mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-05 14:17:37 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
12535 commits 12 branches 101 tags 40 MiB
Commit graph

80 commits

Author SHA1 Message Date
Kim Alvefur
4261dc1d80 mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438 
More security for less pain than switching to SCRAM-SHA-256

The XEP will likely be change to reference the RFC that will probably
come from draft-ietf-kitten-password-storage once it is ready, and then
we should update to follow that.
 2021-12-26 16:51:04 +01:00
Matthew Wild
aa0b6f765a util.sasl.scram: Store username property rather than cached local (#399) 
This should allow modules to override the username in a profile handler by
assigning to self.username.
 2021-12-07 16:23:23 +00:00
Kim Alvefur
203b48b127 util.sasl.scram: Use util.strbitop for XOR step 2019-09-07 13:38:02 +02:00
Kim Alvefur
e083756418 Merge 0.11->trunk 2020-06-06 00:54:28 +02:00
Kim Alvefur
5dd049acf0 util.sasl.scram: Apply saslprep before hashing password, fixes #1560 2020-05-22 20:59:01 +02:00
Kim Alvefur
23ae3a4ada util.sasl.scram: Mention if clients try PLUS without channel binding 
This isn't normal, but is it invalid? Likely a client bug in any case.
 2020-04-26 14:31:43 +02:00
Kim Alvefur
6890707e43 util.sasl.scram: Ignore unused authzid variable (strict lint) 
It would be nice if authzid was passed down into the stack and could be
used by plugins for things.
 2019-12-09 16:39:48 +01:00
Kim Alvefur
2da7971cb5 util.sasl.scram: Avoid implicit coersion of number to string 
Lua can be compiled without coercion, which would cause an error here.
 2019-10-06 16:07:26 +02:00
Kim Alvefur
a4f4107e5a util.sasl.scram: Fix old API 
This function is not directly used by anything in Prosody anymore and
should be considered deprecated.
 2019-09-29 21:12:46 +02:00
Kim Alvefur
49e8cbabff util.sasl.scram: Add support for SCRAM-SHA-256 2019-01-13 14:02:29 +01:00
Kim Alvefur
73acfb61b4 util.sasl.scram: Factor out SHA-1 specific getAuthenticationDatabaseSHA1 
This makes the code more generic, allowing SHA-1 to be replaced
 2019-01-13 14:01:31 +01:00
Kim Alvefur
3ec060fc0c Fix spelling throughout the codebase [codespell] 2018-02-04 01:51:25 +01:00
Kim Alvefur
43b814a83b vairious: Add annotation when an empty environment is set [luacheck] 2018-02-28 20:06:26 +01:00
Kim Alvefur
1438a38845 util: Various minor changes to please [luacheck] 2017-11-10 05:42:32 +01:00
Kim Alvefur
c510e41dc8 util.sasl.plain,scram: Record username in sasl state earlier 2017-04-19 06:47:02 +02:00
Kim Alvefur
47450a0eff util.sasl.scram: Rename variable in places missed in 65e36b81d56a (thanks mt) 2016-02-28 20:01:13 +01:00
Kim Alvefur
e5cf84bdcd util.sasl.scram: Remove unused initial value [luacheck] 2016-02-28 19:26:45 +01:00
Kim Alvefur
cedba44c5a util.sasl.scram: Rename variable to avoid name clash [luacheck] 2016-02-28 19:26:14 +01:00
Kim Alvefur
d27a11e4cf util.sasl.scram: Get rid of module call 2015-04-07 23:26:32 +02:00
Kim Alvefur
e82a638911 util.sasl.scram: Rename variable for clarity 2013-10-13 01:43:04 +02:00
Kim Alvefur
5ee9fb684a util.sasl.scram: Cache profile name instead of concatenating when used 2013-10-13 01:36:28 +02:00
Kim Alvefur
d2c0175023 util.sasl.scram: Rewrite patterns and capture client-first-message-bare, client-final-message-without-proof 2013-10-13 01:14:21 +02:00
