Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Problems with POE::Component::Jabber and DJabberd

by cLive ;-) (Parson)
on Oct 16, 2007 at 21:09 UTC ( #645299=perlquestion: print w/ replies, xml ) Need Help??
cLive ;-) has asked for the wisdom of the Perl Monks concerning the following question:

I have a POE::Component::Jabber client that worked well when connecting to an Openfire server. I'm now trying to connect it to a DJabberd server (both with and without SSL enabled on DJabberd), but it is failing with:

Non-compliant server implementation! SASL negotiation not initiated.

I can connect fine to DJabberd using Psi.

The communication from PCJ (bold) and responses from DJabberd are as follows:

<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' to='myserver.com' version='1.0'>
<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream +='http://etherx.jabber.org/streams' version='1.0' from='myserver.com' + id='2fcd'> <stream:features><auth xmlns='http://jabber.org/features/iq-auth'/><st +arttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/></stream:features>
<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>

<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>

<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' to='myserver.com' version='1.0'>

<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream +='http://etherx.jabber.org/streams' version='1.0' from='myserver.com' + id='2fcdb'> <stream:features><auth xmlns='http://jabber.org/features/iq-auth'/></s +tream:features>


Here's the PCJ constructor:

POE::Component::Jabber->new( IP => '127.0.0.1', Hostname => 'myserver.com', Port => 5222, # (or 5223 for pure SSL connectio +n) Username => 'username', Password => 'password', Alias => 'jabberObj', Resource => 'me', ConnectionType => +XMPP, Debug => $Debug, States => { StatusEvent => 'xmpp_status_event', InputEvent => 'xmpp_input_event', ErrorEvent => 'xmpp_error_event', } )

And here's the DJabberd one:

my $rs = DJabberd::RosterStorage::Test->new; $rs->finalize; my $vcard = DJabberd::Plugin::VCard::SQLite->new; $vcard->set_config_storage("$Bin/roster.sqlite"); $vcard->finalize; my $muc = DJabberd::Plugin::MUC->new; $muc->set_config_subdomain("conference"); $muc->finalize; my $vhost = DJabberd::VHost->new( server_name => 'myserver.com', require_ssl => 0, s2s => 1, plugins => [ DJabberd::Authen::Test->new, $rs, $vcard, $muc, DJabberd::Delivery::Local->new, DJabberd::Delivery::S2S->new, ], ); my $server = DJabberd->new( daemonize => $daemonize, ); $server->add_vhost($vhost); $server->run;

It looks weird that PCJ repeats the stream stanzas, but I'm not sure if that's the issue here. Has anybody got a clue what I'm missing here? It's driving me a little crazy right now. I think I need a nap. Maybe that will help...

Edit - I've just looked at the XML log in Psi, and it appears to use a get iq to trigger authentication, whereas the PCJ one doesn't send the IQ, but does receive a features stream from DJabberd that Psi doesn't appear to get. Weird.

Edit 2 - I missed the last stanza from the server before die earlier. Oops.

Comment on Problems with POE::Component::Jabber and DJabberd
Select or Download Code
Re: Problems with POE::Component::Jabber and DJabberd
by rcaputo (Chaplain) on Oct 16, 2007 at 21:43 UTC

    I wouldn't know where to begin, but I did forward a pointer to your post to the author in irc://irc.perl.org/poe. I know he also reads and responds to POE's mailing list. If you want to ask there, you can find out how to subscribe by sending a blank message to poe-help@perl.org.

    Of course you can contact him directly as well. His e-mail address should be in the documentation.

Re: Problems with POE::Component::Jabber and DJabberd
by cLive ;-) (Parson) on Oct 17, 2007 at 03:08 UTC
    Well, I'm going through RFC 3920, and I think the issue is with PCJ:
    Step 5: Server informs client that it is allowed to proceed: <proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/> Step 5 (alt): Server informs client that TLS negotiation has failed and closes both stream and TCP connection: <failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/> </stream:stream> Step 6: Client and server attempt to complete TLS negotiation over the existing TCP connection. Step 7: If TLS negotiation is successful, client initiates a new stream to server: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' to='example.com' version='1.0'> Step 7 (alt): If TLS negotiation is unsuccessful, server closes TCP connection. Step 8: Server responds by sending a stream header to client along with any available stream features: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' from='example.com' id='c2s_234' version='1.0'> <stream:features> <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> <mechanism>DIGEST-MD5</mechanism> <mechanism>PLAIN</mechanism> <mechanism>EXTERNAL</mechanism> </mechanisms> </stream:features> Step 9: Client continues with SASL negotiation (Section 6).
    So it looks like PCJ is correctly creating the stream, the server responds, but then it dies. I think?!?

    Further down in the RFC we have:

    Step 1: Client initiates stream to server: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' to='example.com' version='1.0'> Step 2: Server responds with a stream tag sent to client: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='c2s_234' from='example.com' version='1.0'> Step 3: Server informs client of available authentication mechanism +s: <stream:features> <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> <mechanism>DIGEST-MD5</mechanism> <mechanism>PLAIN</mechanism> </mechanisms> </stream:features>

    But PCJ doesn't get the mechanisms. It looks like it chokes on the preceding stanza. At least, that's how I see it right now. Hmmm.

Re: Problems with POE::Component::Jabber and DJabberd
by cLive ;-) (Parson) on Oct 18, 2007 at 03:31 UTC

    Having had a chat with both Brad and Nicholas (DJabberd and PCJ author's respectively), it looks like PCJ doesn't support iq-auth, and DJabberd doesn't support SASL.

    I have a feeling that this will mean I start on adding SASL authentication to DJabberd, since Nicholas says he's redoing bits of PCJ right now, so I think it will change quite a bit as he rewrites it.

    If anyone has any suggestions or input on this, I'd love to here from you ;-)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://645299]
Approved by GrandFather
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (3)
As of 2014-10-20 05:33 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (72 votes), past polls