Tickets :: [#302] tls-exporter in SaslMechScramSha1Plus is not supported

Summary	tls-exporter in SaslMechScramSha1Plus is not supported
Queue	gloox
Queue Version	1.0.27
Type	Enhancement
State	Resolved
Priority	1. Low
Owners	js (at) camaya (dot) net
Requester	pulkomandy (at) pulkomandy (dot) tk
Created	09/26/2023 (74 days ago)
Due
Updated	11/22/2023 (17 days ago)
Assigned
Resolved	11/22/2023 (17 days ago)

11/22/2023 11:32:59 AM	Jakob Schröter	Comment #2 Assigned to Jakob Schröter State ⇒ Resolved	Reply to this comment
Thank you, this is now fixed in svn and will be released with 1.0.28 once I fix the GnuTLS case as well.

09/26/2023 08:02:41 PM	pulkomandy (at) pulkomandy (dot) tk	Comment #1 State ⇒ Unconfirmed Queue ⇒ gloox Summary ⇒ tls-exporter in SaslMechScramSha1Plus is not supported Type ⇒ Enhancement Priority ⇒ 1. Low	Reply to this comment
On TLS 1.3 connections, tls-exporter should be used instead of tls-unique, according to https://datatracker.ietf.org/doc/html/rfc9266 gloox does net implement this and always uses tls-unique, which doesn't work (for example connecting to jabber.fr) Here is a patch implementing it for the OpenSSL backend: https://github.com/haikuports/haikuports/blob/master/net-libs/gloox/patches/gloox-1.0.27.patchset#L75 I tested it succesfully with jabber.fr.