Mercurial > prosody-modules
annotate mod_sasl_ssdp/mod_sasl_ssdp.lua @ 5853:97c9b76867ca
mod_log_ringbuffer: Detach event handlers on logging reload (thanks Menel)
Otherwise the global event handlers accumulate, one added each time
logging is reoladed, and each invocation of the signal or event triggers
one dump of each created ringbuffer.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 03 Mar 2024 11:23:40 +0100 |
| parents | bb51cf204dd4 |
| children |
| rev | line source |
|---|---|
|
5773
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local array = require "util.array"; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local hashes = require "util.hashes"; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local it = require "util.iterators"; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local base64_enc = require "util.encodings".base64.encode; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local hash_functions = { |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 ["SCRAM-SHA-1"] = hashes.sha1; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 ["SCRAM-SHA-1-PLUS"] = hashes.sha1; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 ["SCRAM-SHA-256"] = hashes.sha256; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 ["SCRAM-SHA-256-PLUS"] = hashes.sha256; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 }; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 function add_ssdp_info(event) |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 local sasl_handler = event.session.sasl_handler; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 local hash = hash_functions[sasl_handler.selected]; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 if not hash then |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 module:log("debug", "Not enabling SSDP for unsupported mechanism: %s", sasl_handler.selected); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 return; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 end |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 local mechanism_list = array.collect(it.keys(sasl_handler:mechanisms())):sort(); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 local cb = sasl_handler.profile.cb; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 local cb_list = cb and array.collect(it.keys(cb)):sort(); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 local ssdp_string; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 if cb_list then |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 ssdp_string = mechanism_list:concat(",").."|"..cb_list:concat(","); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 else |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 ssdp_string = mechanism_list:concat(","); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 end |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 module:log("debug", "Calculated SSDP string: %s", ssdp_string); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 event.message = event.message..",d="..base64_enc(hash(ssdp_string)); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 sasl_handler.state.server_first_message = event.message; |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 end |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 |
|
5819
bb51cf204dd4
mod_sasl_ssdp: Fix event name so legacy SASL works correctly (thanks Martin!)
Matthew Wild <mwild1@gmail.com>
parents:
5773
diff
changeset
|
34 module:hook("sasl/c2s/challenge", add_ssdp_info, 1); |
|
5773
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 module:hook("sasl2/c2s/challenge", add_ssdp_info, 1); |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 |