Error logging in to remote selfhosted server

[CalmTechie]

Initial issue: https://github.com/profanity-im/profanity/issues/1960

At the instance of @sjaeckel (https://github.com/profanity-im/profanity/issues/1960#issuecomment-1999378613), I transfer the issue hither.

Summary:

Logging in to the selfhosted prosody server using profanity (which utilizes libstrophe) causes error. Profanity logs: https://dormant.observer/-W5N6VNrwES

Tried both 0.13.0 and 0.13.1 lib versions.

[sjaeckel]

I was only on mobile before and overlooked the error reason <malformed-request/><text>Proposed channel binding type isn't supported.</text>.

What we know from the logs:

• The server announces support for SCRAM-SHA-1-PLUS and SCRAM-SHA-1
• libstrophe tries SCRAM-SHA-1-PLUS first and sends an auth stanza with content is as follows:

  
  $ echo cD10bHMtZXhwb3J0ZXIsLG49ZGVhY29uLHI9NzUzQTc2QkJBNkRGNkZDRkIyOTM5ODJCRkNCMTEwRjA= | base64 -d
  p=tls-exporter,,n=deacon,r=753A76BBA6DF6FCFB293982BFCB110F0

The first value is either n when the client doesn't support channel binding, y when the client supports channel binding but the server didn't announce it, or p=<channel binding type>. TLS up to 1.2 only supports channel binding type 'tls-unique' TLS from 1.3 on only supports channel binding type 'tls-exporter'

* the TLS connection seems to be TLS 1.3 (indicated by the `tls-exporter` inside the `auth` stanza)
* The server cancels the connection request with the error reason `<malformed-request/><text>Proposed channel binding type isn't supported.</text>`.
* libstrophe falls back to `SCRAM-SHA-1` as expected and sends

$ echo eSwsbj1kZWFjb24scj1EREJFQzdERkIzOUY0NTNBNUQxNENERTJENkZDQTZFOA== | base64 -d y,,n=deacon,r=DDBEC7DFB39F453A5D14CDE2D6FCA6E8

* The server cancels the auth request now without reason, but with a plain `<malformed-request/>`

To me this currently looks more like a misbehaving server announcing support for `SCRAM` even though it's not supported for some reason.

Can you please capture the connection attempt with wireshark and check if it's really TLS 1.3?
Do you have server logs indicating what goes wrong?

[CalmTechie]

Here's server debug logs. It seems that tls 1.3 is in use.

https://dormant.observer/-Xar8pqpuYp

UPD: checked traffic with wireshark: use of tls 1.3 confirmed.

UPD2: tried other clients, like dino or yaxim - auth succedes, with TLS 1.3 as well. Example log: https://dormant.observer/-mbfqZgDzDc

[sjaeckel]

Hmm, server debug logs are not really useful here. It only looks like in the successful example the PLUS variant was not used.

Can you provide debug logs from dino and yaxim?

Can I somehow test against your server? Can you maybe provide your config?

[CalmTechie]

Can't find how to debug yaxim (server logs tells that it uses plain auth mechanism).

Dino's log quite verbose. Here's raw debug log file:

https://dormant.observer/-TcNcSgeqHx

Regarding server configuration: what do you exactly need? Prosody config file is more or less default. Here it is:

https://dormant.observer/-K49g7nckdA

conf.d doesn't contain any additional tweaks.

[sjaeckel]

Which version of prosody are you running? Is it really 0.11.2 as reported when querying the server version? If yes, can you please update to latest stable and try again?

All the other clients that succeed in your tests don't use and/or support SCRAM-*-PLUS and AFAIK @mdosch runs latest prosody and uses SCRAM-*-PLUS successfully with libstrophe/profanity.

[mdosch]

Yep, works with prosody trunk on my server:

2024-03-20T18:08:48.874351+01: xmpp: DBG: handle SCRAM-SHA-1-PLUS (challenge) called for challenge 2024-03-20T18:08:48.927806+01: xmpp: DBG: handle SCRAM-SHA-1-PLUS (challenge) called for success 2024-03-20T18:08:48.927825+01: xmpp: DBG: SASL SCRAM-SHA-1-PLUS auth successful

[CalmTechie]

Can not currently install modern version of prosody. Let's presume it's server malfunction. Thank you for you help.

[sjaeckel]

Feel free to reopen once you could update prosody and this persists.

FYI Currently there's no work around for profanity, besides using an older version of libstrophe.