Closed matthias-hmb closed 6 months ago
c) Or simply remove the non-RFC compliant SCRAM method, which I never should have implemented in the first place.
Can you please check whether #243 fixes your issue?
I thought about it and though I would prefer c) I went with b) since breaking stuff isn't really what we want to do.
Thanks, yes it works. I agree with you, but I got lured into it by a server, that already supports that draft...
Situation
If the server supports SCRAM-SHA-512 and SCRAM-SHA-512-PLUS, but not SHA1/SHA256, libstrophe will choose SCRAM-SHA-512 Mechanism. (the plus variant for sha512 is not supported)
Problem
The sasl client first message will start with "y,,", (auth.c 602,...) because libstrophe supports plus variants in general. The server needs to reject, because plus is supported, but not used.
RFC5802:
Solution
a) Exception for sha512 and report to not support plus variants (ugly) b) Support for sha512 plus variant.
As all the code for plus variants is already there, it is only a small patch/addition to add support for sha512: