Last Comment Bug 806228 - Fix login to XMPP servers that implement XMPP v1.0, don't support SASL, but advertise iq-auth support (eg. fastmail)
: Fix login to XMPP servers that implement XMPP v1.0, don't support SASL, but a...
Status: RESOLVED FIXED
:
Product: Thunderbird
Classification: Client Software
Component: Instant Messaging (show other bugs)
: 17 Branch
: All All
: -- normal (vote)
: Thunderbird 19.0
Assigned To: Florian Quèze [:florian] [:flo]
:
Mentors:
: 789868 (view as bug list)
Depends on:
Blocks: 789745
  Show dependency treegraph
 
Reported: 2012-10-28 13:05 PDT by Alexei Colin
Modified: 2012-12-06 09:31 PST (History)
5 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
+
fixed
+
fixed


Attachments
thunderbird-im-xmpp-no-sasl.log (2.13 KB, text/plain)
2012-10-28 13:05 PDT, Alexei Colin
no flags Details
WIP (3.84 KB, patch)
2012-10-29 17:44 PDT, Florian Quèze [:florian] [:flo]
no flags Details | Diff | Review
Patch v2 (5.09 KB, patch)
2012-11-01 15:47 PDT, Florian Quèze [:florian] [:flo]
no flags Details | Diff | Review
Patch v2 (5.91 KB, patch)
2012-11-01 15:50 PDT, Florian Quèze [:florian] [:flo]
clokep: review+
standard8: approval‑comm‑aurora+
standard8: approval‑comm‑beta+
Details | Diff | Review

Description Alexei Colin 2012-10-28 13:05:00 PDT
Created attachment 675977 [details]
thunderbird-im-xmpp-no-sasl.log

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:16.0) Gecko/20100101 Firefox/16.0
Build ID: 20121010231231

Steps to reproduce:

This is a fork of Bug 789745. The following case seems to not be covered by the detection mechanism implemented as a fix to that bug.

1. Created an XMPP account with chat.messagingengine.com:5222 (a server without SASL support).
2. Attempted to connect.

Server details:
[1] http://fastmail.wikia.com/wiki/ChatService
[2] http://blog.fastmail.fm/2012/09/26/one-step-forward-two-steps-back/



Actual results:

The connection failed with "No authentication mechanism offered by the server".
The debug log is attached.


Expected results:

Thunderbird IM should have detected that this server does not support SASL and fallen back to legacy authentication.
Comment 1 Florian Quèze [:florian] [:flo] 2012-10-29 17:44:18 PDT
Created attachment 676416 [details] [diff] [review]
WIP

This should be all we need to change to fix this. I haven't tested this at all, so not requesting review yet. Feedback welcome of course :).

The relevant specs are:
http://xmpp.org/rfcs/rfc3920.html#sasl
"If the receiving entity is capable of SASL negotiation, it MUST advertise one or more authentication mechanisms within a <mechanisms/> element qualified by the 'urn:ietf:params:xml:ns:xmpp-sasl' namespace in reply to the opening stream tag received from the initiating entity (if the opening stream tag included the 'version' attribute set to a value of at least "1.0")."

and http://xmpp.org/extensions/xep-0078.html#streamfeature
"It may be desirable for a server to advertise support for non-SASL authentication as a stream feature. The namespace for reporting support within <stream:features/> is "http://jabber.org/features/iq-auth". Upon receiving a stream header qualified by the 'jabber:client' namespace, a server that returns stream features SHOULD also announce support for non-SASL authentication by including the relevant stream feature."
Comment 2 Florian Quèze [:florian] [:flo] 2012-11-01 15:47:59 PDT
Created attachment 677591 [details] [diff] [review]
Patch v2

This was tested by aleth. And I also added a comment to clarify some code that made us frown when looking at it.
Comment 3 Florian Quèze [:florian] [:flo] 2012-11-01 15:50:21 PDT
Created attachment 677593 [details] [diff] [review]
Patch v2

Same patch, with the additional comment added for real this time.
Comment 4 Patrick Cloke [:clokep] 2012-11-01 15:51:54 PDT
Comment on attachment 677593 [details] [diff] [review]
Patch v2

Thanks for fixing this Florian. Looks good to me!
Comment 5 Florian Quèze [:florian] [:flo] 2012-11-01 15:59:05 PDT
Comment on attachment 677593 [details] [diff] [review]
Patch v2

[Approval Request Comment]
Regression caused by (bug #): Not really a regression, but this patch fixes an edge case that wasn't handled by the patch in bug 789745 that added support of non-SASL authentication to Thunderbird 17.
User impact if declined: impossible to login to some XMPP server, for example the fastmail server.
Testing completed (on c-c, etc.): I had someone with a fastmail account test the patch locally and confirm he can login with this patch applied.
Risk to taking this patch (and alternatives if risky): low, the patch is relatively straight forward.
Comment 7 Mike Conley (:mconley) - (needinfo me!) 2012-11-02 11:17:45 PDT
comm-aurora: https://hg.mozilla.org/releases/comm-aurora/rev/170701a3acc0
comm-beta: https://hg.mozilla.org/releases/comm-beta/rev/a18af72a9831
Comment 8 Florian Quèze [:florian] [:flo] 2012-12-06 09:31:24 PST
*** Bug 789868 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.