aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_saslauth.lua
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/mod_saslauth.lua')
-rw-r--r--plugins/mod_saslauth.lua11
1 files changed, 8 insertions, 3 deletions
diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua
index 75bd28ae..4c0a5c1c 100644
--- a/plugins/mod_saslauth.lua
+++ b/plugins/mod_saslauth.lua
@@ -280,16 +280,21 @@ local function tls_server_end_point(self)
end
-- Hash function selection, see RFC 5929 ยง4.1
- local hash = hashes.sha256;
+ local hash, hash_name = hashes.sha256, "sha256";
if cert.getsignaturename then
local sigalg = cert:getsignaturename():lower():match("sha%d+");
if sigalg and sigalg ~= "sha1" and hashes[sigalg] then
-- This should have ruled out MD5 and SHA1
- hash = hashes[sigalg];
+ hash, hash_name = hashes[sigalg], sigalg;
end
end
- return hash(pem2der(cert));
+ local certdata_der = pem2der(cert:pem());
+ local hashed_der = hash(certdata_der);
+
+ module:log("debug", "tls-server-end-point: hex(%s(der)) = %q, hash = %s", hash_name, hex.encode(hashed_der));
+
+ return hashed_der;
end
local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' };