Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | mod_saslauth: Advertise correct set of mechanisms | Kim Alvefur | 2019-12-02 | 1 | -1/+1 |
| | | | | | | | | | Mistakenly iterates over the set of all supported mechanisms instead of the one without insecure mechanisms if the connection is insecure. Not a problem if c2s_require_encryption is true Introduced in 56a0f68b7797 | ||||
* | mod_saslauth: Demote "no SASL mechanisms" error back to warning | Kim Alvefur | 2019-10-15 | 1 | -4/+4 |
| | | | | | This gets printed before TLS if c2s_require_encryption = false, in which case it is just annoying. | ||||
* | mod_saslauth: Improve logging of why no SASL mechanisms were offered | Kim Alvefur | 2019-10-15 | 1 | -6/+18 |
| | |||||
* | mod_saslauth: Use the power of Set Theory to mange sets of SASL mechanisms | Kim Alvefur | 2019-10-15 | 1 | -6/+24 |
| | | | | This makes sets of excluded mechanisms easily available for use later. | ||||
* | mod_saslauth: Log (debug) messages about channel binding | Kim Alvefur | 2019-10-15 | 1 | -0/+5 |
| | |||||
* | mod_saslauth: Remove useless debug log line | Kim Alvefur | 2019-10-13 | 1 | -1/+0 |
| | | | | | | Fairly useless to only log half of SASL messages. Use mod_stanza_debug instead to get the full exchange. | ||||
* | mod_saslauth: Remove commented-out debug log line | Kim Alvefur | 2019-10-13 | 1 | -1/+0 |
| | |||||
* | plugins: Remove tostring call from logging | Kim Alvefur | 2019-07-30 | 1 | -2/+1 |
| | | | | | | Taken care of by loggingmanager now Mass-rewrite using lua pattern like `tostring%b()` | ||||
* | Fix various spelling mistakes [codespell] | Kim Alvefur | 2019-05-03 | 1 | -1/+1 |
| | |||||
* | mod_saslauth: Improve log message when no SASL mechanisms offered (thanks hexa) | Kim Alvefur | 2018-11-24 | 1 | -1/+2 |
| | |||||
* | mod_saslauth: Ignore unused argument [luacheck] | Kim Alvefur | 2018-02-04 | 1 | -1/+1 |
| | |||||
* | mod_saslauth: Use renamed API for hooking non-stanzas | Kim Alvefur | 2018-02-04 | 1 | -1/+1 |
| | |||||
* | mod_saslauth: Pass SASL EXTERNAL failure reason on to be used in error bounces | Kim Alvefur | 2018-02-04 | 1 | -1/+2 |
| | |||||
* | mod_saslauth: Close connection if no fallback kicks in on SASL EXTERNAL failure | Kim Alvefur | 2018-02-04 | 1 | -1/+3 |
| | |||||
* | Backed out changeset 89c42aff8510: The problem in ejabberd has reportedly ↵ | Kim Alvefur | 2018-02-04 | 1 | -2/+4 |
| | | | | been resolved and this change causes more problems than it solves (fixes #1006) | ||||
* | mod_saslauth: Log which mechanisms are offered | Kim Alvefur | 2017-12-21 | 1 | -0/+1 |
| | |||||
* | mod_saslauth: Remove unused argument [luacheck] | Kim Alvefur | 2017-04-01 | 1 | -1/+1 |
| | |||||
* | mod_saslauth: Fix typoed variable name [luacheck] | Kim Alvefur | 2017-03-06 | 1 | -1/+1 |
| | |||||
* | mod_saslauth: Switch to hook_tag from hook_stanza which was renamed in ↵ | Kim Alvefur | 2017-03-06 | 1 | -3/+3 |
| | | | | 2087d42f1e77 | ||||
* | Merge 0.9->0.10 | Kim Alvefur | 2017-03-02 | 1 | -2/+13 |
|\ | |||||
| * | mod_saslauth: Log SASL failure reason | Kim Alvefur | 2017-03-02 | 1 | -2/+13 |
| | | |||||
* | | mod_saslauth: Ignore shadowing of logger [luacheck] | Kim Alvefur | 2017-02-15 | 1 | -1/+1 |
| | | |||||
* | | mod_saslauth: Improve logging as to why when SASL is not offered | Kim Alvefur | 2017-02-15 | 1 | -3/+11 |
| | | |||||
* | | mod_saslauth: Cache logger in local for less typing | Kim Alvefur | 2017-02-15 | 1 | -1/+2 |
| | | |||||
* | | core.sessionmanager, mod_saslauth: Introduce intermediate session type for ↵ | Kim Alvefur | 2016-12-13 | 1 | -1/+1 |
