Add support for XEP-0474.

5 months ago · 5303a0901c
parent e848a9050e
commit 5303a0901c
7 changed files with 36 additions and 118 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,8 +1,12 @@
 # Changelog

 ## Unreleased
+### Added
+- Add no parameter `--scram-mech-pinning`.
+
 ### Changed
 - Refuse to upload a file if upload slot doesn't provide https.
+- Use XEP-0474 instead of SCRAM mechanism pinning to prevent downgrade attacks (requires go-xmpp commit TODO).

 ## [v0.7.0] 2023-11-11
 ### Added
--- a/README.md
+++ b/README.md
@ -76,6 +76,7 @@ the account details via command line options:

 ```plain
 Usage: go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value] [--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value] [--ox-passphrase value] [-p value] [--raw] [--timeout value] [--tls-version value] [-u value] [--version] [recipients…]
+Usage: go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value] [--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value] [--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--timeout value] [--tls-version value] [-u value] [--version] [recipients…]
 -a, --alias=value  Set alias/nicknamefor chatrooms.
 -c, --chatroom     Send message to a chatroom.
 -d, --debug        Show debugging info.
@ -114,6 +115,8 @@ Usage: go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h val
 -p, --password=value
                    Password for XMPP account.
     --raw          Send raw XML.
+     --scram-mech-pinning=value
+                    Enforce the use of a certain SCRAM authentication mechanism.
     --timeout=value
                    Connection timeout in seconds. [10]
 -t, --tls          Use direct TLS.
--- a/handlemechanisminfo.go
+++ b/handlemechanisminfo.go
@ -1,72 +0,0 @@
-// Copyright Martin Dosch.
-// Use of this source code is governed by the BSD-2-clause
-// license that can be found in the LICENSE file.
-
-package main
-
-import (
-	"errors"
-	"fmt"
-	"os"
-	"os/user"
-	"strings"
-)
-
-func findPinFilePath(username string) (string, error) {
-	osDataDir := os.Getenv("$XDG_DATA_HOME")
-	if osDataDir == "" {
-		// Get the current user.
-		curUser, err := user.Current()
-		if err != nil {
-			return strError, fmt.Errorf("findConfig: failed to get current user: %w", err)
-		}
-		// Get home directory.
-		home := curUser.HomeDir
-		if home == "" {
-			return strError, errors.New("no home directory found")
-		}
-		osDataDir = home + "/.local/share/"
-	}
-	authPinFilePath := osDataDir + "/go-sendxmpp/" + username + "/"
-
-	return authPinFilePath, nil
-}
-
-// Opens the auth mechanism pin file and returns the value.
-func parsePinFile(user string) (string, error) {
-	// Find auth pin file
-	authPinFile, err := findPinFilePath(user)
-	if err != nil {
-		return "", err
-	}
-
-	// Read file.
-	m, err := os.ReadFile(authPinFile + "authmechanism")
-	if err != nil {
-		return "", err
-	}
-	// Strip trailing newline.
-	mechanism := strings.TrimSuffix(string(m), "\n")
-
-	return mechanism, nil
-}
-
-// Writes the used mechanism to the auth pin file.
-func writePinFile(mechanism string, user string) error {
-	// Find auth pin file
-	authPinFilePath, err := findPinFilePath(user)
-	if err != nil {
-		return err
-	}
-	if _, err = os.Stat(authPinFilePath); os.IsNotExist(err) {
-		err = os.MkdirAll(authPinFilePath, defaultDirRights)
-		if err != nil {
-			return fmt.Errorf("writePinFile: could not create folder for auth pin file: %w", err)
-		}
-	}
-	err = os.WriteFile(authPinFilePath+"authmechanism", []byte(mechanism+"\n"), 0o400)
-	if err != nil {
-		return err
-	}
-	return nil
-}
--- a/main.go
+++ b/main.go
@ -122,6 +122,7 @@ func main() {
 	flagOxDeleteNodes := getopt.BoolLong("ox-delete-nodes", 0, "Delete existing OpenPGP nodes on the server.")
 	flagOOBFile := getopt.StringLong("oob-file", 0, "", "URL to send a file as out of band data.")
 	flagHeadline := getopt.BoolLong("headline", 0, "Send message as type headline.")
