search

nikkuang / gtalksms

Automatically exported from code.google.com/p/gtalksms
0 stars 0 forks source link

Authentification problems (or GtalkSMS being mad) (Metronome/Prosody server) #351

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Using Metronome-hg 3.3.3-1, a popular social-oriented prosody fork.

When i want to connect GtalkSMS with a account on this server, SSL activated, 
it's says password is incorrect.

Debug log :

Uuuh... I can't, GtalkSMS get stuck at "Acquiring logs" and i can see the share 
menu...

Server log :

Jan 27 21:56:17 c2s960edb8  info    Client connected
Jan 27 21:56:18 host.net:log_auth   info    Failed authentication attempt 
(malformed-request) from IP: 123.123.123.123

Server debug log :

Jan 27 22:11:32 c2s83b7a50  info    Client connected
Jan 27 22:11:32 c2s83b7a50  debug   Client sent opening <stream:stream> to host.net
Jan 27 22:11:32 c2s83b7a50  debug   Sent reply <stream:stream> to client
Jan 27 22:11:32 c2s83b7a50  debug   Received[c2s_unauthed]: <starttls 
xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jan 27 22:11:32 socket  debug   try to start ssl at client id: 83b7a50 
Jan 27 22:11:32 socket  debug   ssl session delayed until writebuffer is empty... 
Jan 27 22:11:32 c2s83b7a50  debug   TLS negotiation started for c2s_unauthed...
Jan 27 22:11:32 socket  debug   starting ssl handshake after writing 
Jan 27 22:11:32 socket  debug   starting handshake... 
Jan 27 22:11:32 socket  debug   ssl handshake of client with id:table: 0x83b7a50, 
attempt:1 
Jan 27 22:11:33 socket  debug   ssl handshake of client with id:table: 0x83b7a50, 
attempt:2 
Jan 27 22:11:33 socket  debug   ssl handshake of client with id:table: 0x83b7a50, 
attempt:3 
Jan 27 22:11:34 socket  debug   ssl handshake done 
Jan 27 22:11:34 c2s83b7a50  debug   Client sent opening <stream:stream> to host.net
Jan 27 22:11:34 c2s83b7a50  debug   Sent reply <stream:stream> to client
Jan 27 22:11:34 c2s83b7a50  debug   Received[c2s_unauthed]: <auth 
mechanism='PLAIN' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
Jan 27 22:11:34 host.net:log_auth   info    Failed authentication attempt 
(malformed-request) from IP: 37.160.139.209
Jan 27 22:11:34 host.net:saslauth   debug   sasl reply: <failure 
xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><malformed-request/><text>Invalid 
username or password.</text></failure>

When i want to connect GtalkSMS with a account on this server, with no SSL on 
that one (and unencrypted plain auth unallowed), GtalkSMS become crazy and 
flood the server with connections (really)

Server debug log (2-3 connexions) :
Jan 27 22:19:29 c2s85840f8  info    Client connected
Jan 27 22:19:29 c2s85840f8  debug   Client sent opening <stream:stream> to host.net
Jan 27 22:19:29 c2s85840f8  debug   Sent reply <stream:stream> to client
Jan 27 22:19:29 c2s85840f8  debug   Received[c2s_unauthed]: <iq id='ymR74-551' 
type='get'>
Jan 27 22:19:29 stanzarouter    debug   Stanza of type iq from c2s_unauthed has 
xmlns: jabber:iq:auth
Jan 27 22:19:29 stanzarouter    debug   Unhandled c2s_unauthed stanza: iq; 
xmlns=jabber:iq:auth
Jan 27 22:19:30 socket  debug   accepted incoming client connection from: 
123.123.123.123 3344 to 5222 
Jan 27 22:19:30 c2s858db90  info    Client connected
Jan 27 22:19:30 c2s858db90  debug   Client sent opening <stream:stream> to host.net
Jan 27 22:19:30 c2s858db90  debug   Sent reply <stream:stream> to client
Jan 27 22:19:30 c2s858db90  debug   Received[c2s_unauthed]: <iq id='ymR74-552' 
type='get'>
Jan 27 22:19:30 stanzarouter    debug   Stanza of type iq from c2s_unauthed has 
xmlns: jabber:iq:auth
Jan 27 22:19:30 stanzarouter    debug   Unhandled c2s_unauthed stanza: iq; 
xmlns=jabber:iq:auth
Jan 27 22:19:30 socket  debug   accepted incoming client connection from: 
123.123.123.123 3346 to 5222 
Jan 27 22:19:30 c2s8595308  info    Client connected
Jan 27 22:19:30 c2s8595308  debug   Client sent opening <stream:stream> to host.net
Jan 27 22:19:30 c2s8595308  debug   Sent reply <stream:stream> to client
Jan 27 22:19:30 c2s8595308  debug   Received[c2s_unauthed]: <iq id='ymR74-553' 
type='get'>
Jan 27 22:19:30 stanzarouter    debug   Stanza of type iq from c2s_unauthed has 
xmlns: jabber:iq:auth
Jan 27 22:19:30 stanzarouter    debug   Unhandled c2s_unauthed stanza: iq; 
xmlns=jabber:iq:auth

