#439 closed defect (fixed)
SOAP-based authentication broken
| Reported by: | Owned by: | wilmer | |
|---|---|---|---|
| Priority: | major | Milestone: | 1.2.2 |
| Component: | MSN | Version: | 1.2.1 |
| Keywords: | Cc: | ||
| IRC client+version: | Client-independent | Operating System: | Linux |
| OS version/distro: |
Description
A few days ago one of my two MSN accounts was unable to login on Bitlbee, and repeatedly got the following error message:
> account on 4 <root> msn(accountname@hotmail.co.uk) - Logging in: Connecting <root> msn(accountname@hotmail.co.uk) - Logging in: Connected to server, waiting for reply <root> msn(accountname@hotmail.co.uk) - Logging in: Transferring to other server <root> msn(accountname@hotmail.co.uk) - Logging in: Connected to server, waiting for reply <root> msn(accountname@hotmail.co.uk) - Couldn't log in: Error reported by MSN server: Authentication failed <root> msn(accountname@hotmail.co.uk) - Logging in: Signing off..
My other account logged in successfully with bitlbee, and the problematic account could login successfully using the M$ client or gaim.
I tried out various things, including creating new accounts, and discovered that any account I created with the same password received this error, but that changing the password would allow any of the accounts to work again. I've changed my password now, so have no problem sharing the bugged one, it's Jdshntm3. To reproduce, create a new MSN account with this password. https://accountservices.passport.net/reg.srf
I'm using the Debian modified version of 1.2.1.
Attachments (0)
Change History (21)
comment:1 Changed at 2008-07-28T05:16:31Z by
comment:2 Changed at 2008-07-28T06:24:38Z by
Rather than doing an account del on my msn IM account, I did an "account set <account id>/<password> <passsword>". Then, logging into my msn account, still fails. I'm beginning to think it's either MSN blocking my IP or a gateway problem.
Chascon
comment:3 Changed at 2008-07-28T07:30:03Z by
Can't be my IP being blocked, 'cause Adium connects to my msn IM service. I just may try to delete my MSN account on Bitlbee and then add it again and see what happens.
comment:4 Changed at 2008-07-28T11:28:42Z by
I had the same issue but after changing my password to [a-z]+ I was again able to sign in.
comment:5 Changed at 2008-07-28T11:50:37Z by
I also had this very issue, after I changed the msn-passwd to [a-z] it's working once again.
comment:6 follow-up: 7 Changed at 2008-07-28T11:57:52Z by
I also had this very issue, after I changed the msn-passwd to [a-z] it's
working once again.
That's pretty ridiculous. :-( Has anyone tried an older BitlBee version
yet? Something like 1.0.4, for example. In 1.2 I switched to a new
authentication mechanism, maybe I shouldn't have done that.
comment:7 Changed at 2008-07-28T12:22:57Z by
Replying to Wilmer van der Gaast <wilmer@gaast.net>:
That's pretty ridiculous. :-( Has anyone tried an older BitlBee version
yet? Something like 1.0.4, for example. In 1.2 I switched to a new
authentication mechanism, maybe I shouldn't have done that.
I just made a succesful connection using v0.92 (that's the only other version apart from 1.2 that I've got access to) using a password containing [0-9a-zA-Z]. The same password is a no-go using v1.2
comment:8 Changed at 2008-07-28T12:25:30Z by
| Milestone: | → 1.2.2 |
|---|---|
| Priority: | normal → major |
| Summary: | specific password causes authentication failure on MSN → SOAP-based authentication broken |
comment:10 Changed at 2008-07-28T12:41:37Z by
Same issue for me today. The fix sorted it - removing numbers from my password (so it became [a-z]+) lets me log on
comment:11 Changed at 2008-07-28T18:34:03Z by
Same issue and fix there. Had the same problem few days ago for a few hours, and since tonight ~1h UTC+2 til now.
Tested versions:
- 1.2.1: fails
- 1.2: fails
- 1.1.1dev: success
Wanted to search the commit but unfortunately the bzr server doesnt respond.
comment:12 Changed at 2008-07-28T18:53:40Z by
What makes this even more interesting is that the failure comes from the notification server, not from the authentication server. When you give the wrong password on purpose, the error is slightly different:
:rootroot@localhost.localdomain PRIVMSG &bitlbee :msn - Couldn't log in: Error during Passport authentication: wsse:FailedAuthentication (Authentication Failure)
So the authentication seems okay, just that the MSN Messenger server somehow doesn't accept the token.
comment:13 Changed at 2008-07-29T02:29:18Z by
It's not just numbers, but symbols that also seem to be throwing things off.
comment:14 Changed at 2008-07-30T00:19:33Z by
http://forums.miranda-im.org/showpost.php?s=154c97590b56528d31e7bd20fd2a3bdb&p=162186&postcount=70
Looks like it's not just BitlBee that is broken. Reverting to the non-SOAP authentication should fix this. I'm trying to avoid this since that code is horribly messy, but may do it anyway if no other solution comes up any time soon. The Miranda dev still blames the MS servers and thinks things will restore themselves, I'm not so optimistic about it.
comment:15 Changed at 2008-07-30T06:29:44Z by
The error is now "Couldn't log in: Error during Passport authentication: wsse:FailedAuthentication (Authentication Failure)", which make more sense.
comment:16 Changed at 2008-07-30T15:37:13Z by
I can confirm this is an issue on Ubuntu 8.04
Changing the password to all lower case something is the work around I used.
comment:17 Changed at 2008-07-30T20:08:15Z by
I think all know it by now. But i can confirm too that lower case and numbers is working just fine. Did change my password just for connect.
comment:18 Changed at 2008-07-31T22:13:02Z by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Rolled back to the old mechanism. The only alternative seems to be "upgrading" to MSNP15 or something like that, which I'll leave up to someone who actually knows people on the MSN Messenger network. :-)
comment:20 Changed at 2009-09-24T19:32:32Z by
I ran into a similar problem earlier this week that may or may not be related -- I had set my display name to have non-latin characters (it was in Japanese), and I was completely unable to login. It kept saying "Unknown authentication type". I eventually logged into Meebo, changed my display name, and tried again, and everything worked.
comment:22 Changed at 2009-11-20T17:38:11Z by
aenslad, that's a different known bug: #536. I know what's going on there and it looks to me like a bug in the MSN servers. Working around it is possible but it breaks other functionality. :-(
I want to see what's going on here and find a proper fix, also.
I'm blocking further posts to this bug now since the spammers seem to have discovered it. I fear the day those fuckers learn and start spamming random bugs instead of the same one all the time.
If you can let me know the exact name that triggered this bug (just post it in the other bug) that'd be great BTW.
I can vouch for this problem too on OS X, running the 1.2.1 release. This release was working for me just yesterday, and it's been on the fritz since. I've seen this sort of behaviour before and I've had to delete the account and create it again. I don't know if the account preferences get corrupted, or what.
My OSCAR (AIM) account is also acting up, although I doubt it is related.
Chascon