Commit graph

29 commits

Author SHA1 Message Date
Daniel Gultsch 0e54d8a2cf implement SCRAM-SHA512 2020-12-31 09:32:05 +01:00
Daniel Gultsch 2a57c92f63 rewrote scram cache implementation 2020-12-30 22:01:08 +01:00
Daniel Gultsch 692ee6c9fb SCRAM remove cache. made digest and hmac non static
DIGEST and HMAC were static variables. Those are initialized by
what ever concrete implementation gets executed first.

(Perform SCRAM-SHA1 first and those variables got initialized with
SHA1 variants)

For subsequent SHA256 executions those variables contained wrong
values.
2020-12-30 15:57:44 +01:00
Daniel Gultsch 575ada3b27 fix scram crash for broken metronome servers 2020-05-27 13:53:28 +02:00
Daniel Gultsch f8fedf0059 sasl prep password before hashing. fixes #1893 2020-05-19 15:28:12 +02:00
Daniel Gultsch b6703dbe38 switch xmpp-addr to jxmpp-jid 2020-05-15 17:06:16 +02:00
Daniel Gultsch 2fa629d113 create api calls 2018-10-31 13:33:55 +01:00
Daniel Gultsch 6121217df5 fixed auth 2018-09-26 10:39:36 +02:00
Sam Whited ef4cfacaf4 Fix auth when upgrading from SCRAM-SHA-1 to -256 (#3192) 2018-09-26 10:19:54 +02:00
Daniel Gultsch 1accf9d961 migrate to xmpp-addr 2018-03-07 22:30:36 +01:00
Daniel Gultsch 768eadde36 use random string generator instead of BigInteger in DigestMd5 2017-08-01 12:27:26 +02:00
Daniel Gultsch e11277c70f use base64 instead of base36 when creating random strings 2017-07-30 11:39:47 +02:00
Sam Whited bfc2cffc2f Add SCRAM-SHA-2 support 2017-01-15 23:43:44 -06:00
Sam Whited 805717673c Support ANONYMOUS SASL 2016-09-12 11:30:03 -05:00
Daniel Gultsch 76889b9c58 handle invalid base64 is SASl SCRAM response 2016-05-07 11:34:17 +02:00
Daniel Gultsch 933538a39d code clean up 2015-10-12 12:36:54 +02:00
Daniel Gultsch b519411d34 enable SASL EXTERNAL (certificate login 2015-10-11 20:45:01 +02:00
Daniel Gultsch c082066118 catch null pointer in ScramSHA1 sasl 2015-08-16 11:50:33 +02:00
Daniel Gultsch 492e387482 added null check in sasl response verifier 2015-07-10 12:16:30 +02:00
Daniel Gultsch 8d2f454479 prefer PLAIN over DIGEST-MD5
DIGEST-MD5 seems to be broken for a lot of cases (OpenFire)
switched priority of PLAIN to not cause any security errors
2015-01-02 01:39:19 +01:00
iNPUTmice 9c9e22c020 fixed digest-md5 2014-12-04 12:33:56 +01:00
Sam Whited feec659b08 Make sure SASL tokenizer strips strings
Fix DIGEST-MD5 auth (make sure we're not splitting on BASE64 `==')
2014-12-02 19:33:41 -05:00
Michael dc0dba3faf remove unused imports. 2014-11-21 19:17:27 +01:00
Sam Whited cfdda5f8fd Don't escape passwords in SASL
Fixes #671
2014-11-15 21:11:14 -05:00
Sam Whited a463f82e3b Cache SCRAM-SHA-1 keys for current session 2014-11-15 12:57:36 -05:00
Sam Whited 847877f9d2 Add auth method pinning 2014-11-15 10:01:08 -05:00
Sam Whited 4b5d6f5b4f Improve auth error handling and state machine 2014-11-15 08:49:00 -05:00
Sam Whited 0e550789d3 Add SCRAM-SHA1 support
Factor out GS2 tokanization into own class
Add authentication exception class

Fixes #71
2014-11-14 18:00:12 -05:00
Sam Whited 14cfb60952 Refactor authentication code 2014-11-12 10:15:38 -05:00