The SCRAM-SHA-1 authentication mechanism
bug description
The python-nbxmpp allows choosen nonce attacks in SCRAM-SHA-1 authentication mechanism, because it doesn't check the nonce returned from server during SCRAM-SHA-1 authentication. According to the RFC 5802 section-5.1 the following check have to be done for attribute r
The client MUST verify that the initial part of the nonce used in subsequent messages is the same as the nonce it initially specified.
bug analysis
The check is missing in nbxmpp/auth_nb.py, there is a remark
# TODO: Should check cnonce here.
fix recommendation
add the missing check