Summary

Remove Cyrus SASL from XMPP

Review Request #2295 — Created Feb. 26, 2023 and submitted Feb. 28, 2023, 9:21 a.m.

Information

Owner

grim

Repository

pidgin/pidgin

Branch

default

Bugs

Depends On

Reviewers

Groups

pidgin

People

Description

This will eventually be replaced by Hasl, but XMPP has it's own built-in SASL
mechanisms as well as Cyrus, so removing Cyrus first is just the first step.

Testing Done

Connected an XMPP account, sent direct messages from both sides, and joined a muc and sent messages from both sides as well.
Also ran the unit tests.

Commits

Summary	ID
Remove Cyrus SASL from XMPP This will eventually be replaced by Hasl, but XMPP has it's own built-in SASL mechanisms as well as Cyrus, so removing Cyrus first is just the first step.	2df95c047e8074e74c93d8bf74cb4208d15e3286

Issues

Description	From	Last Updated
Did you figure out if XMPP needs to support any SASL mechanisms that provide a security layer (for HASL purposes …	QuLogic	Feb. 28, 2023, 9:11 a.m.

Ship it!

```
Ship It!
```

libpurple/protocols/jabber/jabber.c (Diff revision 1)

The issue has been dropped. Show all issues

Did you figure out if XMPP needs to support any SASL mechanisms that provide a security layer (for HASL purposes later)?

grim Feb. 28, 2023, 6:27 a.m.

The scram stuff does have channel bind for SCRAM-*-*-PLUS but that was done outside of cyrus and can be found in auth_scram.c. So we'll most likely readjust this stuff as necessary if/when we want to implement those mechanisms. That said, I haven't seen many in the wild but I also haven't looked too hard.

QuLogic Feb. 28, 2023, 6:31 a.m.

There's a #define CHANNEL_BINDING, but it appears that's not actually fully implemented. I'm not sure that channel binding is the same the security layer stuff, but really the only layer I found was DIGEST-MD5 and I'm not sure anyone should be using that these days.

grim Feb. 28, 2023, 9:06 a.m.
```
That was basically my findings as well.
```

Status:: Completed