Add support for SCRAM-SHA-256

With this aproach it will be simple to add any hash to the scram implementation with some simple boilerplate.

2 files changed, 20 insertions, 4 deletions

diff --git a/protocols/jabber/jabber.h b/protocols/jabber/jabber.h
index 5412a08f..3445e4d7 100644
--- a/protocols/jabber/jabber.h
+++ b/protocols/jabber/jabber.h
@@ -82,6 +82,11 @@ typedef enum {
 	JCHALLENGE_SCRAM
 } jabber_challenge_t;
 
+typedef enum {
+	JSCRAM_SHA1   = 0x0001,
+	JSCRAM_SHA256 = 0x0002
+} jabber_scram_t;
+
 struct jabber_data {
 	struct im_connection *ic;
 
diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c
index b60bdc7e..c8aad776 100644
--- a/protocols/jabber/sasl.c
+++ b/protocols/jabber/sasl.c
@@ -97,7 +97,9 @@ xt_status sasl_pkt_mechanisms(struct xt_node *node, gpointer data)
 			} else if (g_strcasecmp(c->text, "X-OAUTH2") == 0) {
 				sup_gtalk = 1;
 			} else if (g_strcasecmp(c->text, "SCRAM-SHA-1") == 0) {
-				sup_scram = 1;
+				sup_scram = JSCRAM_SHA1;
+			} else if (g_strcasecmp(c->text, "SCRAM-SHA-256") == 0) {
+				sup_scram = JSCRAM_SHA256;
 			}
 
 			g_string_append_printf(mechs, " %s", c->text);
@@ -168,9 +170,18 @@ xt_status sasl_pkt_mechanisms(struct xt_node *node, gpointer data)
 		unsigned char cnonce_bin[30];
 		char *cnonce;
 
-		jd->challenge.type = JCHALLENGE_SCRAM;
-		jd->challenge.scram_algo = GCRY_MD_SHA1;
-		xt_add_attr(reply, "mechanism", "SCRAM-SHA-1");
+		if (sup_scram & JSCRAM_SHA256) {
+			jd->challenge.type = JCHALLENGE_SCRAM;
+			jd->challenge.scram_algo = GCRY_MD_SHA256;
+			xt_add_attr(reply, "mechanism", "SCRAM-SHA-256");
+		} else if (sup_scram & JSCRAM_SHA1) {
+			jd->challenge.type = JCHALLENGE_SCRAM;
+			jd->challenge.scram_algo = GCRY_MD_SHA1;
+			xt_add_attr(reply, "mechanism", "SCRAM-SHA-1");
+		} else {
+			imcb_error(ic, "Unknown scram method"); /* Just in case, but we should not get here */
+			return XT_ABORT;
+		}
 
 		gs = g_string_sized_new(128);