Implement SASL2, BIND2, and FAST

.eslintrc.js

@@ -17,7 +17,7 @@ module.exports = {
 
   parserOptions: {
     sourceType: "script",
-    ecmaVersion: 2019,
+    ecmaVersion: 2020,
     ecmaFeatures: {
       jsx: true,
     },

packages/client/browser.js

@@ -12,17 +12,20 @@ const _iqCallee = require("@xmpp/iq/callee");
 const _resolve = require("@xmpp/resolve");
 
 // Stream features - order matters and define priority
+const _sasl2 = require("@xmpp/sasl2");
 const _sasl = require("@xmpp/sasl");
 const _resourceBinding = require("@xmpp/resource-binding");
 const _sessionEstablishment = require("@xmpp/session-establishment");
 const _streamManagement = require("@xmpp/stream-management");
 
 // SASL mechanisms - order matters and define priority
 const anonymous = require("@xmpp/sasl-anonymous");
+const htsha256 = require("@xmpp/sasl-ht-sha-256-none");
 const plain = require("@xmpp/sasl-plain");
 
 function client(options = {}) {
   const { resource, credentials, username, password, ...params } = options;
+  const { clientId, software, device } = params;
 
   const { domain, service } = params;
   if (!domain && service) {
@@ -40,11 +43,17 @@ function client(options = {}) {
   const iqCallee = _iqCallee({ middleware, entity });
   const resolve = _resolve({ entity });
   // Stream features - order matters and define priority
+  const sasl2 = _sasl2(
+    { streamFeatures },
+    credentials || { username, password },
+    { clientId, software, device },
+  );
   const sasl = _sasl({ streamFeatures }, credentials || { username, password });
   const streamManagement = _streamManagement({
     streamFeatures,
     entity,
     middleware,
+    sasl2,
   });
   const resourceBinding = _resourceBinding(
     { iqCaller, streamFeatures },
@@ -55,9 +64,11 @@ function client(options = {}) {
     streamFeatures,
   });
   // SASL mechanisms - order matters and define priority
-  const mechanisms = Object.entries({ plain, anonymous }).map(([k, v]) => ({
-    [k]: v(sasl),
-  }));
+  const mechanisms = Object.entries({
+    htsha256,
+    plain,
+    anonymous,
+  }).map(([k, v]) => ({ [k]: [v(sasl2), v(sasl)] }));
 
   return Object.assign(entity, {
     entity,
@@ -68,6 +79,7 @@ function client(options = {}) {
     iqCaller,
     iqCallee,
     resolve,
+    sasl2,
     sasl,
     resourceBinding,
     sessionEstablishment,

packages/client/index.js

@@ -15,18 +15,21 @@ const _resolve = require("@xmpp/resolve");
 
 // Stream features - order matters and define priority
 const _starttls = require("@xmpp/starttls/client");
+const _sasl2 = require("@xmpp/sasl2");
 const _sasl = require("@xmpp/sasl");
 const _resourceBinding = require("@xmpp/resource-binding");
 const _sessionEstablishment = require("@xmpp/session-establishment");
 const _streamManagement = require("@xmpp/stream-management");
 
 // SASL mechanisms - order matters and define priority
 const scramsha1 = require("@xmpp/sasl-scram-sha-1");
+const htsha256 = require("@xmpp/sasl-ht-sha-256-none");
 const plain = require("@xmpp/sasl-plain");
 const anonymous = require("@xmpp/sasl-anonymous");
 
 function client(options = {}) {
   const { resource, credentials, username, password, ...params } = options;
+  const { clientId, software, device } = params;
 
