosody-b62216fab3d49402161f55e12791e716292245c6.zip
mod_saslauth: Disable 'tls-unique' channel binding with TLS 1.3 (closes #1542)
The 'tls-unique' channel binding is undefined in TLS 1.3 according to a single sentence in parenthesis in Apendix C of RFC 8446 This may trigger downgrade protection in clients that were expecting channel binding to be available.
-rw-r--r--plugins/mod_saslauth.lua5
1 files changed, 4 insertions, 1 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index fba84ef8..333640fc 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -252,7 +252,10 @@ module:hook("stream-features", function(event)
-- FIXME: would be nice to have this check only once and not for every socket
if sasl_handler.add_cb_handler then
local socket = origin.conn:socket();
- if socket.getpeerfinished then
+ local info = socket.info and socket:info();
+ if info.protocol == "TLSv1.3" then
+ log("debug", "Channel binding 'tls-unique' undefined in context of TLS 1.3");
+ elseif socket.getpeerfinished then
sasl_handler:add_cb_handler("tls-unique", tls_unique);
end
sasl_handler["userdata"] = {