Patch for SASL External authentication
Jajcus opened this issue · comments
Hi,
I'm working on jabberd2 to implement c2s SASL external authentication based on TLS certificates.
I've used pyxmpp as the testing library for the connections and I can only say it works :)
Implemented stuff:[[BR]]
- Fixed deprecated m2crypto client certificate stuff[[BR]]
- Added SASL external authenticator[[BR]]
- Modified bits of code to make it work.[[BR]]
The following stadards were used:[[BR]]
- RFC3920bis (http://mail.jabber.org/pipermail/standards/2008-June/018939.html) [[BR]]
- XEP-0178 (http://xmpp.org/extensions/xep-0178.html#c2s)
The following patch is made against pyxmpp-1.0.1 release tarball. I'm also attaching a testing script which successfully connects to my modified jabberd2 server (patches to that server will be posted soon).
I know it has been 8 months since the patch was commited, but it is now, when I started doing anything with PyXMPP. And the first thing I did was to drop M2Crypto support in favor of the standard Python 2.6 'ssl' module…
I wanted to apply outstanding patches now, but I cannot apply this one as it touches the modified part. And I don't have a test environment and any experience with EXTERNAL authentication. Could you update your patch?
--jajcus
Oh, so you're dropping the M2Crypto dependency, that's good :) When can we expect a release of pyxmpp then?
Is the changed source in trunk? If so, I'll take a look at the issue pretty soon.
Already released: http://pyxmpp.jajcus.net/downloads/pyxmpp-1.1.0.tar.gz :-)
--jajcus
Alright, so I've created a new patch. I'm sorry, the previous one missed out on the external.py file.
This one contains everything. Your streamtls.py contained everything needed :)
(In [720]) - SASL External authentication. Closes #35. Thanks to neuro
--jajcus