This MR adds implementation of (mandatory to implement by RFC6120) SASL-SCRAM-SHA* implementation and introduces new hook.
The SASL is actually implemented as monkey-patch on top of Authen::SASL which is ugly. But it works. (TODO: upstream it).
The patch adds server- and client-side implementation (so can be upstreamed actually) for SHA1, SHA2 and -PLUS methods.
Also adds tls channel bindings to support -PLUS variants - extracts binding data from SSLeay layer.
To avoid pulling yet another dependency (Authen::SASL::SASLprep) which happens to be not in the main repo on Arch - the saslprep implementation is borrowed from there and added to DJabberd::JID to complement similar jidprep implementation.
The newly introduced hook is supposed to cover the need for plugin-to-plugin communication. Mainly it is intended for (and enables) PEP Storage for bookmarks and avatars.
To speed up a bit Caps processing (which is used heavily in PEP) a new caps cache is introduced to avoid re-calculation of digest (which implies serialisation) on each call.
And several fixes for form serialisation and directed presence cleanup.
This MR adds implementation of (mandatory to implement by RFC6120) SASL-SCRAM-SHA* implementation and introduces new hook. The SASL is actually implemented as monkey-patch on top of Authen::SASL which is ugly. But it works. (TODO: upstream it). The patch adds server- and client-side implementation (so can be upstreamed actually) for SHA1, SHA2 and -PLUS methods. Also adds tls channel bindings to support -PLUS variants - extracts binding data from SSLeay layer. To avoid pulling yet another dependency (Authen::SASL::SASLprep) which happens to be not in the main repo on Arch - the saslprep implementation is borrowed from there and added to DJabberd::JID to complement similar jidprep implementation.
The newly introduced hook is supposed to cover the need for plugin-to-plugin communication. Mainly it is intended for (and enables) PEP Storage for bookmarks and avatars.
To speed up a bit Caps processing (which is used heavily in PEP) a new caps cache is introduced to avoid re-calculation of digest (which implies serialisation) on each call.
And several fixes for form serialisation and directed presence cleanup.
Closes #40