Not logged in. · Lost password · Register
Forum: agsXMPP RSS
Avatar
rfuller #1
Member since Apr 2006 · 5 posts
Group memberships: Members
Show profile · Link to this post
Subject: MiniClient login problem to jabber2
I am trying to connect to a non-open jabber server (version 2) using the VS2003 MiniClient as a replacement to a smack 2.2-based Java application.  I have read the forum postings indicating that there are issues with mono.security.dll and I updated to the latest release (1.1.15).  The server is using OpenSSL and I know that the password (and apparently only the password) is MD5 encrypted.   The logs on the server do not seem to acknowledge my attempts to login.  Can you help me what to try next? Here is the Debug log:


SEND: <stream:stream to='jabber.geotrax.net' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>
RECV: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" version="1.0" from="jabber.geotrax.net" id="a382kv3v9px4z2wsqai0yold41ccy1795gcqbfml" >
RECV: <stream:features xmlns:stream="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism></mechanisms></stream:features>
SEND: <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="DIGEST-MD5" />
RECV: <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">cmVhbG09ImphYmJlci5nZW90cmF4Lm5ldCIsbm9uY2U9IjY3NDBmZmZkMDk0ODczM2UyNGQwZmRkOTJhZmFhOTEzNjE1ZjQwZmIiLHFvcD0iYXV0aCIsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M=</challenge>
SEND: <response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">dXNlcm5hbWU9InJhZmFsZXJ0cyIscmVhbG09ImphYmJlci5nZW90cmF4Lm5ldCIsbm9uY2U9IjY3NDBmZmZkMDk0ODczM2UyNGQwZmRkOTJhZmFhOTEzNjE1ZjQwZmIiLGNub25jZT0iNDhmMDJlOWEwYTA4ZDgwM2NlZTk1Y2I0ODIyNzc4ZTZhZWNlMjI1YzU4YTM1ZjYyNzBjN2QyZTFjNzc3ZDc2OSIsbmM9MDAwMDAwMDEscW9wPWF1dGgsZGlnZXN0LXVyaT0ieG1wcC9qYWJiZXIuZ2VvdHJheC5uZXQiLGNoYXJzZXQ9dXRmLTgscmVzcG9uc2U9NmE2MDJlMDQ3MzhlYTdjNzNjMDBkMzZjZjQ5NzAxMzQ=</response>
RECV: <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><temporary-auth-failure /></failure>


Thanks in advance,
Rich
Avatar
Alex #2
Member since Feb 2003 · 4317 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Hello,

This is an authentication failure. According to the XMPP specs you should not login with SASL on a unsecure connection. Iif you connected without SSL this could be the reason. Because the server adverises no StartTLS stream feature.
If you connected with SSL on port 5223 then the problem must be located somewhere else. Can you tell us a bit more about your server? Is it the open source jabberd2 server? Is it possible to get a test account on your server for debugging? Does your username or password include some special characters? Or is the username mixed with upper and lower case characters?

Alex
Avatar
rfuller #3
Member since Apr 2006 · 5 posts
Group memberships: Members
Show profile · Link to this post
I was configured for SSL on port 5223 and that is correct for the server.  It is open-source jabberd2 running on Linux. My username and password only have alpha-numerical characters. I will be contacting you via email to setup a test account.

Thanks,
Rich
Avatar
Alex #4
Member since Feb 2003 · 4317 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Can you post a XML log from a Smack login process? Then we can see if there is smth different.

Alex
Avatar
rfuller #5
Member since Apr 2006 · 5 posts
Group memberships: Members
Show profile · Link to this post
Regrettably the smack application does not print out a log; and my quick attempts to sniff the 5223 port have been unsuccessful.  I'd rather not start a new development to add logging to the smack client (plus I am not very familiar with Java); but I should be able to capture a log by monitoring a port.  I am running Windows XP SP2; any ideas on what tool to use?

Thanks,
Rich
Avatar
Alex #6
Member since Feb 2003 · 4317 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Hello rfuller,

Smack has a complete debug console window in its extension library. But i don't know exactly how to use it.
Feel also free to use our xmpp server at ag-software.de until we located your problem.

