mirror of
https://salsa.debian.org/mdosch/go-sendxmpp
synced 2024-11-18 21:25:31 +00:00
Add command line flag to disable XEP-0474: SASL SCRAM Downgrade Protection.
This commit is contained in:
parent
b9018ec2d9
commit
ca268e957e
@ -6,6 +6,7 @@
|
||||
- Properly close stream if `Ctrl+C` is pressed in listening mode.
|
||||
- Print OS, architecture and go version for flag `--version`.
|
||||
- Improve closing of connection (via go-xmpp v0.1.3).
|
||||
- New command line flag `SSDP-off` to disable XEP-0474: SASL SCRAM Downgrade Protection (requires go-xmpp > v0.1.3).
|
||||
|
||||
## [v0.8.4] 2024-03-09
|
||||
### Changed
|
||||
|
@ -75,7 +75,7 @@ If no configuration file is present or if the values should be overridden it is
|
||||
the account details via command line options:
|
||||
|
||||
```plain
|
||||
Usage: go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value] [--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value] [--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--timeout value] [--tls-version value] [-u value] [--version] [recipients…]
|
||||
Usage: go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value] [--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value] [--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--SSDP-off] [--timeout value] [--tls-version value] [-u value] [--version] [recipients…]
|
||||
-a, --alias=value Set alias/nicknamefor chatrooms.
|
||||
-c, --chatroom Send message to a chatroom.
|
||||
-d, --debug Show debugging info.
|
||||
@ -116,6 +116,7 @@ Usage: go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h val
|
||||
--raw Send raw XML.
|
||||
--scram-mech-pinning=value
|
||||
Enforce the use of a certain SCRAM authentication mechanism.
|
||||
--SSDP-off Disable XEP-0474: SASL SCRAM Downgrade Protection.
|
||||
--timeout=value
|
||||
Connection timeout in seconds. [10]
|
||||
-t, --tls Use direct TLS.
|
||||
|
2
go.mod
2
go.mod
@ -7,7 +7,7 @@ require (
|
||||
github.com/beevik/etree v1.3.0
|
||||
github.com/gabriel-vasile/mimetype v1.4.3
|
||||
github.com/pborman/getopt/v2 v2.1.0
|
||||
github.com/xmppo/go-xmpp v0.1.4-0.20240326182619-bc81053dbcc0
|
||||
github.com/xmppo/go-xmpp v0.1.4-0.20240326203615-862c21f845b0
|
||||
salsa.debian.org/mdosch/xmppsrv v0.2.6
|
||||
)
|
||||
|
||||
|
4
go.sum
4
go.sum
@ -25,8 +25,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
|
||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/xmppo/go-xmpp v0.1.4-0.20240326182619-bc81053dbcc0 h1:ApKIu0yuChFMs1W84Se1Df9R5BYuL5TLfBWzTpS/TVU=
|
||||
github.com/xmppo/go-xmpp v0.1.4-0.20240326182619-bc81053dbcc0/go.mod h1:yyTnJMs6I6KUKv3BjXc4i3NU/iWBxY3yBGiUvUcW0Qg=
|
||||
github.com/xmppo/go-xmpp v0.1.4-0.20240326203615-862c21f845b0 h1:vk8yO+cYE4ZW2mYQpvyCwryOkmdvxZWainjy9ZXjn/s=
|
||||
github.com/xmppo/go-xmpp v0.1.4-0.20240326203615-862c21f845b0/go.mod h1:yyTnJMs6I6KUKv3BjXc4i3NU/iWBxY3yBGiUvUcW0Qg=
|
||||
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
|
2
main.go
2
main.go
@ -134,6 +134,7 @@ func main() {
|
||||
flagOOBFile := getopt.StringLong("oob-file", 0, "", "URL to send a file as out of band data.")
|
||||
flagHeadline := getopt.BoolLong("headline", 0, "Send message as type headline.")
|
||||
flagSCRAMPinning := getopt.StringLong("scram-mech-pinning", 0, "", "Enforce the use of a certain SCRAM authentication mechanism.")
|
||||
flagSSDPOff := getopt.BoolLong("SSDP-off", 0, "Disable XEP-0474: SASL SCRAM Downgrade Protection.")
|
||||
|
||||
// Parse command line flags.
|
||||
getopt.Parse()
|
||||
@ -285,6 +286,7 @@ func main() {
|
||||
Debug: *flagDebug,
|
||||
TLSConfig: &tlsConfig,
|
||||
Mechanism: *flagSCRAMPinning,
|
||||
SSDP: !*flagSSDPOff,
|
||||
}
|
||||
|
||||
// Read message from file.
|
||||
|
@ -4,7 +4,7 @@
|
||||
.SH "NAME"
|
||||
\fBgo\-sendxmpp\fR \- A tool to send messages to an XMPP contact or MUC\.
