Commit b62d5b3a authored by fedor.brunner's avatar fedor.brunner

New option 'authentication_mechanisms'

Fixes #7671
parent ef19590d
......@@ -351,6 +351,7 @@ class Config:
'connection_types': [ opt_str, 'tls ssl plain', _('Ordered list (space separated) of connection type to try. Can contain tls, ssl or plain')],
'tls_version': [ opt_str, '1.0', '' ],
'cipher_list': [ opt_str, 'HIGH:!aNULL:RC4-SHA', '' ],
'authentication_mechanisms': [ opt_str, '', _('List (space separated) of authentication mechanisms to try. Can contain ANONYMOUS, EXTERNAL, GSSAPI, SCRAM-SHA-1-PLUS, SCRAM-SHA-1, DIGEST-MD5, PLAIN, X-MESSENGER-OAUTH2 or XEP-0078') ],
'action_when_plaintext_connection': [ opt_str, 'warn', _('Show a warning dialog before sending password on an plaintext connection. Can be \'warn\', \'connect\', \'disconnect\'') ],
'warn_when_insecure_ssl_connection': [ opt_bool, True, _('Show a warning dialog before using standard SSL library.') ],
'warn_when_insecure_password': [ opt_bool, True, _('Show a warning dialog before sending PLAIN password over a plain connection.') ],
......@@ -1447,8 +1447,15 @@ class Connection(CommonConnection, ConnectionHandlers):
return True
self._register_handlers(con, con_type)
auth_mechs = gajim.config.get_per('accounts',, 'authentication_mechanisms')
auth_mechs = auth_mechs.split()
for mech in auth_mechs:
if mech not in nbxmpp.auth_nb.SASL_AUTHENTICATION_MECHANISMS | set(['XEP-0078']):
log.warning("Unknown authentication mechanisms %s" % mech)
if len(auth_mechs) == 0:
auth_mechs = None
con.auth(user=name, password=self.password,
resource=self.server_resource, sasl=1, on_auth=self.__on_auth)
resource=self.server_resource, sasl=True, on_auth=self.__on_auth, auth_mechs=auth_mechs)
def ssl_certificate_accepted(self):
if not self.connection:
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment