From b5aa36b72c9b028581ba3d756029f305fc037fdb Mon Sep 17 00:00:00 2001
From: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
Date: Wed, 25 Oct 2023 19:20:02 +0200
Subject: [PATCH] sasl: Add tls-exporter channel binding
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This channel binding type is defined in RFC 9266 and is required to
support channel binding on TLS 1.3.
---
 sasl/src/common/mod.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/sasl/src/common/mod.rs b/sasl/src/common/mod.rs
index a0922f11..5016cfbd 100644
--- a/sasl/src/common/mod.rs
+++ b/sasl/src/common/mod.rs
@@ -168,8 +168,10 @@ pub enum ChannelBinding {
     None,
     /// Advertise that the client does not think the server supports channel binding.
     Unsupported,
-    /// p=tls-unique channel binding data.
+    /// p=tls-unique channel binding data (for TLS 1.2).
     TlsUnique(Vec<u8>),
+    /// p=tls-exporter channel binding data (for TLS 1.3).
+    TlsExporter(Vec<u8>),
 }
 
 impl ChannelBinding {
@@ -179,6 +181,7 @@ impl ChannelBinding {
             ChannelBinding::None => b"n,,",
             ChannelBinding::Unsupported => b"y,,",
             ChannelBinding::TlsUnique(_) => b"p=tls-unique,,",
+            ChannelBinding::TlsExporter(_) => b"p=tls-exporter,,",
         }
     }
 
@@ -188,6 +191,7 @@ impl ChannelBinding {
             ChannelBinding::None => &[],
             ChannelBinding::Unsupported => &[],
             ChannelBinding::TlsUnique(ref data) => data,
+            ChannelBinding::TlsExporter(ref data) => data,
         }
     }
 
@@ -197,6 +201,7 @@ impl ChannelBinding {
             ChannelBinding::None => false,
             ChannelBinding::Unsupported => false,
             ChannelBinding::TlsUnique(_) => mechanism == "tls-unique",
+            ChannelBinding::TlsExporter(_) => mechanism == "tls-exporter",
         }
     }
 }