Always indicate support for channel binding in SASL header

Daniel Gultsch created 2 months ago

This commit breaks logging in on servers that announce a -PLUS variant for
SCRAM but do not support XEP-0440.

On servers that do not support XEP-0440, we previously decided to use no
channel binding because picking "none" was better than picking an
unsupported one and failing the login.

However, this behaviour also required us to indicate that we did not
support channel binding; otherwise, the server, seeing an unknown binding
mechanism, would fail our login.

This was a decision made for the broadest possible compatibility with the
pre-0440 ecosystem.

Note that the y flag wasn't the only security layer. Conversations also
uses pinning (if you logged in once with -PLUS, it won't fall back) and
XEP-0474 (basically a fancy version of the y flag).

In addition there is a setting in Conversations to always require Channel
Binding. This will also automatically be turned on for conversations.im
and quicksy.im.

It has now been two years since XEP-0440 was released for ejabberd and
Prosody, and our compatibility concerns have shifted: if you want to have
-PLUS on your server, please update the server to support XEP-0440.

Change summary

src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java | 5 
1 file changed, 1 insertion(+), 4 deletions(-)

Detailed changes

src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java 🔗

@@ -56,10 +56,7 @@ public abstract class ScramMechanism extends SaslMechanism {
         super(account);
         this.channelBinding = channelBinding;
         if (channelBinding == ChannelBinding.NONE) {
-            // TODO this needs to be changed to "y,," for the scram internal down grade protection
-            // but we might risk compatibility issues if the server supports a binding that we don’t
-            // support
-            this.gs2Header = "n,,";
+            this.gs2Header = "y,,";
         } else {
             this.gs2Header =
                     String.format(