Error 'AuthSend': error: malformed-request[?]

[TRSx80]

Yes I have already read the related Issues, but still have not been able to get this working. This is my second or third try over period of months. I need to be able to send XMPP from command line for lots of reasons but have not been able to ever since this started.

This post has a reply (in Spanish?) suggesting to edit some perl library/file, which I tried and that didn't work.

I also read this post about "installing the CA certificate in client side", however there are dozens (maybe hundreds) of certificates in /etc/ssl/certs so I don't understand which certificate they are referring to?

The server I am trying to send through is my own, and yes I have proper certificates (thru Let's Encrypt). Am I supposed to copy/install something into my local machine to get that working?

[TRSx80]

I tried again with debug output:

trs80@hal:~$ echo "test" | sendxmpp -n --tls -v -d trs80@server.com
sendxmpp: config: 'username' => 'trs80@server.com'
sendxmpp: config: 'port' => '5222'
sendxmpp: config: 'password' => 'my_super_sekrit_passwd'
sendxmpp: config: 'jserver' => 'server.com'
XML::Stream: new: hostname = (hal.local.lan)
XML::Stream: SetCallBacks: tag(node) func(CODE(0x5619147b4850))
XMPP::Conn: xmppCallbackInit: start
XMPP::Conn: SetCallBacks: tag(message) func(CODE(0x5619143f3e20))
XMPP::Conn: SetCallBacks: tag(presence) func(CODE(0x5619147a1bc8))
XMPP::Conn: SetCallBacks: tag(iq) func(CODE(0x5619147b4358))
XMPP::Conn: SetPresenceCallBacks: type(subscribed) func(CODE(0x5619147b45e0))
XMPP::Conn: SetPresenceCallBacks: type(unsubscribed) func(CODE(0x5619147b3ce0))
XMPP::Conn: SetPresenceCallBacks: type(subscribe) func(CODE(0x5619147b3f80))
XMPP::Conn: SetPresenceCallBacks: type(unsubscribe) func(CODE(0x5619147b4580))
XMPP::Conn: SetDirectXPathCallBacks: xpath(/[@xmlns="urn:ietf:params:xml:ns:xmpp-tls"]) func(CODE(0x5619147b45c8))
XMPP::Conn: SetDirectXPathCallBacks: xpath(/[@xmlns="urn:ietf:params:xml:ns:xmpp-sasl"]) func(CODE(0x5619147b3c08))
XMPP::Conn: xmppCallbackInit: stop
sendxmpp: ssl_verify: 0
sendxmpp: tls_ca_path: 
XMPP::Conn: Connect: host(server.com:5222) namespace(jabber:client)
XMPP::Conn: Connect: timeout(10)
XML::Stream: Connect: type(tcpip)
XML::Stream: Connect: Got a connection
XML::Stream: Send: (<?xml version='1.0'?><stream:stream version='1.0' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' to='server.com' from='hal.local.lan' xml:lang='en' >)
XML::Stream: Read: buff(<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='server.com' id='bb459e08-f50c-48ee-aff8-6fb684957018' version='1.0' xmlns='jabber:client'><stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls></stream:features>)
XMPP::Conn: Connect: connection made
XML::Stream: SetCallBacks: tag(node) func(CODE(0x5619147b3cf8))
XML::Stream: Send: (<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>)
XML::Stream: Read: buff(<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>)
XML::Stream: TLSClientProceed: Convert normal socket to SSL
XML::Stream: TLSClientProceed: sock(IO::Socket::INET=GLOB(0x5619147b3e48))
XML::Stream: LoadSSL: Load the IO::Socket::SSL module
XML::Stream: LoadSSL: Success
XML::Stream: TLSClientProceed: ssl_sock(IO::Socket::SSL=GLOB(0x5619147b3e48))
XML::Stream: TLSClientProceed: SSL: We are secure
XML::Stream: Send: (<?xml version='1.0'?><stream:stream version='1.0' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' to='server.com' from='hal.local.lan' xml:lang='en' >)
XML::Stream: Read: buff(<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='server.com' id='cbf68998-5c97-4046-b159-84c6282ca2a2' version='1.0' xmlns='jabber:client'><stream:features><auth xmlns='http://jabber.org/features/iq-auth'/><register xmlns='http://jabber.org/features/iq-register'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>SCRAM-SHA-1-PLUS</mechanism></mechanisms></stream:features>)
sendxmpp: Connect: 1
XMPP::Conn: AuthSASL: shiney new auth
XML::Stream: Send: (<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN'>Y3ViaWV0cnVja0BuZXN0LnVzLnRvQG5lc3QudXMudG8AY3ViaWV0cnVja0BuZXN0LnVzLnRvAHY3YnBKdXZSeUxDeXBS</auth>)
XMPP::Conn: AuthSASL: haven't authed yet... let's wait.
XMPP::Conn: Process: timeout(1)
XML::Stream: Read: buff(<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><malformed-request/><text>Invalid username or password.</text></failure>)
XMPP::Conn: AuthSASL: Authentication failed.
Error 'AuthSend': error: malformed-request[?]
XML::Stream: Send: (</stream:stream>)
XML::Stream: SetCallBacks: tag(node) func(CODE(0x5619147b4b98))
XMPP::Conn: Disconnect: bye bye
sendxmpp: Disconnect

