aboutsummaryrefslogtreecommitdiffstats
path: root/util/sasl/scram.lua
Commit message (Collapse)AuthorAgeFilesLines
* util.sasl.scram: Add 'tls-exporter' as recognised channel binding methodKim Alvefur2022-07-271-1/+1
| | | | | The last missing piece of #1760, otherwise SCRAM-SHA-*-PLUS is not actually advertised.
* mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438Kim Alvefur2021-12-261-1/+1
| | | | | | | | More security for less pain than switching to SCRAM-SHA-256 The XEP will likely be change to reference the RFC that will probably come from draft-ietf-kitten-password-storage once it is ready, and then we should update to follow that.
* util.sasl.scram: Store username property rather than cached local (#399)Matthew Wild2021-12-071-1/+1
| | | | | This should allow modules to override the username in a profile handler by assigning to self.username.
* util.sasl.scram: Use util.strbitop for XOR stepKim Alvefur2019-09-071-29/+1
|
* Merge 0.11->trunkKim Alvefur2020-06-061-0/+4
|\
| * util.sasl.scram: Apply saslprep before hashing password, fixes #1560Kim Alvefur2020-05-221-0/+4
| |
* | util.sasl.scram: Mention if clients try PLUS without channel bindingKim Alvefur2020-04-261-2/+6
| | | | | | | | This isn't normal, but is it invalid? Likely a client bug in any case.
* | util.sasl.scram: Ignore unused authzid variable (strict lint)Kim Alvefur2019-12-091-0/+1
| | | | | | | | | | It would be nice if authzid was passed down into the stack and could be used by plugins for things.
* | util.sasl.scram: Avoid implicit coersion of number to stringKim Alvefur2019-10-061-1/+1
| | | | | | | | Lua can be compiled without coercion, which would cause an error here.
* | util.sasl.scram: Fix old APIKim Alvefur2019-09-291-1/+1
| | | | | | | | | | This function is not directly used by anything in Prosody anymore and should be considered deprecated.
* | util.sasl.scram: Add support for SCRAM-SHA-256Kim Alvefur2019-01-131-0/+1
| |
* | util.sasl.scram: Factor out SHA-1 specific getAuthenticationDatabaseSHA1Kim Alvefur2019-01-131-20/+25
|/ | | | This makes the code more generic, allowing SHA-1 to be replaced
* Fix spelling throughout the codebase [codespell]Kim Alvefur2018-02-041-1/+1
|
* vairious: Add annotation when an empty environment is set [luacheck]Kim Alvefur2018-02-281-0/+1
|
* util: Various minor changes to please [luacheck]Kim Alvefur2017-11-101-3/+18
|
* util.sasl.plain,scram: Record username in sasl state earlierKim Alvefur2017-04-191-1/+1
|
* util.sasl.scram: Rename variable in places missed in 65e36b81d56a (thanks mt)Kim Alvefur2016-02-281-2/+2
|
* util.sasl.scram: Remove unused initial value [luacheck]Kim Alvefur2016-02-281-1/+1
|
* util.sasl.scram: Rename variable to avoid name clash [luacheck]Kim Alvefur2016-02-281-5/+5
|
* util.sasl.scram: Get rid of module callKim Alvefur2015-04-071-4/+7
|
* util.sasl.scram: Rename variable for clarityKim Alvefur2013-10-131-7/+7
|
* util.sasl.scram: Cache profile name instead of concatenating when usedKim Alvefur2013-10-131-2/+3
|
* util.sasl.scram: Rewrite patterns and capture client-first-message-bare, ↵Kim Alvefur2013-10-131-5/+6
| | | | client-final-message-without-proof
* util.sasl.scram: Create the state table as late as possible, keep state in ↵Kim Alvefur2013-10-131-41/+40
| | | | locals for faster access
* util.sasl.scram: Compare gs2-header to cbind-input (Thanks Tobias)Kim Alvefur2013-10-121-8/+8
|
* util.sasl.scram: Remove unused function and importKim Alvefur2013-10-061-9/+0
|
* util.sasl.scram: Simplify validation of client-first-messageKim Alvefur2013-09-221-14/+18
|
* Merge Tobias SCRAM-PLUS workKim Alvefur2013-09-221-5/+42
|\
| * Only advertise mechanisms needing channel binding if a channel binding ↵Tobias Markmann2011-02-071-1/+1
| | | | | | | | backend is avaliable.
| * sasl.util.scarm: Rearrage some code so it makes more sense.Tobias Markmann2011-02-061-5/+6
| |
| * util.sasl.scram: Checking the GS2 header for valid start flag.Tobias Markmann2011-02-061-0/+7
| |
| * util.sasl.scram: Remove some debugging output.Tobias Markmann2011-01-171-6/+0
| |
| * util.sasl.scram: Adding reference to RFC 5929 'Channel Bindings for TLS'.Tobias Markmann2011-01-171-0/+4
| |
| * util.sasl.scram: Validate channel binding data of client final message.Tobias Markmann2011-01-171-3/+12
| |
| * util.sasl.scram: Use self.profile.cb for detection whether channel binding ↵Tobias Markmann2011-01-171-3/+3
| | | | | | | | is supported or not.
| * Check whether we support the proposed channel binding type.Tobias Markmann2011-01-151-0/+5
| |
| * Adding some code for channel binding advertising.Tobias Markmann2011-01-121-6/+23
| |
| * util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter ↵Waqas Hussain2010-12-271-2/+2
| | | | | | | | to SASL profile callbacks.
* | Remove all trailing whitespaceFlorian Zeitz2013-08-091-14/+14
| |
* | util.hashes, util.sasl.scram: Implement SCRAM-SHA1's Hi in CFlorian Zeitz2013-04-281-13/+2
| |
* | util.hmac, util.hashes: Implement HMAC functions in C, and move to util.hashesFlorian Zeitz2013-04-271-1/+1
| |
* | util.sasl.{plain,scram,digest-md5}: nodeprep username before passing to ↵Waqas Hussain2013-01-221-2/+8
| | | | | | | | callbacks, so callbacks don't have to.
* | util.sasl.scram: Return proper error and don't touch datastores on empty ↵Waqas Hussain2011-08-311-1/+1
| | | | | | | | username.
* | util.sasl.scram: Fix bug in validate_username function. (Thanks Florob)Tobias Markmann2011-02-241-3/+3
| |
* | util.sasl.*: Add 'sasl.' prefix to module namesMatthew Wild2011-01-111-1/+1
| |
* | util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter ↵Waqas Hussain2010-12-271-2/+2
|/ | | | to SASL profile callbacks.
* Monster whitespace commit (beware the whitespace monster).Waqas Hussain2010-10-161-3/+3
|
* util.sasl.scram: Made function Hi public.Waqas Hussain2010-07-261-1/+1
|
* util.sasl.scram: Reference actual RFC instead of the draft.Tobias Markmann2010-07-151-1/+1
|
* util.sasl.scram: Authenticate clients by calculated StoredKey instead of ↵Tobias Markmann2010-06-081-10/+10
| | | | ClientProof.