+	flagSCRAMPinning := getopt.StringLong("scram-mech-pinning", 0, "", "Enforce the use of a certain SCRAM authentication mechanism.")

 	// Parse command line flags.
 	getopt.Parse()
@ -229,9 +230,6 @@ func main() {
 		os.Exit(0)
 	}

-	// Check whether an authentication mechanism is pinned.
-	authMech, _ := parsePinFile(user)
-
 	// Set XMPP connection options.
 	options := xmpp.Options{
 		Host:        server,
@ -249,7 +247,7 @@ func main() {
 		StartTLS:  !*flagDirectTLS,
 		Debug:     *flagDebug,
 		TLSConfig: &tlsConfig,
-		Mechanism: authMech,
+		Mechanism: *flagSCRAMPinning,
 	}

 	// Read message from file.
@ -296,14 +294,6 @@ func main() {
 	if err != nil {
 		log.Fatal(err)
 	}
-	// If no authentication mechanism is pinned and a SCRAM mechanism is
-	// used, write the used mechanism to the pin file.
-	if authMech == "" && strings.HasPrefix(client.Mechanism, "SCRAM") {
-		err = writePinFile(client.Mechanism, user)
-		if err != nil {
-			log.Println("could not write authentication mechanism pin file:", err)
-		}
-	}

 	iqc := make(chan xmpp.IQ, defaultBufferSize)
 	msgc := make(chan xmpp.Chat, defaultBufferSize)
--- a/man/go-sendxmpp.1
+++ b/man/go-sendxmpp.1
@ -1,10 +1,10 @@
 .\" generated with Ronn-NG/v0.9.1
 .\" http://github.com/apjanke/ronn-ng/tree/0.9.1
-.TH "GO\-SENDXMPP" "1" "November 2023" ""
+.TH "GO\-SENDXMPP" "1" "January 2024" ""
 .SH "NAME"
 \fBgo\-sendxmpp\fR \- A tool to send messages to an XMPP contact or MUC\.
 .SH "SYNOPSIS"
-\fBgo\-sendxmpp\fR [\-cdilnt] [\-a value] [\-f value] [\-\-headline] [\-\-help] [\-h value] [\-j value] [\-m value] [\-\-muc\-password value] [\-\-oob\-file value] [\-\-ox] [\-\-ox\-delete\-nodes] [\-\-ox\-genprivkey\-rsa] [\-\-ox\-genprivkey\-x25519] [\-\-ox\-import\-privkey value] [\-\-ox\-passphrase value] [\-p value] [\-\-raw] [\-\-timeout value] [\-\-tls\-version value] [\-u value] [\-\-version] [recipients…]
+\fBgo\-sendxmpp [\-cdilnt] [\-a value] [\-f value] [\-\-headline] [\-\-help] [\-h value] [\-j value] [\-m value] [\-\-muc\-password value] [\-\-oob\-file value] [\-\-ox] [\-\-ox\-delete\-nodes] [\-\-ox\-genprivkey\-rsa] [\-\-ox\-genprivkey\-x25519] [\-\-ox\-import\-privkey value] [\-\-ox\-passphrase value] [\-p value] [\-\-raw] [\-\-scram\-mech\-pinning value] [\-\-timeout value] [\-\-tls\-version value] [\-u value] [\-\-version] [recipients…]\fR
 .SH "DESCRIPTION"
 A tool to send messages to an XMPP contact or MUC inspired by (but not as powerful as) \fBsendxmpp\fR\.
 .br
@ -86,6 +86,9 @@ Password for XMPP account\.
 \fB\-\-raw\fR
 Send raw XML\. To send raw XML to a contact as normal chat message no contact must be specified\. To send raw XML to a MUC you have to specify the MUC via \fB\-c\fR and go\-sendxmpp will join the MUC\.
