--- a/plugins/mod_saslauth.lua Mon Nov 23 20:39:47 2020 +0000
+++ b/plugins/mod_saslauth.lua Mon Nov 23 21:56:26 2020 +0100
@@ -260,7 +260,10 @@
-- FIXME: would be nice to have this check only once and not for every socket
if sasl_handler.add_cb_handler then
local socket = origin.conn:socket();
- if socket.getpeerfinished then
+ local info = socket.info and socket:info();
+ if info.protocol == "TLSv1.3" then
+ log("debug", "Channel binding 'tls-unique' undefined in context of TLS 1.3");
+ elseif socket.getpeerfinished and socket:getpeerfinished() then
log("debug", "Channel binding 'tls-unique' supported");
sasl_handler:add_cb_handler("tls-unique", tls_unique);
else