Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Add the user's JID as cdata to the EXTERNAL SASL authentication response. This helps with prosody's mod_auth_ccert. Also, don't register the server part for the EXTERNAL SASL authentication mechaism. Added -cert option with a path to a client certificate. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
a2e1f16d3ed1744cae57db35f7ad079e |
| User & Date: | sgolovan 2016-01-07 10:59:34 |
Context
|
2016-01-11
| ||
| 15:18 | Replace a bunch of control characters by spaces when create XML data to send. check-in: b6a6c2174d user: sgolovan tags: trunk | |
|
2016-01-07
| ||
| 10:59 | Add the user's JID as cdata to the EXTERNAL SASL authentication response. This helps with prosody's mod_auth_ccert. Also, don't register the server part for the EXTERNAL SASL authentication mechaism. Added -cert option with a path to a client certificate. check-in: a2e1f16d3e user: sgolovan tags: trunk | |
|
2016-01-06
| ||
| 13:41 | Added preliminary support for the EXTERNAL SASL authentication mechanism. Since it results in adding -from attribute to the ::xmpp::openStream command, the xmpp package version is bumped to 0.3. check-in: 1c657c8f82 user: sergei tags: trunk | |
Changes
Changes to ChangeLog.
1 2 3 4 5 6 7 | 2016-01-06 Sergei Golovan <sgolovan@nes.ru> * xmpp/pkgIndex.tcl, xmpp/sasl.tcl, xmpp/xmpp.tcl: Added preliminary support for the EXTERNAL SASL authentication mechanism. Since it results in adding -from attribute to the ::xmpp::openStream command, the xmpp package version is bumped to 0.3. | > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | 2016-01-07 Sergei Golovan <sgolovan@nes.ru> * xmpp/sasl.tcl: Add the user's JID as cdata to the EXTERNAL SASL authentication response. This helps with prosody's mod_auth_ccert. Also, don't register the server part for the EXTERNAL SASL authentication mechaism. * examples/jsend.tcl: Added -cert option with a path to a client certificate. 2016-01-06 Sergei Golovan <sgolovan@nes.ru> * xmpp/pkgIndex.tcl, xmpp/sasl.tcl, xmpp/xmpp.tcl: Added preliminary support for the EXTERNAL SASL authentication mechanism. Since it results in adding -from attribute to the ::xmpp::openStream command, the xmpp package version is bumped to 0.3. |
| ︙ | ︙ |
Changes to examples/jsend.tcl.
| ︙ | ︙ | |||
57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
-xhtml "" \
-date "" \
-description "" \
-url "" \
-bosh "" \
-tls false \
-starttls true \
-sasl true \
-digest true]
array set options $args
if {[string equal $options(-host) ""]} {
if {[string first @ $options(-from)] < 0} {
set options(-host) [info hostname]
| > | 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
-xhtml "" \
-date "" \
-description "" \
-url "" \
-bosh "" \
-tls false \
-starttls true \
-cert "" \
-sasl true \
-digest true]
array set options $args
if {[string equal $options(-host) ""]} {
if {[string first @ $options(-from)] < 0} {
set options(-host) [info hostname]
|
| ︙ | ︙ | |||
189 190 191 192 193 194 195 196 197 |
::xmpp::connect $xlib $options(-host) $port \
-transport $transport \
-url $options(-bosh)
if {[string equal $options(-bosh) ""] && !$options(-tls) && $options(-starttls)} {
# Open XMPP stream
set sessionID [::xmpp::openStream $xlib $domain \
-version 1.0]
| > | | 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 |
::xmpp::connect $xlib $options(-host) $port \
-transport $transport \
-url $options(-bosh)
if {[string equal $options(-bosh) ""] && !$options(-tls) && $options(-starttls)} {
# Open XMPP stream
set sessionID [::xmpp::openStream $xlib $domain \
-from [::xmpp::jid::jid $node $domain] \
-version 1.0]
::xmpp::starttls::starttls $xlib -certfile $options(-cert)
::xmpp::sasl::auth $xlib -username $node \
-password $options(-password) \
-resource $resource \
-digest $options(-digest)
} elseif {$options(-sasl)} {
# Open XMPP stream
|
| ︙ | ︙ |
Changes to xmpp/sasl.tcl.
| ︙ | ︙ | |||
45 46 47 48 49 50 51 |
if {[lsearch -exact [::SASL::mechanisms] EXTERNAL] < 0} {
# Register the EXTERNAL SASL authentication mechanism
namespace eval ::SASL::EXTERNAL {
proc client {context challenge args} {
upvar #0 $context ctx
incr ctx(step)
| > | | < < < < < < | < | 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
if {[lsearch -exact [::SASL::mechanisms] EXTERNAL] < 0} {
# Register the EXTERNAL SASL authentication mechanism
namespace eval ::SASL::EXTERNAL {
proc client {context challenge args} {
upvar #0 $context ctx
incr ctx(step)
set username [eval $ctx(callback) [list $context username]]
set realm [eval $ctx(callback) [list $context realm]]
set ctx(response) $username@$realm
return 0
}
::SASL::register EXTERNAL 100 [namespace current]::client
}
}
}
default {
# empty
}
}
|
| ︙ | ︙ | |||
432 433 434 435 436 437 438 439 440 441 442 443 444 445 |
if {!$code} {
set state(mech) $result
SASL::configure $state(token) -mech $state(mech)
switch -glob -- $state(mech) {
SCRAM-* -
PLAIN -
X-GOOGLE-TOKEN {
# Initial responce
set code [catch {SASL::step $state(token) ""} result]
if {!$code} {
set output [SASL::response $state(token)]
}
}
| > | 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 |
if {!$code} {
set state(mech) $result
SASL::configure $state(token) -mech $state(mech)
switch -glob -- $state(mech) {
SCRAM-* -
PLAIN -
EXTERNAL -
X-GOOGLE-TOKEN {
# Initial responce
set code [catch {SASL::step $state(token) ""} result]
if {!$code} {
set output [SASL::response $state(token)]
}
}
|
| ︙ | ︙ |