|
||||
.SH "SYNOPSIS"
|
||||
\fBgo\-sendxmpp [\-cdilnt] [\-a value] [\-f value] [\-\-headline] [\-\-help] [\-h value] [\-j value] [\-m value] [\-\-muc\-password value] [\-\-oob\-file value] [\-\-ox] [\-\-ox\-delete\-nodes] [\-\-ox\-genprivkey\-rsa] [\-\-ox\-genprivkey\-x25519] [\-\-ox\-import\-privkey value] [\-\-ox\-passphrase value] [\-p value] [\-\-raw] [\-\-scram\-mech\-pinning value] [\-\-timeout value] [\-\-tls\-version value] [\-u value] [\-\-version] [recipients…]\fR
|
||||
\fBgo\-sendxmpp [\-cdilnt] [\-a value] [\-f value] [\-\-headline] [\-\-help] [\-h value] [\-j value] [\-m value] [\-\-muc\-password value] [\-\-oob\-file value] [\-\-ox] [\-\-ox\-delete\-nodes] [\-\-ox\-genprivkey\-rsa] [\-\-ox\-genprivkey\-x25519] [\-\-ox\-import\-privkey value] [\-\-ox\-passphrase value] [\-p value] [\-\-raw] [\-\-scram\-mech\-pinning value] [\-\-SSDP\-off] [\-\-timeout value] [\-\-tls\-version value] [\-u value] [\-\-version] [recipients…]\fR
|
||||
.SH "DESCRIPTION"
|
||||
A tool to send messages to an XMPP contact or MUC inspired by \fBsendxmpp\fR\.
|
||||
.br
|
||||
@ -89,6 +89,9 @@ Send raw XML\. To send raw XML to a contact as normal chat message no contact mu
|
||||
\fB\-\-scram\-mech\-pinning=[<value>]\fR
|
||||
Enforce the use of a certain SCRAM authentication mechanism\. Currently go\-sendxmpp supports \fBSCRAM\-SHA\-1\fR, \fBSCRAM\-SHA\-1\-PLUS\fR, \fBSCRAM\-SHA\-256\fR, \fBSCRAM\-SHA\-256\-PLUS\fR, \fBSCRAM\-SHA\-512\fR and \fBSCRAM\-SHA\-512\-PLUS\fR\. You should know what you are doing when using this setting and make sure the chosen mechanism is supported by the server\. If not set, go\-sendxmpp will use XEP\-0474 to prevent downgrade attacks (needs server support)\.
|
||||
.TP
|
||||
\fB\-\-SSDP\-off\fR
|
||||
Disable XEP\-0474: SASL SCRAM Downgrade Protection\.
|
||||
.TP
|
||||
\fB\-\-timeout=\fR[\fIvalue\fR]
|
||||
Connection timeout in seconds\. (Default: 10)
|
||||
.TP
|
||||
|
@ -82,7 +82,7 @@
|
||||
|
||||
<p><code>go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value]
|
||||
[--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value]
|
||||
[--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--timeout value] [--tls-version value] [-u value]
|
||||
[--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--SSDP-off] [--timeout value] [--tls-version value] [-u value]
|
||||
[--version] [recipients…]</code></p>
|
||||
|
||||
<h2 id="DESCRIPTION">DESCRIPTION</h2>
|
||||
@ -191,6 +191,8 @@ To send raw XML to a MUC you have to specify the MUC via <code>-c</code> and go-
|
||||
and <strong>SCRAM-SHA-512-PLUS</strong>. You should know what you are doing when using this setting and
|
||||
make sure the chosen mechanism is supported by the server. If not set, go-sendxmpp will use XEP-0474
|
||||
to prevent downgrade attacks (needs server support).</dd>
|
||||
<dt><code>--SSDP-off</code></dt>
|
||||
<dd>Disable XEP-0474: SASL SCRAM Downgrade Protection.</dd>
|
||||
<dt>
|
||||
<code>--timeout=</code>[<var>value</var>]</dt>
|
||||
<dd>Connection timeout in seconds. (Default: 10)</dd>
|
||||
|
@ -5,7 +5,7 @@ go-sendxmpp(1) -- A tool to send messages to an XMPP contact or MUC.
|
||||
|
||||
`go-sendxmpp [-cdilnt] [-a value] [-f value] [--headline] [--help] [-h value] [-j value] [-m value] [--muc-password value]
|
||||
[--oob-file value] [--ox] [--ox-delete-nodes] [--ox-genprivkey-rsa] [--ox-genprivkey-x25519] [--ox-import-privkey value]
|
||||
[--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--timeout value] [--tls-version value] [-u value]
|
||||
[--ox-passphrase value] [-p value] [--raw] [--scram-mech-pinning value] [--SSDP-off] [--timeout value] [--tls-version value] [-u value]
|
||||
[--version] [recipients…]`
|
||||
|
||||
## DESCRIPTION
|
||||
@ -117,6 +117,9 @@ and **SCRAM-SHA-512-PLUS**. You should know what you are doing when using this s
|
||||
make sure the chosen mechanism is supported by the server. If not set, go-sendxmpp will use XEP-0474
|
||||
to prevent downgrade attacks (needs server support).
|
||||
|
||||
* `--SSDP-off`:
|
||||
Disable XEP-0474: SASL SCRAM Downgrade Protection.
|
||||
|
||||
* `--timeout=`[<value>]:
|
||||
Connection timeout in seconds. (Default: 10)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user