mod_saslauth: Implement RFC 9266 'tls-exporter' channel binding (#1760)
Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier
channel binding method being undefined for TLS 1.3, and the increasing
deployment of TLS 1.3.
See 1bfd238e05ad and #1542
Requires future version of LuaSec, once support for this key material
export method is merged.
See https://github.com/brunoos/luasec/pull/187
--- a/CHANGES Mon Jul 11 20:02:10 2022 +0200
+++ b/CHANGES Wed Jun 01 15:06:59 2022 +0200
@@ -17,6 +17,7 @@
### Security and authentication
- Advertise supported SASL Channel-Binding types (XEP-0440)
+- Implement RFC 9266 'tls-exporter' channel binding with TLS 1.3
## Removed
--- a/doc/doap.xml Mon Jul 11 20:02:10 2022 +0200
+++ b/doc/doap.xml Wed Jun 01 15:06:59 2022 +0200
@@ -60,6 +60,7 @@
<implements rdf:resource="https://www.rfc-editor.org/info/rfc7395"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc7590"/>
<implements rdf:resource="https://www.rfc-editor.org/info/rfc7673"/>
+ <implements rdf:resource="https://www.rfc-editor.org/info/rfc9266"/>
<implements rdf:resource="https://datatracker.ietf.org/doc/draft-cridland-xmpp-session/">
<!-- since=0.6.0 note=Added in hg:0bbbc9042361 -->
</implements>
--- a/net/server_epoll.lua Mon Jul 11 20:02:10 2022 +0200
+++ b/net/server_epoll.lua Wed Jun 01 15:06:59 2022 +0200
@@ -649,6 +649,14 @@
return sock:getpeerfinished();
end
+function interface:ssl_exportkeyingmaterial(label, len, context)
+ local sock = self.conn;
+ if sock.exportkeyingmaterial then
+ return sock:exportkeyingmaterial(label, len, context);
+ end
+end
+
+
function interface:starttls(tls_ctx)
if tls_ctx then self.tls_ctx = tls_ctx; end
self.starttls = false;
--- a/plugins/mod_saslauth.lua Mon Jul 11 20:02:10 2022 +0200
+++ b/plugins/mod_saslauth.lua Wed Jun 01 15:06:59 2022 +0200
@@ -245,6 +245,15 @@
return self.userdata["tls-unique"]:ssl_peerfinished();
end
+local function tls_exporter(conn)
+ if not conn.ssl_exportkeyingmaterial then return end
+ return conn:ssl_exportkeyingmaterial("EXPORTER-Channel-Binding", 32, "");
+end
+
+local function sasl_tls_exporter(self)
+ return tls_exporter(self.userdata["tls-exporter"]);
+end
+
local mechanisms_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' };
local bind_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-bind' };
local xmpp_session_attr = { xmlns='urn:ietf:params:xml:ns:xmpp-session' };
@@ -266,6 +275,11 @@
local info = origin.conn:ssl_info();
if info and info.protocol == "TLSv1.3" then
log("debug", "Channel binding 'tls-unique' undefined in context of TLS 1.3");
+ if tls_exporter(origin.conn) then
+ log("debug", "Channel binding 'tls-exporter' supported");
+ sasl_handler:add_cb_handler("tls-exporter", sasl_tls_exporter);
+ channel_bindings:add("tls-exporter");
+ end
elseif origin.conn.ssl_peerfinished and origin.conn:ssl_peerfinished() then
log("debug", "Channel binding 'tls-unique' supported");
sasl_handler:add_cb_handler("tls-unique", tls_unique);
@@ -275,6 +289,7 @@
end
sasl_handler["userdata"] = {
["tls-unique"] = origin.conn;
+ ["tls-exporter"] = origin.conn;
};
else
log("debug", "Channel binding not supported by SASL handler");