 .TP
+\fB\-\-scram\-mech\-pinning=[<value>]\fR
+Enforce the use of a certain SCRAM authentication mechanism\. Currently go\-sendxmpp supports \fISCRAM\-SHA\-1\fR, \fISCRAM\-SHA\-1\-PLUS\fR, \fISCRAM\-SHA\-256\fR, \fISCRAM\-SHA\-256\-PLUS\fR, \fISCRAM\-SHA\-512\fR and \fISCRAM\-SHA\-512\-PLUS\fR\. You should know what you are doing when using this setting and make sure the chosen mechanism is supported by the server\. If not set go\-sendxmpp will use XEP\-0474 to prevent downgrade attacks (needs server support)\.
+.TP
 \fB\-\-timeout=\fR[\fIvalue\fR]
 Connection timeout in seconds\. (Default: 10)
 .TP
@ -97,8 +100,6 @@ Username for XMPP account (JID)\.
 .TP
 \fB\-\-version\fR
 Show version information\.
-.SH "SCRAM"
-Go\-sendxmpp supports \fBSalted Challenge Response Authentication Mechanism\fR (SCRAM)\. If go\-sendxmpp successfully connects using SCRAM it will create a file \fB~/\.local/share/go\-sendxmpp/[your_jid]/authmechanism\fR containing the name of the used mechanism\. It will read this file and use the same mechanism for future connections and fail if it is not available\. This is to protect against downgrades by a \fBMachine In The Middle\fR (MITM)\. If you want to upgrade to another mechanism (e\.g\. if SCRAM\-SHA\-1\-PLUS gets available for your server that previously only supported SCRAM\-SHA\-1) you have to manually edit the file\. It is not recommended to delete the file and let go\-sendxmpp recreate it as this would make it vulnerable to downgrade attacks for the next connection attempt\.
 .SH "SHELL COMPLETIONS"
 .SS "ZSH"
 There are no shell completions yet (contributions welcome) but for zsh it is possible to automatically create completions from \fB\-\-help\fR which might work good enough\.
--- a/man/go-sendxmpp.1.html
+++ b/man/go-sendxmpp.1.html
@ -57,7 +57,6 @@
    <a href="#SYNOPSIS">SYNOPSIS</a>
    <a href="#DESCRIPTION">DESCRIPTION</a>
    <a href="#OPTIONS">OPTIONS</a>
-    <a href="#SCRAM">SCRAM</a>
    <a href="#SHELL-COMPLETIONS">SHELL COMPLETIONS</a>
    <a href="#CHAT">CHAT</a>
    <a href="#AUTHOR">AUTHOR</a>
@ -80,7 +79,10 @@
 </p>
 <h2 id="SYNOPSIS">SYNOPSIS</h2>

-<p><code>go-sendxmpp</code> [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value] [--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value] [--ox-passphrase value] [-p value] [--raw] [--timeout value] [--tls-version value] [-u value] [--version] [recipients…]</p>
+<p><code>go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value]
+[--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value]
+[--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--timeout value] [--tls-version value] [-u value]
+[--version] [recipients…]</code></p>

 <h2 id="DESCRIPTION">DESCRIPTION</h2>

@ -182,6 +184,12 @@ it might be imported using <code>--ox-import-privkey</code>.</dd>
 <dt><code>--raw</code></dt>
 <dd>Send raw XML. To send raw XML to a contact as normal chat message no contact must be specified.
 To send raw XML to a MUC you have to specify the MUC via <code>-c</code> and go-sendxmpp will join the MUC.</dd>
+<dt><code>--scram-mech-pinning=[&lt;value&gt;]</code></dt>
+<dd>Enforce the use of a certain SCRAM authentication mechanism. Currently go-sendxmpp supports
+<em>SCRAM-SHA-1</em>, <em>SCRAM-SHA-1-PLUS</em>, <em>SCRAM-SHA-256</em>, <em>SCRAM-SHA-256-PLUS</em>, <em>SCRAM-SHA-512</em>
+and <em>SCRAM-SHA-512-PLUS</em>. You should know what you are doing when using this setting and 
+make sure the chosen mechanism is supported by the server. If not set go-sendxmpp will use XEP-0474
+to prevent downgrade attacks (needs server support).</dd>
 <dt>
 <code>--timeout=</code>[<var>value</var>]</dt>
 <dd>Connection timeout in seconds. (Default: 10)</dd>
@ -196,19 +204,6 @@ To send raw XML to a MUC you have to specify the MUC via <code>-c</code> and go-
 <dd>Show version information.</dd>
 </dl>

-<h2 id="SCRAM">SCRAM</h2>
-
-<p>Go-sendxmpp supports <strong>Salted Challenge Response Authentication Mechanism</strong> (SCRAM).