   const { domain, service } = params;
   if (!domain && service) {
@@ -47,11 +50,17 @@ function client(options = {}) {
   const resolve = _resolve({ entity });
   // Stream features - order matters and define priority
   const starttls = _starttls({ streamFeatures });
+  const sasl2 = _sasl2(
+    { streamFeatures },
+    credentials || { username, password },
+    { clientId, software, device },
+  );
   const sasl = _sasl({ streamFeatures }, credentials || { username, password });
   const streamManagement = _streamManagement({
     streamFeatures,
     entity,
     middleware,
+    sasl2,
   });
   const resourceBinding = _resourceBinding(
     { iqCaller, streamFeatures },
@@ -64,9 +73,10 @@ function client(options = {}) {
   // SASL mechanisms - order matters and define priority
   const mechanisms = Object.entries({
     scramsha1,
+    htsha256,
     plain,
     anonymous,
-  }).map(([k, v]) => ({ [k]: v(sasl) }));
+  }).map(([k, v]) => ({ [k]: [v(sasl2), v(sasl)] }));
 
   return Object.assign(entity, {
     entity,
@@ -80,6 +90,7 @@ function client(options = {}) {
     iqCallee,
     resolve,
     starttls,
+    sasl2,
     sasl,
     resourceBinding,
     sessionEstablishment,

packages/client/package.json

@@ -16,10 +16,12 @@
     "@xmpp/reconnect": "^0.13.0",
     "@xmpp/resolve": "^0.13.1",
     "@xmpp/resource-binding": "^0.13.0",
+    "@xmpp/sasl2": "^0.13.0",
     "@xmpp/sasl": "^0.13.0",
     "@xmpp/sasl-anonymous": "^0.13.0",
     "@xmpp/sasl-plain": "^0.13.0",
     "@xmpp/sasl-scram-sha-1": "^0.13.0",
+    "@xmpp/sasl-ht-sha-256-none": "^0.13.0",
     "@xmpp/session-establishment": "^0.13.0",
     "@xmpp/starttls": "^0.13.1",
     "@xmpp/stream-features": "^0.13.0",

packages/connection/index.js

@@ -258,6 +258,13 @@ class Connection extends EventEmitter {
 
     const headerElement = this.headerElement();
     headerElement.attrs.to = domain;
+    if (
+      this.socket.secure &&
+      this.socket.secure() &&
+      (this.streamFrom || this.jid)
+    ) {
+      headerElement.attrs.from = (this.streamFrom || this.jid).toString();
+    }
     headerElement.attrs["xml:lang"] = lang;
     this.root = headerElement;
 

packages/sasl-ht-sha-256-none/index.js

@@ -0,0 +1,28 @@
+"use strict";
+
+var createHmac = require("create-hmac");
+
+function Mechanism() {}
+
+Mechanism.prototype.Mechanism = Mechanism;
+Mechanism.prototype.name = "HT-SHA-256-NONE";
+Mechanism.prototype.clientFirst = true;
+
+Mechanism.prototype.response = (cred) => {
+  this.password = cred.password;
+  const hmac = createHmac("sha256", this.password);
+  hmac.update("Initiator");
+  return cred.username + "\0" + hmac.digest("latin1");
+};
+
+Mechanism.prototype.final = (data) => {
+  const hmac = createHmac("sha256", this.password);
+  hmac.update("Responder");
+  if (hmac.digest("latin1") !== data) {
+    throw "Responder message from server was wrong";
+  }
+};
+
+module.exports = (sasl) => {
+  sasl.use(Mechanism);
+};

packages/sasl-ht-sha-256-none/package.json

@@ -0,0 +1,23 @@
+{
+  "name": "@xmpp/sasl-ht-sha-256-none",
+  "description": "XMPP SASL HT-SHA-256-NONE for JavaScript",
+  "repository": "github:xmppjs/xmpp.js",
+  "homepage": "https://github.com/xmppjs/xmpp.js/tree/main/packages/sasl-ht-sha-256-none",
+  "bugs": "http://github.com/xmppjs/xmpp.js/issues",
+  "version": "0.13.0",
+  "license": "ISC",
+  "keywords": [
+    "XMPP",
+    "sasl",
+    "plain"
+  ],
+  "dependencies": {
+    "create-hmac": "^1.1.7"
+  },
+  "engines": {
+    "node": ">= 14"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}