prosody-modules: mod_sasl2/mod_sasl2.lua comparison

mod_sasl2: Remove channel binding Does not take into account that 'tls-unique' is "undefined" when using TLS 1.3

comparison

equal deleted inserted replaced

-:b86282953663
+:9d57aa79c5d9
 local insecure_mechanisms = module:get_option_set("insecure_sasl_mechanisms", allow_unencrypted_plain_auth and {} or {"PLAIN", "LOGIN"});
 local disabled_mechanisms = module:get_option_set("disable_sasl_mechanisms", { "DIGEST-MD5" });
 local host = module.host;
-local function tls_unique(self)
-	return self.userdata["tls-unique"]:getpeerfinished();
-end
 module:hook("stream-features", function(event)
 	local origin, features = event.origin, event.features;
 	local log = origin.log or module._log;
 	if origin.type ~= "c2s_unauthed" then
 	local sasl_handler = usermanager_get_sasl_handler(host, origin)
 	origin.sasl_handler = sasl_handler;
 	if sasl_handler.add_cb_handler then
-		local socket = origin.conn:socket();
+		-- FIXME bring back channel binding
-		if socket.getpeerfinished then
-			sasl_handler:add_cb_handler("tls-unique", tls_unique);
-		end
-		sasl_handler["userdata"] = {
-			["tls-unique"] = socket;
-		};
 	end
 	local mechanisms = st.stanza("mechanisms", { xmlns = xmlns_sasl2 });
 	local available_mechanisms = sasl_handler:mechanisms()

Mercurial > prosody-modules