mdosch
commented
8 months ago @mattn What do you think about this? The XEP is currently experimental, but servers not supporting it would simply not set the d= part in the challenge and therefore it shouldn't have any negative impact for other servers.
I have succesfully tested the implementation against a server running the current development snapshot of ejabberd.
I'd like to get it also tested against this prosody module but I didn't get it to work on my server yet.
Add support for XEP-0474
The upcoming ejabberd release supports XEP-0474 [1] wich requires support for the
d=parameter. Currently we fail if an unknown parameter is set andd=is unknown.Instead of just not failing when
d=is set I added support for the downgrade protection.[1] https://xmpp.org/extensions/xep-0474.html