Bug 21228

Summary: require-encryption seems not to work during registration!
Product: Telepathy Reporter: Will Thompson <will>
Component: gabbleAssignee: Telepathy bugs list <telepathy-bugs>
Status: RESOLVED WONTFIX QA Contact: Telepathy bugs list <telepathy-bugs>
Severity: critical    
Priority: medium    
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard: 0.8 only, probably
i915 platform: i915 features:

Description Will Thompson 2009-04-16 09:33:52 UTC 
Using telepathy-inspector, I registered a test account. I ensured that require-encryption was true and old-ssl was false. The following debug excerpts appear to show that Gabble doesn't bother doing <starttls/> before sending the desired username and password in the clear:

(telepathy-gabble:28074): tp-glib-DEBUG: tp_cm_param_setter_offset: old-ssl = FALSE
(telepathy-gabble:28074): tp-glib-DEBUG: tp_cm_param_setter_offset: require-encryption = TRUE
(telepathy-gabble:28074): tp-glib-DEBUG: tp_cm_param_setter_offset: register = TRUE

SEND:
-----------------------------------
<?xml version='1.0' encoding='UTF-8'?>
-----------------------------------

SEND:
-----------------------------------
<stream:stream version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="localhost" id="200857733695">
-----------------------------------

RECV [173]:
-----------------------------------
'<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='3705431228' from='localhost' version='1.0' xml:lang='en'>'
-----------------------------------

SEND:
-----------------------------------
<iq type="get" id="278545803186"> <query xmlns="jabber:iq:register"></query>
</iq>

-----------------------------------

RECV [271]:
-----------------------------------
'<stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism></mechanisms><register xmlns='http://jabber.org/features/iq-register'/></stream:features>'
-----------------------------------

RECV [216]:
-----------------------------------
'<iq from='localhost' id='278545803186' type='result'><query xmlns='jabber:iq:register'><instructions>Choose a username and password to register with this server</instructions><username/><password/></query></iq>'
-----------------------------------

SEND:
-----------------------------------
<iq type="set" id="333971867831"> <query xmlns="jabber:iq:register"> <username>snthsnthsnthsrnhsth</username>
 <password>snthsnthsnt</password>
</query>
</iq>

-----------------------------------

RECV [182]:
-----------------------------------
'<iq from='localhost' id='333971867831' type='result'><query xmlns='jabber:iq:register'> <username>snthsnthsnthsrnhsth</username>
 <password>snthsnthsnt</password>
</query></iq>'
Comment 1 Simon McVittie 2009-11-25 09:15:05 UTC 
Is this still buggy with 0.9? I suspect it's not.
Comment 2 Will Thompson 2010-09-14 10:20:04 UTC 
This is 0.8 only, and is WONTFIX there. It's fixed in Wocky.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.