Kim Alvefur
f08c618d05 util.sasl.scram: Create the state table as late as possible, keep state in locals for faster access 2013-10-13 00:29:47 +02:00
Kim Alvefur
9f9050e590 util.sasl.scram: Compare gs2-header to cbind-input (Thanks Tobias) 2013-10-12 21:15:36 +02:00
Kim Alvefur
8f5b133c60 util.sasl.scram: Remove unused function and import 2013-10-06 23:17:05 +02:00
Kim Alvefur
d5dc3c96f7 util.sasl.scram: Simplify validation of client-first-message 2013-09-22 04:29:27 +02:00
Kim Alvefur
3d137b760e Merge Tobias SCRAM-PLUS work 2013-09-22 00:44:20 +02:00
Florian Zeitz
1d833bb807 Remove all trailing whitespace 2013-08-09 17:48:21 +02:00
Florian Zeitz
b6199cf81a util.hashes, util.sasl.scram: Implement SCRAM-SHA1's Hi in C 2013-04-28 02:28:42 +02:00
Florian Zeitz
1dc0a831cf util.hmac, util.hashes: Implement HMAC functions in C, and move to util.hashes 2013-04-27 17:01:31 +02:00
Waqas Hussain
c0d4c641f3 util.sasl.{plain,scram,digest-md5}: nodeprep username before passing to callbacks, so callbacks don't have to. 2013-01-22 08:21:05 +05:00
Waqas Hussain
00d4f386b9 util.sasl.scram: Return proper error and don't touch datastores on empty username. 2011-08-31 23:24:13 +05:00
Tobias Markmann
0a2715f365 Only advertise mechanisms needing channel binding if a channel binding backend is avaliable. 2011-02-07 13:24:42 +01:00
Tobias Markmann
f575f1eb40 sasl.util.scarm: Rearrage some code so it makes more sense. 2011-02-06 13:39:32 +01:00
Tobias Markmann
051ca76fbe util.sasl.scram: Checking the GS2 header for valid start flag. 2011-02-06 13:20:17 +01:00
Tobias Markmann
bd085514c5 util.sasl.scram: Remove some debugging output. 2011-01-17 16:50:21 +01:00
Tobias Markmann
dd1571b390 util.sasl.scram: Adding reference to RFC 5929 'Channel Bindings for TLS'. 2011-01-17 16:50:21 +01:00
Tobias Markmann
9e938f0e7c util.sasl.scram: Validate channel binding data of client final message. 2011-01-17 16:50:21 +01:00
Tobias Markmann
e7a1979725 util.sasl.scram: Use self.profile.cb for detection whether channel binding is supported or not. 2011-01-17 16:50:21 +01:00
Tobias Markmann
1e72875d52 Check whether we support the proposed channel binding type. 2011-01-15 17:59:15 +01:00
Tobias Markmann
b73cbae8a5 Adding some code for channel binding advertising. 2011-01-12 21:29:37 +01:00
Waqas Hussain
aa144af70e util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks. 2010-12-27 19:57:04 +05:00
Tobias Markmann
35a4dcd422 util.sasl.scram: Fix bug in validate_username function. (Thanks Florob) 2011-02-24 18:56:19 +01:00
Matthew Wild
42e80ba893 util.sasl.*: Add 'sasl.' prefix to module names 2011-01-11 05:30:55 +00:00
Waqas Hussain
1865c2454b util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks. 2010-12-27 19:57:04 +05:00
Waqas Hussain
b7e51a203d Monster whitespace commit (beware the whitespace monster). 2010-10-16 23:00:42 +05:00
Waqas Hussain
3963ffb2ce util.sasl.scram: Made function Hi public. 2010-07-26 01:00:46 +05:00
Tobias Markmann
ed7bac60e1 util.sasl.scram: Reference actual RFC instead of the draft. 2010-07-15 21:14:07 +02:00
Tobias Markmann
b31120775b util.sasl.scram: Authenticate clients by calculated StoredKey instead of ClientProof. 2010-06-08 11:00:26 +02:00
Tobias Markmann
9e9c409297 mod_auth_internal_hashed: Store StoredKey and ServerKey instead of salted hashed password. 2010-06-08 10:47:55 +02:00