Add support for XEP-0227 r1.1

[mwild1]

XEP-0227 (import/export format) was previously lacking standards for a number of features - SCRAM, PEP and MAM. The latest update to XEP-0227 (rev 1.1) addresses that, and this version is now implemented in Prosody.

Both ejabberd and Prosody previously supported exporting SCRAM credentials for example, but were using different non-interoperable formats. Hopefully we can make such issues a thing of the past :)

[Neustradamus]

Very important!

• https://xmpp.org/extensions/xep-0227.html

@mwild1: Impossible to compare, there are only 0.1 and 0.3, missing: 0.0.1, 0.2, 1.0, 1.1

• http://www.aptest.com/standards/htmldiff/htmldiff.pl?oldfile=https://xmpp.org/extensions/attic/xep-0227-0.1.html&newfile=https://xmpp.org/extensions/attic/xep-0227-0.3.html
• https://github.com/xsf/xep-attic/search?q=0227

[badlop]

That old-school scram export was implemented in eb52c11 and I have no idea where it came from.

Anyway, I've updated ejabberd_piefxis to export using XEP format, and accept as import both XEP and old-school.

Something like this can be imported now (the password for user-oldscram is "oldscram", for user-scram is "scram", and for user-scram256 is "scram256"). When exporting, ejabberd no longer uses the oldscram format.

<?xml version='1.0' encoding='utf-8'?>
<server-data xmlns='urn:xmpp:pie:0'
             xmlns:xi='http://www.w3.org/2001/XInclude'>
  <host xmlns='urn:xmpp:pie:0'
        xmlns:xi='http://www.w3.org/2001/XInclude'
        jid='localhost'>
    <user name='user-nopass' />
    <user name='user-plain'
          password='plain' />
    <user name='user-oldscram' password='scram:ZzAyeGQ5NEpoSUlONFVONklRbWtNNWgwY2hNPQ==,dHJmM2VHbGRiTC9ldDNWUm11NzFnTVh2dGk4PQ==,YjJLZDJVbWFQNVpCcVdZemJsNDNlQT09,4096' />
    <user name='user-scram'>
      <scram-credentials xmlns='urn:xmpp:pie:0#scram'
                         mechanism='SCRAM-SHA-1'>
        <iter-count>4096</iter-count>
        <salt>ekErUlBmR00yc2xIbi9Nd3BRNkFadz09</salt>
        <server-key>dU4rWXVnbENvc0RjWFZZVk94dUg3emtqVnpzPQ==</server-key>
        <stored-key>akxQUE5HK0pSamt6STZFSTRjMk9RT05JNU40PQ==</stored-key>
      </scram-credentials>
    </user>
    <user name='user-scram256'>
      <scram-credentials xmlns='urn:xmpp:pie:0#scram'
                         mechanism='SCRAM-SHA-256'>
        <iter-count>4096</iter-count>
        <salt>T2laZTZGOUl1QTlEUjhlWFBraHFpZz09</salt>
        <server-key>V1RxRGx4VXJWN002UGhnVGtsSXhGN3ZuSHFPa1BpN0hGd0VYdVpjdzdtdz0=</server-key>
        <stored-key>dHByaXhXTjlYRkRNMklIdTFHaXhVaHh1SktJVm9wUUE1OVl2U1hvZ0tLbz0=</stored-key>
      </scram-credentials>
    </user>
  </host>
</server-data>

[badlop]

@mwild1 What is the plaintext password of the SCRAM provided in https://xmpp.org/extensions/xep-0227.html#example-4 ? Describing that would allow developers to test their implementations

[mwild1]

There isn't one, those are dummy values. In general I think it would be good to have a test file for interoperability testing. For starters, I'll generate an export from Prosody's implementation and send it to you (I would do so right now but I already found a bug in the output ;) ).

[Neustradamus]

@badlop: Thanks a lot for your improvements! :)

[Neustradamus]

@badlop: It can be updated or archived?

• https://github.com/processone/openfire-export

[badlop]

The User Import/Export Plugin plugin is more updated, and its documentation says:

XEP-0227 Compliance - Both Import and Export have an option to enable to use the format as defined in XEP-0227. This format is intended as a Portable Import/Export Format for XMPP-IM Servers.

So probably https://github.com/processone/openfire-export can point that plugin, and get archived.

[badlop]

PR here: processone/openfire-export#1