Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Add the user's JID as cdata to the EXTERNAL SASL authentication response. This helps with prosody's mod_auth_ccert. Also, don't register the server part for the EXTERNAL SASL authentication mechaism. Added -cert option with a path to a client certificate. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
a2e1f16d3ed1744cae57db35f7ad079e |
User & Date: | sgolovan 2016-01-07 10:59:34 |
Context
2016-01-11
| ||
15:18 | Replace a bunch of control characters by spaces when create XML data to send. check-in: b6a6c2174d user: sgolovan tags: trunk | |
2016-01-07
| ||
10:59 | Add the user's JID as cdata to the EXTERNAL SASL authentication response. This helps with prosody's mod_auth_ccert. Also, don't register the server part for the EXTERNAL SASL authentication mechaism. Added -cert option with a path to a client certificate. check-in: a2e1f16d3e user: sgolovan tags: trunk | |
2016-01-06
| ||
13:41 | Added preliminary support for the EXTERNAL SASL authentication mechanism. Since it results in adding -from attribute to the ::xmpp::openStream command, the xmpp package version is bumped to 0.3. check-in: 1c657c8f82 user: sergei tags: trunk | |
Changes
Changes to ChangeLog.
1 2 3 4 5 6 7 | 2016-01-06 Sergei Golovan <sgolovan@nes.ru> * xmpp/pkgIndex.tcl, xmpp/sasl.tcl, xmpp/xmpp.tcl: Added preliminary support for the EXTERNAL SASL authentication mechanism. Since it results in adding -from attribute to the ::xmpp::openStream command, the xmpp package version is bumped to 0.3. | > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | 2016-01-07 Sergei Golovan <sgolovan@nes.ru> * xmpp/sasl.tcl: Add the user's JID as cdata to the EXTERNAL SASL authentication response. This helps with prosody's mod_auth_ccert. Also, don't register the server part for the EXTERNAL SASL authentication mechaism. * examples/jsend.tcl: Added -cert option with a path to a client certificate. 2016-01-06 Sergei Golovan <sgolovan@nes.ru> * xmpp/pkgIndex.tcl, xmpp/sasl.tcl, xmpp/xmpp.tcl: Added preliminary support for the EXTERNAL SASL authentication mechanism. Since it results in adding -from attribute to the ::xmpp::openStream command, the xmpp package version is bumped to 0.3. |
︙ | ︙ |
Changes to examples/jsend.tcl.
︙ | ︙ | |||
57 58 59 60 61 62 63 64 65 66 67 68 69 70 | -xhtml "" \ -date "" \ -description "" \ -url "" \ -bosh "" \ -tls false \ -starttls true \ -sasl true \ -digest true] array set options $args if {[string equal $options(-host) ""]} { if {[string first @ $options(-from)] < 0} { set options(-host) [info hostname] | > | 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 | -xhtml "" \ -date "" \ -description "" \ -url "" \ -bosh "" \ -tls false \ -starttls true \ -cert "" \ -sasl true \ -digest true] array set options $args if {[string equal $options(-host) ""]} { if {[string first @ $options(-from)] < 0} { set options(-host) [info hostname] |
︙ | ︙ | |||
189 190 191 192 193 194 195 196 197 | ::xmpp::connect $xlib $options(-host) $port \ -transport $transport \ -url $options(-bosh) if {[string equal $options(-bosh) ""] && !$options(-tls) && $options(-starttls)} { # Open XMPP stream set sessionID [::xmpp::openStream $xlib $domain \ -version 1.0] | > | | 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 | ::xmpp::connect $xlib $options(-host) $port \ -transport $transport \ -url $options(-bosh) if {[string equal $options(-bosh) ""] && !$options(-tls) && $options(-starttls)} { # Open XMPP stream set sessionID [::xmpp::openStream $xlib $domain \ -from [::xmpp::jid::jid $node $domain] \ -version 1.0] ::xmpp::starttls::starttls $xlib -certfile $options(-cert) ::xmpp::sasl::auth $xlib -username $node \ -password $options(-password) \ -resource $resource \ -digest $options(-digest) } elseif {$options(-sasl)} { # Open XMPP stream |
︙ | ︙ |
Changes to xmpp/sasl.tcl.
︙ | ︙ | |||
45 46 47 48 49 50 51 | if {[lsearch -exact [::SASL::mechanisms] EXTERNAL] < 0} { # Register the EXTERNAL SASL authentication mechanism namespace eval ::SASL::EXTERNAL { proc client {context challenge args} { upvar #0 $context ctx incr ctx(step) | > | | < < < < < < | < | 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 | if {[lsearch -exact [::SASL::mechanisms] EXTERNAL] < 0} { # Register the EXTERNAL SASL authentication mechanism namespace eval ::SASL::EXTERNAL { proc client {context challenge args} { upvar #0 $context ctx incr ctx(step) set username [eval $ctx(callback) [list $context username]] set realm [eval $ctx(callback) [list $context realm]] set ctx(response) $username@$realm return 0 } ::SASL::register EXTERNAL 100 [namespace current]::client } } } default { # empty } } |
︙ | ︙ | |||
432 433 434 435 436 437 438 439 440 441 442 443 444 445 | if {!$code} { set state(mech) $result SASL::configure $state(token) -mech $state(mech) switch -glob -- $state(mech) { SCRAM-* - PLAIN - X-GOOGLE-TOKEN { # Initial responce set code [catch {SASL::step $state(token) ""} result] if {!$code} { set output [SASL::response $state(token)] } } | > | 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 | if {!$code} { set state(mech) $result SASL::configure $state(token) -mech $state(mech) switch -glob -- $state(mech) { SCRAM-* - PLAIN - EXTERNAL - X-GOOGLE-TOKEN { # Initial responce set code [catch {SASL::step $state(token) ""} result] if {!$code} { set output [SASL::response $state(token)] } } |
︙ | ︙ |