From dffa92c12915c3d2aa13e6f6fe481d4240ca8177 Mon Sep 17 00:00:00 2001
From: Martin <martin@mdosch.de>
Date: Wed, 10 Jan 2024 22:41:08 +0100
Subject: [PATCH] Remove DIGEST-MD5 (#171)

As mentioned in https://github.com/xmppo/go-xmpp/issues/166#issuecomment-1884898526
DIGEST-MD5 is obsolete for a long time now.
---
 xmpp.go | 46 ----------------------------------------------
 1 file changed, 46 deletions(-)

diff --git a/xmpp.go b/xmpp.go
index c8cc9dd..839b483 100644
--- a/xmpp.go
+++ b/xmpp.go
@@ -428,8 +428,6 @@ func (c *Client) init(o *Options) error {
 				mechanism = "X-OAUTH2"
 			case slices.Contains(f.Mechanisms.Mechanism, "PLAIN") && tlsConnOK:
 				mechanism = "PLAIN"
-			case slices.Contains(f.Mechanisms.Mechanism, "DIGEST-MD5"):
-				mechanism = "DIGEST-MD5"
 			}
 		}
 		if strings.HasPrefix(mechanism, "SCRAM-SHA") {
@@ -635,50 +633,6 @@ func (c *Client) init(o *Options) error {
 			base64.StdEncoding.Encode(enc, []byte(raw))
 			fmt.Fprintf(c.conn, "<auth xmlns='%s' mechanism='PLAIN'>%s</auth>\n", nsSASL, enc)
 		}
-		if mechanism == "DIGEST-MD5" {
-			// Digest-MD5 authentication
-			fmt.Fprintf(c.stanzaWriter, "<auth xmlns='%s' mechanism='DIGEST-MD5'/>\n", nsSASL)
-			var ch saslChallenge
-			if err = c.p.DecodeElement(&ch, nil); err != nil {
-				return errors.New("unmarshal <challenge>: " + err.Error())
-			}
-			b, err := base64.StdEncoding.DecodeString(string(ch))
-			if err != nil {
-				return err
-			}
-			tokens := map[string]string{}
-			for _, token := range strings.Split(string(b), ",") {
-				kv := strings.SplitN(strings.TrimSpace(token), "=", 2)
-				if len(kv) == 2 {
-					if kv[1][0] == '"' && kv[1][len(kv[1])-1] == '"' {
-						kv[1] = kv[1][1 : len(kv[1])-1]
-					}
-					tokens[kv[0]] = kv[1]
-				}
-			}
-			realm, _ := tokens["realm"]
-			nonce, _ := tokens["nonce"]
-			qop, _ := tokens["qop"]
-			charset, _ := tokens["charset"]
-			cnonceStr := cnonce()
-			digestURI := "xmpp/" + domain
-			nonceCount := fmt.Sprintf("%08x", 1)
-			digest := saslDigestResponse(user, realm, o.Password, nonce, cnonceStr, "AUTHENTICATE", digestURI, nonceCount)
-			message := "username=\"" + user + "\", realm=\"" + realm + "\", nonce=\"" + nonce + "\", cnonce=\"" + cnonceStr +
-				"\", nc=" + nonceCount + ", qop=" + qop + ", digest-uri=\"" + digestURI + "\", response=" + digest + ", charset=" + charset
-
-			fmt.Fprintf(c.stanzaWriter, "<response xmlns='%s'>%s</response>\n", nsSASL, base64.StdEncoding.EncodeToString([]byte(message)))
-
-			var rspauth saslRspAuth
-			if err = c.p.DecodeElement(&rspauth, nil); err != nil {
-				return errors.New("unmarshal <challenge>: " + err.Error())
-			}
-			b, err = base64.StdEncoding.DecodeString(string(rspauth))
-			if err != nil {
-				return err
-			}
-			fmt.Fprintf(c.stanzaWriter, "<response xmlns='%s'/>\n", nsSASL)
-		}
 	}
 	if mechanism == "" {
 		return fmt.Errorf("no viable authentication method available: %v", f.Mechanisms.Mechanism)