| | | | | | | | | authenticated but unbound sessions so that resource binding is not treated as a normal stanza | ||||
* | | mod_saslauth: Disable DIGEST-MD5 by default (closes #515) | Kim Alvefur | 2016-03-18 | 1 | -1/+1 |
| | | |||||
* | | mod_saslauth: Make it easier to support multiple channel binding methonds | Kim Alvefur | 2014-11-19 | 1 | -2/+4 |
| | | |||||
* | | mod_saslauth: Break out tls-unique channel binding callback so it is ↵ | Kim Alvefur | 2014-11-19 | 1 | -5/+10 |
| | | | | | | | | instantiated once | ||||
* | | mod_saslauth: Keep sasl_handler in a local variable | Kim Alvefur | 2014-11-19 | 1 | -5/+6 |
| | | |||||
* | | mod_saslauth: Better name for config option | Kim Alvefur | 2014-10-21 | 1 | -1/+1 |
| | | |||||
* | | mod_saslauth: Make it possible to disable certain mechanisms | Kim Alvefur | 2014-10-21 | 1 | -1/+5 |
| | | |||||
* | | mod_saslauth: Add LOGIN to mechanisms not allowed over unencrypted ↵ | Kim Alvefur | 2014-10-21 | 1 | -1/+1 |
| | | | | | | | | connections as it may be offered by 3rd party authentication plugins | ||||
* | | mod_saslauth: Use a configurable set of mechanisms to not allow over ↵ | Kim Alvefur | 2014-10-21 | 1 | -2/+3 |
| | | | | | | | | unencrypted connections | ||||
* | | mod_saslauth: Log warning if no SASL mechanisms were offered | Kim Alvefur | 2014-10-21 | 1 | -1/+5 |
| | | |||||
* | | mod_saslauth: Use type-specific config option getters | Kim Alvefur | 2014-10-21 | 1 | -2/+2 |
| | | |||||
* | | mod_legacyauth, mod_saslauth, mod_tls: Pass require_encryption as default ↵ | Kim Alvefur | 2014-10-21 | 1 | -1/+1 |
| | | | | | | | | option to s2s_require_encryption so the later overrides the former | ||||
* | | mod_saslauth: Fix encoding of missing vs empty SASL reply messages | Kim Alvefur | 2014-09-23 | 1 | -7/+7 |
| | | |||||
* | | mod_saslauth: Stricter SASL EXTERNAL handling more in line with XEP-0178 | Kim Alvefur | 2014-09-23 | 1 | -51/+30 |
| | | |||||
* | | mod_dialback, mod_saslauth: Remove broken fallback to dialback on SASL ↵ | Kim Alvefur | 2014-09-23 | 1 | -4/+2 |
| | | | | | | | | EXTERNAL failure | ||||
* | | mod_lastactivity, mod_legacyauth, mod_presence, mod_saslauth, mod_tls: Use ↵ | Kim Alvefur | 2014-07-04 | 1 | -1/+1 |
| | | | | | | | | the newer stanza:get_child APIs and optimize away some table lookups | ||||
* | | Merge 0.9->0.10 | Kim Alvefur | 2014-03-25 | 1 | -1/+1 |
|\| | |||||
| * | mod_saslauth: Only do c2s SASL on normal VirtualHosts | Kim Alvefur | 2014-03-22 | 1 | -1/+1 |
| | | |||||
* | | mod_saslauth: Make sure sasl handler has add_cb_handler (fixes #392) | Kim Alvefur | 2014-02-12 | 1 | -1/+1 |
| | | |||||
* | | mod_saslauth: Collect data for channel binding only if we know for sure that ↵ | Kim Alvefur | 2013-10-07 | 1 | -1/+1 |
| | | | | | | | | the stream is encrypted | ||||
* | | Merge Tobias SCRAM-PLUS work | Kim Alvefur | 2013-09-22 | 1 | -0/+10 |
|\ \ | |||||
| * | | mod_saslauth: Check whether LuaSec supports getpeerfinished() binding. | Tobias Markmann | 2011-01-17 | 1 | -4/+8 |
| | | | |||||
| * | | mod_saslauth: Add channel binding handler for tls-unique channel binding. | Tobias Markmann | 2011-01-17 | 1 | -1/+3 |
| | | | |||||
| * | | mod_saslauth: Set secure socket as SASL object user data for secure sessions. | Tobias Markmann | 2011-01-17 | 1 | -0/+4 |
| | | | |||||
* | | | Remove all trailing whitespace | Florian Zeitz | 2013-08-09 | 1 | -1/+1 |
| |/ |/| | |||||
* | | mod_saslauth, mod_compression: Fix some cases where open_stream() was not ↵ | Matthew Wild | 2013-04-29 | 1 | -1/+1 |
| | | | | | | | | being passed to/from (see df3c78221f26 and issue #338) |