-If go-sendxmpp successfully connects using SCRAM it will create a file
-<code>~/.local/share/go-sendxmpp/[your_jid]/authmechanism</code> containing the name of the
-used mechanism. It will read this file and use the same mechanism for future connections
-and fail if it is not available. This is to protect against downgrades by a
-<strong>Machine In The Middle</strong> (MITM). If you want to upgrade to another mechanism (e.g.
-if SCRAM-SHA-1-PLUS gets available for your server that previously only supported
-SCRAM-SHA-1) you have to manually edit the file. It is not recommended to delete
-the file and let go-sendxmpp recreate it as this would make it vulnerable to downgrade
-attacks for the next connection attempt.</p>
-
 <h2 id="SHELL-COMPLETIONS">SHELL COMPLETIONS</h2>

 <h3 id="ZSH">ZSH</h3>
@ -246,7 +241,7 @@ License: BSD 2-clause License</p>

  <ol class='man-decor man-foot man foot'>
    <li class='tl'></li>
-    <li class='tc'>November 2023</li>
+    <li class='tc'>January 2024</li>
    <li class='tr'>go-sendxmpp(1)</li>
  </ol>

--- a/man/go-sendxmpp.1.ronn
+++ b/man/go-sendxmpp.1.ronn
@ -3,7 +3,10 @@ go-sendxmpp(1) -- A tool to send messages to an XMPP contact or MUC.

 ## SYNOPSIS

-`go-sendxmpp` [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value] [--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value] [--ox-passphrase value] [-p value] [--raw] [--timeout value] [--tls-version value] [-u value] [--version] [recipients…]
+`go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value]
+[--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value]
+[--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--timeout value] [--tls-version value] [-u value]
+[--version] [recipients…]`

 ## DESCRIPTION

@ -107,6 +110,13 @@ Password for XMPP account.
 Send raw XML. To send raw XML to a contact as normal chat message no contact must be specified.
 To send raw XML to a MUC you have to specify the MUC via `-c` and go-sendxmpp will join the MUC.

+* `--scram-mech-pinning=[<value>]`:
+Enforce the use of a certain SCRAM authentication mechanism. Currently go-sendxmpp supports
+*SCRAM-SHA-1*, *SCRAM-SHA-1-PLUS*, *SCRAM-SHA-256*, *SCRAM-SHA-256-PLUS*, *SCRAM-SHA-512*
+and *SCRAM-SHA-512-PLUS*. You should know what you are doing when using this setting and 
+make sure the chosen mechanism is supported by the server. If not set go-sendxmpp will use XEP-0474
+to prevent downgrade attacks (needs server support).
+
 * `--timeout=`[<value>]:
 Connection timeout in seconds. (Default: 10)

@ -119,19 +129,6 @@ Username for XMPP account (JID).
 * `--version`:
 Show version information.

-## SCRAM
-
-Go-sendxmpp supports **Salted Challenge Response Authentication Mechanism** (SCRAM).
-If go-sendxmpp successfully connects using SCRAM it will create a file
-`~/.local/share/go-sendxmpp/[your_jid]/authmechanism` containing the name of the
-used mechanism. It will read this file and use the same mechanism for future connections
-and fail if it is not available. This is to protect against downgrades by a
-**Machine In The Middle** (MITM). If you want to upgrade to another mechanism (e.g.
-if SCRAM-SHA-1-PLUS gets available for your server that previously only supported
-SCRAM-SHA-1) you have to manually edit the file. It is not recommended to delete
-the file and let go-sendxmpp recreate it as this would make it vulnerable to downgrade
-attacks for the next connection attempt.
-
 ## SHELL COMPLETIONS

 ### ZSH