From 0a77bc59558bbb237d0a2439b60efcf213cace6c Mon Sep 17 00:00:00 2001 From: Mechiel Lukkien Date: Fri, 6 Dec 2024 15:59:22 +0100 Subject: [PATCH] tweak doucmentation for sasl and scram --- sasl/sasl.go | 13 ++++++++++++- scram/scram.go | 7 ++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/sasl/sasl.go b/sasl/sasl.go index f49063c..22c4348 100644 --- a/sasl/sasl.go +++ b/sasl/sasl.go @@ -1,4 +1,15 @@ -// Package SASL implements Simple Authentication and Security Layer, RFC 4422. +// Package SASL implements a client for Simple Authentication and Security Layer, RFC 4422. +// +// Supported authentication mechanisms: +// +// - EXTERNAL +// - SCRAM-SHA-256-PLUS +// - SCRAM-SHA-1-PLUS +// - SCRAM-SHA-256 +// - SCRAM-SHA-1 +// - CRAM-MD5 +// - PLAIN +// - LOGIN package sasl import ( diff --git a/scram/scram.go b/scram/scram.go index 08532f4..20dbf02 100644 --- a/scram/scram.go +++ b/scram/scram.go @@ -1,9 +1,10 @@ -// Package scram implements the SCRAM-SHA-* SASL authentication mechanism, RFC 7677 and RFC 5802. +// Package scram implements the SCRAM-SHA-* SASL authentication mechanisms, including the PLUS variants, RFC 7677 and RFC 5802. // // SCRAM-SHA-256 and SCRAM-SHA-1 allow a client to authenticate to a server using a // password without handing plaintext password over to the server. The client also -// verifies the server knows (a derivative of) the password. Both the client and -// server side are implemented. +// verifies the server knows (a derivative of) the password. The *-PLUS variants +// bind the authentication exchange to the TLS session, preventing MitM attempts. +// Both the client and server side are implemented. package scram // todo: test with messages that contains extensions