Opened at 2010-04-09T10:56:45Z
Closed at 2010-04-29T08:33:32Z
#585 closed defect (worksforme)
in the module is not working jabber PLAIN authentication.
Reported by: | anonymous | Owned by: | wilmer |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | Jabber | Version: | 1.2.5 |
Keywords: | authentication | Cc: | |
IRC client+version: | Client-independent | Operating System: | Public server |
OS version/distro: | ALL UNIX |
Description
in the module is not working jabber PLAIN authentication. TLS authentication is completed return in case of error, which makes all the subsequent code unusable. property TLS and XMLCONSOLE not change through "account set" because their values are hardcoded in the code.
Attachments (0)
Change History (5)
comment:1 follow-ups: 2 3 Changed at 2010-04-10T01:14:42Z by
comment:2 Changed at 2010-04-13T19:19:12Z by
Sign in jabber completed successfully after removal of a piece of code responsible for TLS authentication. likely program was an inadequate response and execute code "return XT_ABORT;"
int trytls;
trytls = g_strcasecmp( set_getstr( &ic->acc->set, "tls" ), "try" ) == 0; c = xt_find_node( node->children, "starttls" ); if( c && !jd->ssl ) {
/* If the server advertises the STARTTLS feature and if we're
not in a secure connection already: */
c = xt_find_node( c->children, "required" );
if( c && ( !trytls && !set_getbool( &ic->acc->set, "tls" ) ) ) {
imcb_error( ic, "Server requires TLS connections, but TLS is turned off for this account" ); imc_logout( ic, FALSE );
return XT_ABORT;
}
/* Only run this if the tls setting is set to true or try: */
if( ( trytls set_getbool( &ic->acc->set, "tls" ) ) ) {
reply = xt_new_node( "starttls", NULL, NULL ); xt_add_attr( reply, "xmlns", XMLNS_TLS ); if( !jabber_write_packet( ic, reply ) ) {
xt_free_node( reply ); return XT_ABORT;
} xt_free_node( reply );
return XT_HANDLED;
}
} else if( !c && !jd->ssl ) {
/* If the server does not advertise the STARTTLS feature and
we're not in a secure connection already: (Servers have a habit of not advertising <starttls/> anymore when already using SSL/TLS. */
if( !trytls && set_getbool( &ic->acc->set, "tls" ) ) {
imcb_error( ic, "TLS is turned on for this account, but is not supported by this server" ); imc_logout( ic, FALSE );
return XT_ABORT;
}
}
xml log from bitlbee not have. (Could not deliver the property xmlconsole = true) xml log from psi.
<?xml version="1.0"?> <stream:stream xmlns:stream="" version="1.0" xmlns="jabber:client" to="diary.ru" xml:lang="ru" xmlns:xml="http://www.w3.org/XML/1998/namespace" >
<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='' id='469065554' from='diary.ru' version='1.0' xml:lang='ru'>
<stream:features> <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/> <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"> <mechanism>PLAIN</mechanism> </mechanisms> <register xmlns=""/> </stream:features>
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN" >hash_password...</auth>
<success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>
<?xml version="1.0"?>
<stream:stream xmlns:stream="" version="1.0" xmlns="jabber:client" to="diary.ru" xml:lang="ru" xmlns:xml="http://www.w3.org/XML/1998/namespace" >
<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http:/ /etherx.jabber.org/streams' id='3963351281' from='diary.ru' version='1.0' xml:lang='ru'>
<stream:features> <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/> <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/> </stream:features>
<iq type="set" id="bind_1" > <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"> <resource>domov0y</resource> </bind> </iq>
<iq xmlns="jabber:client" type="result" id="bind_1" > <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"> <jid>domov0y@…/domov0y</jid> </bind> </iq>
<iq type="set" id="aacea" > <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/> </iq>
<iq type="result" id="aacea" > <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/> </iq>
<iq type="get" id="aacfa" > <query xmlns="jabber:iq:roster"/> </iq>
p.s. I apologize for ovratitelny English. I had hardly know. I write only from google translate p.p.s. because of the anti-spam had to cut the log XML
comment:3 Changed at 2010-04-13T20:03:54Z by
sorry for the inconvenience. tried again to recompile the original program. surprised to see that everything works. with what was related error I can not say. Unfortunately the log because of which I cut out the tls code is not preserved. (I do not know how to work with wireshark). Is the assumption that the two servers on which of the three tested, previously supported only plain authentication.
comment:4 Changed at 2010-04-13T22:16:38Z by
My apologies for that spam filter, it can really get in the way. Sadly the amount of spam I'd get without it would be too high. I really hate it. :-(
If you see this problem again, let's try to get the xmlconsole enabled. A command like this:
account set diary.ru/xmlconsole on
should definitely enable that successfully.
I can see you're using a translator, but it's working well enough for me to understand you. :-)
comment:5 Changed at 2010-04-29T08:33:32Z by
Resolution: | → worksforme |
---|---|
Status: | new → closed |
Looks like this was fixed actually.
I'm not sure I understand your bug report. Can you give some more details and/or an xmlconsole log? What is hardcoded in which code?
PLAIN authentication should be there for sure.