aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2022-06-01 15:06:59 +0200
committerKim Alvefur <zash@zash.se>2022-06-01 15:06:59 +0200
commit8db7cdc71321f4a367338df87a7e90629e741ff9 (patch)
tree45f40cd893e881f90912c63013cd944ee8ee4a80
parentdabdfc91be04257db5a5aae48cb03bcbfb274425 (diff)
downloadprosody-8db7cdc71321f4a367338df87a7e90629e741ff9.tar.gz
prosody-8db7cdc71321f4a367338df87a7e90629e741ff9.zip
mod_saslauth: Implement RFC 9266 'tls-exporter' channel binding (#1760)
Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier channel binding method being undefined for TLS 1.3, and the increasing deployment of TLS 1.3. See 1bfd238e05ad and #1542 Requires future version of LuaSec, once support for this key material export method is merged. See https://github.com/brunoos/luasec/pull/187
-rw-r--r--CHANGES1
-rw-r--r--doc/doap.xml1
-rw-r--r--net/server_epoll.lua8
-rw-r--r--plugins/mod_saslauth.lua15
4 files changed, 25 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index e1f0854a..48fe37d5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -17,6 +17,7 @@ TRUNK
### Security and authentication
- Advertise supported SASL Channel-Binding types (XEP-0440)
+- Implement RFC 9266 'tls-exporter' channel binding with TLS 1.3
## Removed
diff --git a/doc/doap.xml b/doc/doap.xml
index e767115b..530b9c2c 100644
--- a/doc/doap.xml
+++ b/doc/doap.xml
@@ -60,6 +60,7 @@
<implements rdf:resource="https://www.rfc-editor.org/info/rfc7395"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc7590"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc7673"/>
+ <implements rdf:resource="https://www.rfc-editor.org/info/rfc9266"/>
<implements rdf:resource="https://datatracker.ietf.org/doc/draft-cridland-xmpp-session/">
<!-- since=0.6.0 note=Added in hg:0bbbc9042361 -->
</implements>
diff --git a/net/server_epoll.lua b/net/server_epoll.lua
index a546e1e3..b269bd9c 100644
--- a/net/server_epoll.lua
+++ b/net/server_epoll.lua
@@ -649,6 +649,14 @@ function interface:ssl_peerfinished()
return sock:getpeerfinished();
end
+function interface:ssl_exportkeyingmaterial(label, len, context)
+ local sock = self.conn;
+ if sock.exportkeyingmaterial then
+ return sock:exportkeyingmaterial(label, len, context);
+ end
+end
+
+
function interface:starttls(tls_ctx)
if tls_ctx then self.tls_ctx = tls_ctx; end
self.starttls = false;
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 0b350c74..e94b2d78 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -245,6 +245,15 @@ local function tls_unique(self)
return self.userdata["tls-unique"]:ssl_peerfinished();
end
+local function tls_exporter(conn)
+ if not conn.ssl_exportkeyingmaterial then return end
+ return conn:ssl_exportkeyingmaterial("EXPORTER-Channel-Binding", 32, "");
+end
+
+local function sasl_tls_exporter(self)
+ return tls_exporter(self.userdata["tls-exporter"]);
+end
+
local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' };
local bind_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-bind' };
local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' };
@@ -266,6 +275,11 @@ module:hook("stream-features", function(event)
local info = origin.conn:ssl_info();
if info and info.protocol == "TLSv1.3" then
log("debug", "Channel binding 'tls-unique' undefined in context of TLS 1.3");
+ if tls_exporter(origin.conn) then
+ log("debug", "Channel binding 'tls-exporter' supported");
+ sasl_handler:add_cb_handler("tls-exporter", sasl_tls_exporter);
+ channel_bindings:add("tls-exporter");
+ end
elseif origin.conn.ssl_peerfinished and origin.conn:ssl_peerfinished() then
log("debug", "Channel binding 'tls-unique' supported");
sasl_handler:add_cb_handler("tls-unique", tls_unique);
@@ -275,6 +289,7 @@ module:hook("stream-features", function(event)
end
sasl_handler["userdata"] = {
["tls-unique"] = origin.conn;
+ ["tls-exporter"] = origin.conn;
};
else
log("debug", "Channel binding not supported by SASL handler");