diff options
| author | Jeremy Lainé <jeremy.laine@m4x.org> | 2019-01-17 23:25:37 +0100 |
|---|---|---|
| committer | Jeremy Lainé <jeremy.laine@m4x.org> | 2019-01-18 14:02:50 +0100 |
| commit | 2a34abcd74d8d8369d81d9e4131d34185d9154a5 (patch) | |
| tree | 1e4eaba43ff49bc34a317601b978bc2296eee2be /src/base | |
| parent | bce9ca477709ae0876e7b7682034f49cdd010f27 (diff) | |
| download | qxmpp-2a34abcd74d8d8369d81d9e4131d34185d9154a5.tar.gz | |
[sasl] order mechanisms to prefer the most secure
The previous logic was:
- use the preferred SASL mechanism if available
- otherwise use the first supported mechanism offered by the server
However RFC 6120, section 6.3.3 states:
"The initiating entity MUST maintain its own preference order independent
of the preference order of the receiving entity."
The new logic is:
- order our supported mechanisms from most secure to least secure
- if the user sets QXmppConfiguration::saslMechanism, put it first
- use the best mechanism supported by the server
Diffstat (limited to 'src/base')
| -rw-r--r-- | src/base/QXmppSasl.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/base/QXmppSasl.cpp b/src/base/QXmppSasl.cpp index b47886f7..6d57ee09 100644 --- a/src/base/QXmppSasl.cpp +++ b/src/base/QXmppSasl.cpp @@ -272,8 +272,8 @@ QXmppSaslClient::~QXmppSaslClient() QStringList QXmppSaslClient::availableMechanisms() { - return QStringList() << "PLAIN" << "DIGEST-MD5" << "ANONYMOUS" - << "SCRAM-SHA-1" << "SCRAM-SHA-256" + return QStringList() << "SCRAM-SHA-256" << "SCRAM-SHA-1" << "DIGEST-MD5" + << "PLAIN" << "ANONYMOUS" << "X-FACEBOOK-PLATFORM" << "X-MESSENGER-OAUTH2" << "X-OAUTH2"; } |