Ticket #116 (closed defect: fixed)

Opened 16 months ago

Last modified 16 months ago

gsasl login failure

Reported by: tofu Owned by: smoku
Priority: major Component: XMPP Complaince
Version: 2.1.8 Keywords:
Cc: jack Tracforge_linkmap:
Blocking: Blocked By:

Description

When I have gsasl as the backend and a client parses the challenge incorrectly and sends the wrong response the server responds with the following : 

<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><temporary-auth-failure/></failure>

This is not the case. it's not a temporary server issue preventing auth This should be another error.

Change History

Changed 16 months ago by jack

  • cc jack added

Changed 16 months ago by smoku

  • status changed from new to assigned
  • component changed from c2s to XMPP Complaince

This is not a temporary issue. True.

But XMPP does not provide a way to report a SASL protocol level error. http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-03.html#sasl-errors

I do not really know what to do with this. :-(

Changed 16 months ago by plaes

What about sending <not-authorized/> or <malformed-request/> instead?

Or could we propose a new SASL-error message for RFC?

Changed 16 months ago by smoku

The request isn't really malformed on the XML level - that would mislead to looking for error in serialiser.

And not-authorized would mislead user to check the credentials entered, which are really entered correctly.

Changed 16 months ago by smoku

  • status changed from assigned to closed
  • resolution set to fixed

(In [305]) Changed SASL level error reporting to malformed-request error according to rfc3920bis. Fixes #116

Note: See TracTickets for help on using tickets.