Alex
Avatar
rfuller #7
Member since Apr 2006 · 5 posts
Group memberships: Members
Show profile · Link to this post
Fantastic idea.  I searched through my smack documentation and found out how to enable the debug window without changing the program.  Here is what the login session looks like (I haven't parsed it for differences yet, but at first glance there are differences):

Sent:
 <stream:stream to="jabber.geotrax.net" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">
<iq id="P8wFR-0" type="get"><query xmlns="jabber:iq:auth"><username>rafalerts</username></query></iq>
<iq id="P8wFR-1" type="set"><query xmlns="jabber:iq:auth"><username>rafalerts</username><digest>b6645634d4a6663894bfa08ef7e9d2ee21f11bde</digest><resource>Smack</resource></query></iq>
<iq id="P8wFR-2" type="get"><query xmlns="jabber:iq:roster"></query></iq>
<presence id="P8wFR-3"></presence>
<message id="P8wFR-4" to="jaxi@jabber.geotrax.net" type="chat"><body>ALERT CLIENT STARTUP</body><thread>m36R40</thread></message>

Received:
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' from='jabber.geotrax.net' id='4q5xkp94algg2f9xi09ej1m68jwymvfqlko6axbk'>
<iq xmlns='jabber:client' id='P8wFR-0' type='result'>
<query xmlns='jabber:iq:auth'><username>rafalerts</username><resource/><password/><digest/></query></iq>
<iq xmlns='jabber:client' id='P8wFR-1' type='result'/>
<iq xmlns='jabber:client' type='result' id='P8wFR-2'><query xmlns='jabber:iq:roster'>
<item subscription='from' jid='jaxi@jabber.geotrax.net'/></query></iq>

Interpreted:
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' from='jabber.geotrax.net' id='4q5xkp94algg2f9xi09ej1m68jwymvfqlko6axbk'>
<iq xmlns='jabber:client' id='P8wFR-0' type='result'>
<query xmlns='jabber:iq:auth'><username>rafalerts</username><resource/><password/><digest/></query></iq>
<iq xmlns='jabber:client' id='P8wFR-1' type='result'/>
<iq xmlns='jabber:client' type='result' id='P8wFR-2'><query xmlns='jabber:iq:roster'>
<item subscription='from' jid='jaxi@jabber.geotrax.net'/></query></iq>


The smack code is set to log on and then create a chat with jaxi@jabber.geotrax.net.  It then creates a packet listener for everything coming from that user.
Avatar
Alex #8
Member since Feb 2003 · 4317 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
yes there are differences. Smack is using here the old jabber:iq:auth authentication. So i assume you run a pretty old version of Smack. Because the latest versions of Smack are XMPP compliant and will also use SASL authentication.
Anyway, i had no luck to login to your server with the test account you created for me. Not with SASL and not with the old jabber:iq:auth. There must be a problem with my test account, and i assume there is a problem with Sasl authentication on your server.

Alex
Avatar
Alex #9
Member since Feb 2003 · 4317 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
in the MiniClient you can try to set XmppConnection.StreamVersion = null. Then it will not send stream Version 1.0 and also switch to the old authentication like the smack library does.

Alex
Avatar
rfuller #10
Member since Apr 2006 · 5 posts
Group memberships: Members
Show profile · Link to this post
That made a difference.  The format looks the same but the authentification is being denied for some reason.  I even used the resource "Smack" to try to emulate the exact sequence. 

SEND: <stream:stream to='jabber.geotrax.net' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en'>
RECV: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" from="jabber.geotrax.net" id="azw9pb4h3815men1fxxjgwi8qqaqf7yp7uzx53e9" >
SEND: <iq xmlns="jabber:client" id="agsXMPP_1" type="get" to="jabber.geotrax.net"><query xmlns="jabber:iq:auth"><username>rafalerts</username></query></iq>
RECV: <iq xmlns="jabber:client" id="agsXMPP_1" type="result"><query xmlns="jabber:iq:auth"><username>rafalerts</username><resource /><password /><digest /></query></iq>
SEND: <iq xmlns="jabber:client" id="agsXMPP_2" type="set"><query xmlns="jabber:iq:auth"><username>rafalerts</username><resource>Smack</resource><digest>3ab2041e7eb2ba13555d86b5b8b456330b4a6cba</digest></query></iq>
RECV: <iq xmlns="jabber:client" id="agsXMPP_2" type="error"><error code="401" /><query xmlns="jabber:iq:auth"><username>rafalerts</username><resource>Smack</resource><digest>3ab2041e7eb2ba13555d86b5b8b456330b4a6cba</digest></query></iq>
Avatar
Alex #11
Member since Feb 2003 · 4317 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
we found the problem. rfullers jabberd2 is authenticating against passwords from a web application. The webapp stores the passwords as MD5 hash, and the jabberd2 script is authenticating against the MD5 hashes and not the original passwords. Which means he has to set the MD5 hash in the password property in XMPPClientConnection.

Alex
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Forum: agsXMPP RSS