From f994abaed6dbd21b40ecef0aec2f5ab3c6a521b9 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Mon, 23 Nov 2020 21:42:52 +0100 Subject: mod_saslauth: Disable 'tls-unique' channel binding with TLS 1.3 (closes #1542) The 'tls-unique' channel binding is undefined in TLS 1.3 according to a single sentence in parenthesis in Apendix C of RFC 8446 This may trigger downgrade protection in clients that were expecting channel binding to be available. --- plugins/mod_saslauth.lua | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'plugins/mod_saslauth.lua') diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index fba84ef8..333640fc 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -252,7 +252,10 @@ module:hook("stream-features", function(event) -- FIXME: would be nice to have this check only once and not for every socket if sasl_handler.add_cb_handler then local socket = origin.conn:socket(); - if socket.getpeerfinished then + local info = socket.info and socket:info(); + if info.protocol == "TLSv1.3" then + log("debug", "Channel binding 'tls-unique' undefined in context of TLS 1.3"); + elseif socket.getpeerfinished then sasl_handler:add_cb_handler("tls-unique", tls_unique); end sasl_handler["userdata"] = { -- cgit v1.2.3 From fe88da311425cd035eba27a363921175756d7d5d Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Mon, 23 Nov 2020 21:52:46 +0100 Subject: mod_saslauth: Only advertise channel binding if a finished message is available In some cases this method returns nothing, unclear why. --- plugins/mod_saslauth.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/mod_saslauth.lua') diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index 333640fc..e8bca7c3 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -255,7 +255,7 @@ module:hook("stream-features", function(event) local info = socket.info and socket:info(); if info.protocol == "TLSv1.3" then log("debug", "Channel binding 'tls-unique' undefined in context of TLS 1.3"); - elseif socket.getpeerfinished then + elseif socket.getpeerfinished and socket:getpeerfinished() then sasl_handler:add_cb_handler("tls-unique", tls_unique); end sasl_handler["userdata"] = { -- cgit v1.2.3