commit e9b66df7beab2ff9a857a2146962e0ab3e5daa3d
Author: selfhoster1312 <selfhoster1312@kl.netlib.re>
Date: Fri Dec 12 12:16:28 2025 +0000
xmpp: Add NoPLAIN setting
diff --git a/bridge/xmpp/xmpp.go b/bridge/xmpp/xmpp.go
index a15b53f..a51baec 100644
--- a/bridge/xmpp/xmpp.go
+++ b/bridge/xmpp/xmpp.go
@@ -2036 +2037 @@ func (b *Bxmpp) createXMPP() error {
InsecureAllowUnencryptedAuth: !b.GetBool("UseDirectTLS") && b.GetBool("NoStartTLS"),
DebugWriter: b.Log.Writer(),
Mechanism: b.GetString("Mechanism"),
+ NoPLAIN: b.GetBool("NoPLAIN"),
}
var err error
b.xc, err = options.NewClient()
diff --git a/changelog.md b/changelog.md
index 5ad7ba9..7cc0f8f 100644
--- a/changelog.md
+++ b/changelog.md
@@ -277 +277 @@
- Supports public messages and private messages
- Supports attachments
- xmpp
- - New and revised advanced authentication settings `UseDirectTLS`, `NoStartTls`, and `Mechanism` ([#77](https://github.com/matterbridge-org/matterbridge/pull/77))
+ - New and revised advanced authentication settings `UseDirectTLS`, `NoStartTls`, `NoPlain`, and `Mechanism` ([#77](https://github.com/matterbridge-org/matterbridge/pull/77))
## Bugfixes
diff --git a/docs/protocols/xmpp/settings.md b/docs/protocols/xmpp/settings.md
index 6b6b3a3..fd84e27 100644
--- a/docs/protocols/xmpp/settings.md
+++ b/docs/protocols/xmpp/settings.md
@@ -1223 +12217 @@ bugs. If you don't understand it, you don't need it.
```toml
Mechanism="PLAIN"
```
+
+## NoPLAIN
+
+Prevent using `PLAIN` SASL authentication to the server. This is an advanced setting
+which is incompatible with many servers (eg. those using LDAP auth). When enabled,
+this setting will make sure your configured password is *never* sent to the server,
+only establishing a secure handshake such as [SCRAM](https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism).
+
+- Setting: **OPTIONAL**
+- Format: *boolean*
+- Example:
+ ```toml
+ NoPLAIN=true
+ ```
