Bugzilla – Bug 20158
digest-uri omits the serv-name part causing authentication failure when host != serv-name
Last modified: 2009-06-02 09:10:30 UTC
Forwarding from https://bugs.maemo.org/show_bug.cgi?id=4119 .
Maemo 5.2008.43-7, means:
Nokia-N810:~# dpkg -l | grep telepathy
ii libtelepathy-glib0 0.7.0-0osso2manage
ii libtelepathy2 0.3.1-0osso2
ii telepathy-feed 0.32
ii telepathy-gabble 0.6.2-0osso2
ii telepathy-haze 0.2.0-1collabora1
ii telepathy-sofiasip 0.5.4-0osso10
ii telepathy-stream-engine 0.4.0-0osso6
STEPS TO REPRODUCE THE PROBLEM:
1. Create an XMPP account to a service whose canonical name is not the hostname
of the server and the server software checks the digest-uri.
2. Attempt to connect.
According to the server logs the digest-uri sent looks like
"xmpp/server.example.org", whereas it should be
"xmpp/server.example.org/example.org" (see RFC2831 and XEP-0233).
The server is ejabberd 2.0.3 on Fedora 10.
Authentication used to work when the server didn't validate the digest-uri
provided by the client, but since 2.0.3 ejabberd now does.
See also https://support.process-one.net/browse/EJAB-569 .
Reproducible also in desktop-side empathy.
The digest-uri is set to a bogus value by Loudmouth if using SRV. I've tested with recent ejabberd and they are happy with both xmpp/example.net and xmpp/server.example.net/example.net.. We can't really do the last form as that relies on the server being configured correctly, which i assume most servers aren't. So the former is correct.
The relevant Loudmouth bug (with patch) is:
*** Bug 20982 has been marked as a duplicate of this bug. ***