raykichi / jabber-net

Automatically exported from code.google.com/p/jabber-net
Other
0 stars 0 forks source link

Unable to login on jabberd (2) server #26

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1.
Just use the ConsoleClient app to connect to the server
2.
3.

What is the expected output? What do you see instead?
Expect to continue the challenge but SASLException raised
ERROR: jabber.connection.sasl.SASLException: Missing nonce directive

What version of the product are you using? On what operating system?
Downloaded source archive (Release 1.0)
Windows Server 2003, .NET 2.0 , VS 2008

Please provide any additional information below.
ConsoleClient.exe /n web2003 /j TestJabber1@web2003 /p jabber1 /r /i /u
Connecting
Connected
SENT: <stream:stream xmlns:stream="http://etherx.jabber.org/streams"
id="c2458d70" xmlns="jabber:client" to="web2003" version="1.0">
RECV: <?xml version='1.0'?><stream:stream
xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'
from='web2003' version='1.0'
id='u7qhffel7mgjyx4gdaiql3rc7ftxal83hnj48a8b'><stream:features
xmlns:stream='http://
etherx.jabber.org/streams'><starttls
xmlns='urn:ietf:params:xml:ns:xmpp-tls'/><mechanisms
xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>
DIGEST-MD5</mechanism></mechanisms><auth
xmlns='http://
jabber.org/features/iq-auth'/><register
xmlns='http://jabber.org/features/iq-register'/></stream:features>
SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls" />
RECV: <proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
Invalid certificate (RemoteCertificateChainErrors):
[Version]
  V1

[Subject]
  E=root@localhost, CN=localhost, OU=localhost, O=Localhost, L=Localhost,
S=Localhost, C=PL
  Simple Name: localhost
  Email Name: root@localhost
  DNS Name: localhost

[Issuer]
  E=root@localhost, CN=localhost, OU=localhost, O=Localhost, L=Localhost,
S=Localhost, C=PL
  Simple Name: localhost
  Email Name: root@localhost
  DNS Name: localhost

[Serial Number]
  01

[Not Before]
  20/05/2007 21:48:41

[Not After]
  19/05/2009 21:48:41

[Thumbprint]
  26CE2FD2588125922EAC36DAA03F841257194D52

[Signature Algorithm]
  md5RSA(1.2.840.113549.1.1.4)

[Public Key]
  Algorithm: RSA
  Length: 1024
  Key Blob: 30 81 89 02 81 81 00 d3 d0 8a ef b9 1e 16 13 22 a2 15 e9 18 36
ec ac 22 91 63 22 0a e1 fd 15 5f 24 25 6b 5c 4b 44 f5 ba 3c 2b 1e 2c 68 69
57 1f 46 67 5d ef f9 c3 90 7b 1e 1d b6 43 87 0a ec e2 8b 04 4f d5 b8 8f af
e9 f3 04 56 dc 31 8e 38 d1 5a 6d 56 8b af 32 7c e6 60 80 dd b3 b3 e0 7c cb
71 00 73 13 62 c7 53 19 90 21 b3 30 bc ab b4 ed e3 72 3f 2d 64 c2 e7 76 1e
6b 31 96 a3 bc 0c 6f b3 44 69 aa 74 8c d5 02 03 01 00 01
  Parameters: 05 00

SENT: <stream:stream xmlns:stream="http://etherx.jabber.org/streams"
id="31b98ca8" xmlns="jabber:client" to="web2003" version="1.0">
RECV: <?xml version='1.0'?><stream:stream
xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'
from='web2003' version='1.0' id='gf7ijlrqewpdx0ucnlh9ms41bkx6cr0zfbr3e5hi'>
RECV: <stream:features
xmlns:stream='http://etherx.jabber.org/streams'><mechanisms
xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>
DIGEST-MD5</mechanism></mechanisms><auth
xmlns='http://jabber.
org/features/iq-auth'/><register
xmlns='http://jabber.org/features/iq-register'/></stream:features>
SENT: <auth mechanism="DIGEST-MD5" xmlns="urn:ietf:params:xml:ns:xmpp-sasl" />
RECV: <challenge
xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cmVhbG09IndlYjIwMDMiLCBub25jZT0iWWE0anV
NYzU0SG9UWDBPa1VPRDFvQT09IiwgcW9wPSJhdXRoLCBhdXRoLWludCIsIGNoYXJzZXQ9dXRmLTgsIGF
sZ29yaXRobT1tZDUtc2Vzcw==</challenge>
ERROR: jabber.connection.sasl.SASLException: Missing nonce directive

Original issue reported on code.google.com by olatign...@gmail.com on 27 May 2008 at 3:03

GoogleCodeExporter commented 9 years ago
No problem with Psi

Original comment by olatign...@gmail.com on 27 May 2008 at 3:07

GoogleCodeExporter commented 9 years ago
When disabling digest authentication in jabberd server (c2s.xml), everything is 
OK
(authentication done with PLAIN mechanism).
So I think is related to some mis-interpretation of the MD5 string sent by the 
server
located in MD5Processor.cs.
I will try to fix it.

Original comment by olatign...@gmail.com on 2 Jun 2008 at 12:59

GoogleCodeExporter commented 9 years ago
Here is a dump of the challenge the server is sending:

00000000  72 65 61 6c 6d 3d 22 77  65 62 32 30 30 33 22 2c  |realm="web2003",|
00000010  20 6e 6f 6e 63 65 3d 22  59 61 34 6a 75 4d 63 35  | nonce="Ya4juMc5|
00000020  34 48 6f 54 58 30 4f 6b  55 4f 44 31 6f 41 3d 3d  |4HoTX0OkUOD1oA==|
00000030  22 2c 20 71 6f 70 3d 22  61 75 74 68 2c 20 61 75  |", qop="auth, au|
00000040  74 68 2d 69 6e 74 22 2c  20 63 68 61 72 73 65 74  |th-int", charset|
00000050  3d 75 74 66 2d 38 2c 20  61 6c 67 6f 72 69 74 68  |=utf-8, algorith|
00000060  6d 3d 6d 64 35 2d 73 65  73 73                    |m=md5-sess|

What server are you using?  I've never seen one send space between the tokens 
of the DIGEST-MD5, but RFC 
2831 seems to allow it.  I'll add the ability for there to be LWS in the MD5 
parser.

Original comment by hil...@gmail.com on 2 Jun 2008 at 3:51

GoogleCodeExporter commented 9 years ago
I'm using jabberd2 (http://jabberd2.xiaoka.com/) server win32 build
(jabberd-2.1svn557-win32.msi 2008-02-05, 1.46 MB, win32 SVN revision #557 
installer,
modules: SQLite (default) auth & storage, MySQL auth & storage, NTLogon auth 
module).

Original comment by olatign...@gmail.com on 2 Jun 2008 at 4:02

GoogleCodeExporter commented 9 years ago
Fixed in head.  Please svn up, verify, and reopen if it doesn't work for you.  
Added
a unit test as well, to try to prevent regressions.

Original comment by hil...@gmail.com on 3 Jun 2008 at 12:47