PS: When allowing unencrypted plain auth, GtalkSMS respond in no-TLS like the 
first (wrong password) without becoming crazy.

Additional informations:
Phone model: Xperia U
Server : Metronome-hg 3.3.3-1
Passwords are stored in a hashed form.

---SASL :
--Pre-TLS :
SCRAM-SHA-1

--Post-TLS :
EXTERNAL
PLAIN
SCRAM-SHA-1

So... Is that my server or the client in cause ?

Original issue reported on code.google.com by eclair...@gmail.com on 27 Jan 2014 at 9:35

GoogleCodeExporter commented 9 years ago 
Hello
Indeed on some kind of error GTalkSMS might try to reconnect without 
temporisation and flood the server.
Concerning the authentication attempts do you use the login with the domain 
like foo@domain.com or directly the login?

Original comment by Florent....@gmail.com on 27 Jan 2014 at 9:41

GoogleCodeExporter commented 9 years ago 
"Uuuh... I can't, GtalkSMS get stuck at "Acquiring logs" and i can see the 
share menu..."
can't*

Sorry !

Original comment by eclair...@gmail.com on 27 Jan 2014 at 9:41

GoogleCodeExporter commented 9 years ago 
Yes, i use the login with the domain, like xperia@host.net.

Without the domain, with manual parameters, GtalkSMS seems to do nothing when i 
push the connect button :/

Original comment by eclair...@gmail.com on 27 Jan 2014 at 9:52

GoogleCodeExporter commented 9 years ago 
Hmmm with manual setting without the domain should work.
For the logs do you have adb or ddms (they added a limitation in the last 
version of Android to remove the in app access to the logs)?

Original comment by Florent....@gmail.com on 27 Jan 2014 at 10:21

GoogleCodeExporter commented 9 years ago 
Greetings,

The "flood part" is caused because GtalkSMS is attempting to use Legacy 
Authentication which I removed support of in Metronome, e.g.:

Jan 27 22:19:30 stanzarouter    debug   Stanza of type iq from c2s_unauthed has 
xmlns: jabber:iq:auth
Jan 27 22:19:30 stanzarouter    debug   Unhandled c2s_unauthed stanza: iq; 
xmlns=jabber:iq:auth

As the logs says the stanza is unhandled by the server.
Apparently it's also trampling on PLAIN SASL (sending a malformed request to 
the server).

Original comment by maranda3...@gmail.com on 14 Feb 2014 at 3:59

GoogleCodeExporter commented 9 years ago 
It should also sensibly hook for non-fatal errors during legacy auth and stop 
attempting to auth.

Original comment by maranda3...@gmail.com on 14 Feb 2014 at 4:01

GoogleCodeExporter commented 9 years ago 
"Hmmm with manual setting without the domain should work."
Better be late than never, but it worked ! Thanks a lot ! ><

2014-02-14 5:02 GMT+01:00 <gtalksms@googlecode.com>:

Original comment by eclair...@gmail.com on 24 Mar 2014 at 7:33

GoogleCodeExporter commented 9 years ago

Original comment by Florent....@gmail.com on 17 Aug 2014 at 2:44