Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jabber:iq:auth not working - fix #100

Open
DavidusEdwardus opened this issue Nov 30, 2012 · 3 comments
Open

jabber:iq:auth not working - fix #100

DavidusEdwardus opened this issue Nov 30, 2012 · 3 comments

Comments

@DavidusEdwardus
Copy link

When writing my own XMPP service using DJabbberd , I found i could log in using BOSH and Pidgin, but not strophejs. jabber:iq:auth is deprecated, but when testing, I had SASL disabled.

At what point a server advertises the iq-auth stream feature is up to the implementation or deployment, and in my case, this is as per Example 9 Xep-0078. The code looks for the mechanism tag, and if not found, loops infinitely in the case this is never offered.

My fix may not be relevant or suitable, but here it is for completeness or if anyone else is curious

From 2958 on

    var do_sasl_anonymous = false;
    var do_iq_auth = false;

    var mechanisms = bodyWrap.getElementsByTagName("mechanism");
    var authns = bodyWrap.getElementsByTagName("auth");
    if(authns.length > 0);
    {
        var authvar = authns[0];
        if(authvar.namespaceURI === 'http://jabber.org/features/iq-auth')
        {
            do_iq_auth = true;
        }
    }

    var i, mech, auth_str, hashed_auth_str;
    if (mechanisms.length > 0) {
        for (i = 0; i < mechanisms.length; i++) {
            mech = Strophe.getText(mechanisms[i]);
            if (mech == 'DIGEST-MD5') {
                do_sasl_digest_md5 = true;
            } else if (mech == 'PLAIN') {
                do_sasl_plain = true;
            } else if (mech == 'ANONYMOUS') {
                do_sasl_anonymous = true;
            }
        }
    } else {
        // we didn't get stream:features yet, so we need wait for it
        // by sending a blank poll request
        if(do_iq_auth === false)
        {
            Strophe.debug("No stream, poll");
            var body = this._buildBody();               
            this._requests.push(
                new Strophe.Request(body.tree(),
                                    this._onRequestStateChange.bind(
                                        this, this._connect_cb.bind(this)),
                                    body.tree().getAttribute("rid")));
            this._throttledRequestHandler();
            return;
        }
@metajack
Copy link
Owner

I don't mind adding in jabber:iq:auth as long as it's advertised as a a feature in stream:features and can be detected.

Note that it's not part of XMPP 1.0 at all.

@metajack
Copy link
Owner

Oh I've misunderstood your patch. This causes it to keep looping waiting for stream:features?

@DavidusEdwardus
Copy link
Author

Indeed, its looking for the mechanism tag, and its ostensible (and in my testing with the SASL module disabled :P ) , that the tag will not be offered. In that case, its an infinite loop.

Of course as you say, its not part of the spec, and its also deprecated, but for completeness, that was it.

Gordin pushed a commit to Gordin/strophejs that referenced this issue Jan 31, 2015
@jcbrand
Merge pull request metajack#100 from strophe/bugfix_ticket_25
a403568 
Bugfix. item-not-found error caused by long term request. fixes metajack#25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@metajack @DavidusEdwardus