From cbdf4e985f31329a131e2b5cd1ba10051373bf2a Mon Sep 17 00:00:00 2001 From: George Hazan Date: Sat, 23 Dec 2023 16:28:16 +0300 Subject: fixes #3793 (XEP-0440: SASL Channel-Binding Type Capability support) --- protocols/JabberG/src/jabber_caps.h | 1 + protocols/JabberG/src/jabber_opt.cpp | 1 - protocols/JabberG/src/jabber_proto.cpp | 1 - protocols/JabberG/src/jabber_proto.h | 2 +- protocols/JabberG/src/jabber_secur.cpp | 2 +- protocols/JabberG/src/jabber_thread.cpp | 11 +++++++++++ 6 files changed, 14 insertions(+), 4 deletions(-) (limited to 'protocols') diff --git a/protocols/JabberG/src/jabber_caps.h b/protocols/JabberG/src/jabber_caps.h index 0e6bcc5f89..6eb7e50f67 100644 --- a/protocols/JabberG/src/jabber_caps.h +++ b/protocols/JabberG/src/jabber_caps.h @@ -206,6 +206,7 @@ typedef unsigned __int64 JabberCapsBits; #define JABBER_FEAT_SOFTWARE_INFO "urn:xmpp:dataforms:softwareinfo" #define JABBER_FEAT_UPLOAD "urn:xmpp:http:upload" #define JABBER_FEAT_UPLOAD0 "urn:xmpp:http:upload:0" +#define JABBER_FEAT_CHANNEL_BINDING "urn:xmpp:sasl-cb:0" #define JABBER_FEAT_PUBSUB_EVENT "http://jabber.org/protocol/pubsub#event" #define JABBER_FEAT_PUBSUB_NODE_CONFIG "http://jabber.org/protocol/pubsub#node_config" diff --git a/protocols/JabberG/src/jabber_opt.cpp b/protocols/JabberG/src/jabber_opt.cpp index 15e4d48fef..a1302d713a 100644 --- a/protocols/JabberG/src/jabber_opt.cpp +++ b/protocols/JabberG/src/jabber_opt.cpp @@ -713,7 +713,6 @@ public: m_options.AddOption(LPGENW("Server options"), LPGENW("Use Stream Management (XEP-0198)"), proto->m_bEnableStreamMgmt); m_options.AddOption(LPGENW("Server options"), LPGENW("Disable SASL authentication (for old servers)"), proto->m_bDisable3920auth); m_options.AddOption(LPGENW("Server options"), LPGENW("Enable stream compression"), proto->m_bEnableZlib); - m_options.AddOption(LPGENW("Server options"), LPGENW("Use TLS 1.3 bindings"), proto->m_bUseTlsExport); m_options.AddOption(LPGENW("Other"), LPGENW("Enable remote controlling (from another resource of same JID only)"), proto->m_bEnableRemoteControl); m_options.AddOption(LPGENW("Other"), LPGENW("Show transport agents on contact list"), proto->m_bShowTransport); diff --git a/protocols/JabberG/src/jabber_proto.cpp b/protocols/JabberG/src/jabber_proto.cpp index e43d1b2ee3..63009c39fc 100644 --- a/protocols/JabberG/src/jabber_proto.cpp +++ b/protocols/JabberG/src/jabber_proto.cpp @@ -134,7 +134,6 @@ CJabberProto::CJabberProto(const char *aProtoName, const wchar_t *aUserName) : m_bUsePopups(this, "UsePopups", true), m_bUseSSL(this, "UseSSL", false), m_bUseTLS(this, "UseTLS", true), - m_bUseTlsExport(this, "UseTlsExport", false), m_iMamMode(this, "MamMode", 0), m_iConnectionKeepAliveInterval(this, "ConnectionKeepAliveInterval", 60000), diff --git a/protocols/JabberG/src/jabber_proto.h b/protocols/JabberG/src/jabber_proto.h index dcd6f753f2..54359d8d8c 100644 --- a/protocols/JabberG/src/jabber_proto.h +++ b/protocols/JabberG/src/jabber_proto.h @@ -239,7 +239,6 @@ struct CJabberProto : public PROTO, public IJabberInterface CMOption m_bUsePopups; CMOption m_bUseSSL; CMOption m_bUseTLS; - CMOption m_bUseTlsExport; CMOption m_iMamMode; CMOption m_iConnectionKeepAliveInterval; @@ -267,6 +266,7 @@ struct CJabberProto : public PROTO, public IJabberInterface bool m_bStreamSent; bool m_bMamPrefsAvailable; bool m_bMamDisableMessages, m_bMamCreateRead; + bool m_bTlsExporter, m_bTlsServerEndpoint; HWND m_hwndJabberChangePassword; HWND m_hwndPrivacyRule; diff --git a/protocols/JabberG/src/jabber_secur.cpp b/protocols/JabberG/src/jabber_secur.cpp index 853016823d..263574c448 100644 --- a/protocols/JabberG/src/jabber_secur.cpp +++ b/protocols/JabberG/src/jabber_secur.cpp @@ -211,7 +211,7 @@ TScramAuth::TScramAuth(ThreadData *info, const char *pszMech, const EVP_MD *pMet priority = iPriority; if ((iPriority % 10) == 1) { - int cbLen, tlsVer = info->proto->m_bUseTlsExport; + int cbLen, tlsVer = info->proto->m_bTlsExporter; void *pData = Netlib_GetTlsUnique(info->s, cbLen, tlsVer); if (pData == nullptr) bIsValid = false; diff --git a/protocols/JabberG/src/jabber_thread.cpp b/protocols/JabberG/src/jabber_thread.cpp index 24864a0116..a7461785a3 100644 --- a/protocols/JabberG/src/jabber_thread.cpp +++ b/protocols/JabberG/src/jabber_thread.cpp @@ -632,6 +632,7 @@ void CJabberProto::OnProcessFeatures(const TiXmlElement *node, ThreadData *info) bool isRegisterAvailable = false; bool areMechanismsDefined = false; + m_bTlsExporter = m_bTlsServerEndpoint = false; for (auto *n : TiXmlEnum(node)) { auto *pszName = n->Name(); @@ -729,6 +730,16 @@ void CJabberProto::OnProcessFeatures(const TiXmlElement *node, ThreadData *info) } else info->jabberServerCaps |= pCaps->GetCaps(); } + else if (!mir_strcmp(pszName, "sasl-channel-binding") && !mir_strcmp(n->Attribute("xmlns"), JABBER_FEAT_CHANNEL_BINDING)) { + for (auto *it : TiXmlFilter(n, "channel-binding")) { + if (auto *pszType = it->Attribute("type")) { + if (!mir_strcmp(pszType, "tls-exporter")) + m_bTlsExporter = true; + else if (!mir_strcmp(pszType, "tls-server-end-point")) + m_bTlsServerEndpoint = true; + } + } + } } if (areMechanismsDefined) { -- cgit v1.2.3