Module Contents¶
Functions¶
|
Application-layer user authentication protocols are vulnerable to generic |
|
|
Attributes¶
- autobahn.asyncio.util.__all = ('sleep', 'peer2str', 'transport_channel_id', 'create_transport_details')¶
- autobahn.asyncio.util.transport_channel_id(transport, is_server: bool, channel_id_type: str | None = None) bytes [source]¶
Application-layer user authentication protocols are vulnerable to generic credential forwarding attacks, where an authentication credential sent by a client C to a server M may then be used by M to impersonate C at another server S. To prevent such credential forwarding attacks, modern authentication protocols rely on channel bindings. For example, WAMP-cryptosign can use the tls-unique channel identifier provided by the TLS layer to strongly bind authentication credentials to the underlying channel, so that a credential received on one TLS channel cannot be forwarded on another.
- Parameters:
transport – The asyncio TLS transport to extract the TLS channel ID from.
is_server – Flag indicating the transport is for a server.
channel_id_type – TLS channel ID type, currently only “tls-unique” is supported.
- Returns:
The TLS channel id (32 bytes).
- autobahn.asyncio.util.create_transport_details(transport, is_server: bool) autobahn.wamp.types.TransportDetails [source]¶