auth: disable PLAIN when other mechanisms are supported

PLAIN mechanism sends password in BASE64 encoding which everyone can
read. As result, debug logs expose password and users often don't remove
it when post the logs in the Internet.

Usually, both a secure mechanism and PLAIN are used in the scenario when
username or password is incorrect. PLAIN fails in this scenario anyway.
This commit is contained in:
Dmitry Podgorny
2019-10-01 23:38:50 +03:00
parent 30f3cc9263
commit 2bf5cc0e41
2 changed files with 5 additions and 0 deletions

View File

@@ -1,4 +1,5 @@
0.9.3
- PLAIN mechanism is used only when no other mechanisms are supported
- Legacy authentication is disabled by default, can be enabled with
connection flag XMPP_CONN_FLAG_LEGACY_AUTH
- Session is not established if it is optional

View File

@@ -259,6 +259,10 @@ static int _handle_features(xmpp_conn_t * const conn,
}
}
/* Disable PLAIN when other secure mechanisms are supported */
if (conn->sasl_support & ~(SASL_MASK_PLAIN | SASL_MASK_ANONYMOUS))
conn->sasl_support &= ~SASL_MASK_PLAIN;
_auth(conn);
return 0;