[Bug 20158] New: digest-uri omits the serv-name part causing authentication failure when host ! = serv-name
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Feb 17 13:18:49 CET 2009
http://bugs.freedesktop.org/show_bug.cgi?id=20158
Summary: digest-uri omits the serv-name part causing
authentication failure when host != serv-name
Product: Telepathy
Version: unspecified
Platform: Other
URL: https://bugs.maemo.org/show_bug.cgi?id=4119
OS/Version: All
Status: NEW
Severity: normal
Priority: medium
Component: telepathy-gabble
AssignedTo: telepathy-bugs at lists.freedesktop.org
ReportedBy: a9016009 at gmx.de
Forwarding from https://bugs.maemo.org/show_bug.cgi?id=4119 .
SOFTWARE VERSION:
Maemo 5.2008.43-7, means:
Nokia-N810:~# dpkg -l | grep telepathy
ii libtelepathy-glib0 0.7.0-0osso2manage
ii libtelepathy2 0.3.1-0osso2
ii telepathy-feed 0.32
ii telepathy-gabble 0.6.2-0osso2
ii telepathy-haze 0.2.0-1collabora1
ii telepathy-sofiasip 0.5.4-0osso10
ii telepathy-stream-engine 0.4.0-0osso6
STEPS TO REPRODUCE THE PROBLEM:
1. Create an XMPP account to a service whose canonical name is not the hostname
of the server and the server software checks the digest-uri.
2. Attempt to connect.
EXPECTED OUTCOME:
Successful authentication.
ACTUAL OUTCOME:
Authentication failure.
According to the server logs the digest-uri sent looks like
"xmpp/server.example.org", whereas it should be
"xmpp/server.example.org/example.org" (see RFC2831 and XEP-0233).
REPRODUCIBILITY:
Always.
OTHER COMMENTS:
The server is ejabberd 2.0.3 on Fedora 10.
Authentication used to work when the server didn't validate the digest-uri
provided by the client, but since 2.0.3 ejabberd now does.
See also https://support.process-one.net/browse/EJAB-569 .
Reproducible also in desktop-side empathy.
--
Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the telepathy-bugs
mailing list