Additional description (if needed):
This PR implements SASL_MECHANISM_SCRAM_SHA_256 and SASL_MECHANISM_SCRAM_SHA_512
State machine for sasl scram
Add Tcl_TraceVar() for sasl-mechanism
Modularized sasl stuff into sasl.c / Refactor
Updated doc
Set sasl-username to username, if not set
Enhance logging
Leave got900() in servmsg.c instead of sasl.c
Constant time memory comparison
Update valid cap sasl mechanism list on server 908
Handle SASL AUTHENTICATE server error
pre sasl mechanism ECDH-X25519-CHALLENGE
Checks 2 boxes in #832:
https://github.com/eggheads/eggdrop/pull/688 (comment) - grawity proposed replacing sasl state processing with real state keeping.
Implement scram authentication
Test cases demonstrating functionality (if applicable):
set sasl 1
set sasl-mechanism 4
[...]
[09:25:49] SASL: Starting authentication process
[09:25:49] SASL: AUTHENTICATE SCRAM-SHA-512
[...]
[09:25:50] SASL: authentication of server successful
[09:25:50] [m->] AUTHENTICATE +
[09:25:51] [@] :zen.home.arpa 900 BotA BotA!BotA@localhost BotA :You are now logged in as BotA
[09:25:51] zen.home.arpa: You are now logged in as BotA
[09:25:52] [@] :zen.home.arpa 903 BotA :SASL authentication successful
[09:25:52] SASL: SASL authentication successful
Found by: Patch by: michaelortmann Fixes:
One-line summary:
Additional description (if needed): This PR implements SASL_MECHANISM_SCRAM_SHA_256 and SASL_MECHANISM_SCRAM_SHA_512 State machine for sasl scram Add Tcl_TraceVar() for sasl-mechanism Modularized sasl stuff into sasl.c / Refactor Updated doc Set sasl-username to username, if not set Enhance logging Leave got900() in servmsg.c instead of sasl.c Constant time memory comparison Update valid cap sasl mechanism list on server 908 Handle SASL AUTHENTICATE server error pre sasl mechanism ECDH-X25519-CHALLENGE
Checks 2 boxes in #832: https://github.com/eggheads/eggdrop/pull/688 (comment) - grawity proposed replacing sasl state processing with real state keeping. Implement scram authentication
Test cases demonstrating functionality (if applicable):