Patch for SASL External authentication

[neuro@…]

Hi,

I'm working on jabberd2 to implement c2s SASL external authentication based on TLS certificates.

I've used pyxmpp as the testing library for the connections and I can only say it works :)

Implemented stuff:
1. Fixed deprecated m2crypto client certificate stuff
2. Added SASL external authenticator
3. Modified bits of code to make it work.

The following stadards were used:
1. RFC3920bis ( http://mail.jabber.org/pipermail/standards/2008-June/018939.html)
2. XEP-0178 ( http://xmpp.org/extensions/xep-0178.html#c2s)

The following patch is made against pyxmpp-1.0.1 release tarball. I'm also attaching a testing script which successfully connects to my modified jabberd2 server (patches to that server will be posted soon).

[neuro@…]

pyXMPP SASL external introduction patch

[neuro@…]

testing client

[jajcus]

I know it has been 8 months since the patch was commited, but it is now, when I started doing anything with PyXMPP. And the first thing I did was to drop M2Crypto support in favor of the standard Python 2.6 'ssl' module… I wanted to apply outstanding patches now, but I cannot apply this one as it touches the modified part. And I don't have a test environment and any experience with EXTERNAL authentication. Could you update your patch?

[neuro@…]

Oh, so you're dropping the M2Crypto dependency, that's good :) When can we expect a release of pyxmpp then?

Is the changed source in trunk? If so, I'll take a look at the issue pretty soon.

[jajcus]

Already released: http://pyxmpp.jajcus.net/downloads/pyxmpp-1.1.0.tar.gz :-)

[neuro@…]

Add SASL external x509 authentication for svn20100420

[neuro@…]

Alright, so I've created a new patch. I'm sorry, the previous one missed out on the external.py file.

This one contains everything. Your streamtls.py contained everything needed :)

[jajcus]

(In [720]) - SASL External authentication. Closes #35. Thanks to neuro