My server is Prosody, In the meantime I also tried suggestions from this thread which did not help either. I have also tried with ~/.sendxmpprc config file and command line options for user/pass, to no avail. As well as all combinations of security options from this thread although I am getting slightly different results.

[TRSx80]

After some further diagnosing with help from others in Prosody Chatroom I think the problem has to do with connecting to the server over LAN. Because sendxmpp works when I ssh in to the server and send directly from there. And I have some scripts that also work from the server using sendxmpp. But not from another client on the LAN. For example, see line above:

XML::Stream: new: hostname = (hal.local.lan)

The problem could also be crypto version related, as the client is on Debian Buster and the serrver on an older version of Debian.

But I don't have any more time to diagnose this at the moment, so I will have to pick it back up again later. I think I am getting close though, and of course will update with solution once I have found it.

[TRSx80]

I'm an idiot! For months I struggled with this! I even kept re-visiting it periodically... But still could not figure it out! I was about to start using some Python library, simply to send messages from servers, etc. via scripts, from the command line... :frowning_face:

Finally today I figured it out. Wait for it...

I simply removed the @domain from the username: line in my .sendxmpprc. :frowning_face: You believe that?! In other words, instead of:

# ~/.sendxmpprc
username: user@domain.com
jserver: domain.com
...

It needs to simply be:

# ~/.sendxmpprc
username: user
jserver: domain.com
...

I cannot believe how stupid I am and how long I struggled with this simple problem. :frowning_face: Well, hopefully my post help someone else at least.

[TRSx80]

On second thought, I re-open the issue to discuss the following:

Perhaps consider issuing some more helpful error message in case someone made simple mistake like I did?

Because searching the Internet for that error, leads you to a bunch of TLS issues in Debian (see also issue I linked immediately above), and about the Perl XMPP library, etc... (as you can also see above, in my original posts trying to diagnose the issue) which were all "wild goose chases" so to speak... When the whole problem all along was a very simple wrong config.

So, maybe we can save someone else a lot of time and headaches like I went through? What do you think?

[ghost]

"I cannot believe how stupid I am and how long I struggled with this simple problem. frowning_face Well, hopefully my post help someone else at least."

It did for me, thank you good sir :)

And I agree about info in man page like "you might want to try username without domain if that gets you an error". I searched for solution for about 30 minutes, and I actually did not get here from search engine. I manually searched for repo for this project and reviewed issues in hope someone had same problem.

[TRSx80]

Ha! Glad it helped someone. You made my day @michal-lyszczek-red. :smile:

[pboettcher]

Reopened the issue, because at me the full username is "user@server1.com" and server name is "server2". User name MUST be full.