Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server-core
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Packages
Statistics
Child Projects
OneDev 11.5.2
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server server-core Issues #1106
TigaseStringprepException: Illegal characters in string, domain = tigase.im@tigase.im (#1106)
wojciech.kapcia@tigase.net opened 5 years ago 
[2020-01-27 02:17:04:142] [WARNING ] [urn:ietf:params:xml:ns:xmpp-sasl-proc-2 ] SaslAuth.process(): Problem with SASL
java.lang.RuntimeException: tigase.util.stringprep.TigaseStringprepException: Illegal characters in string, domain = tigase.im@tigase.im
	at tigase.auth.impl.PlainCallbackHandler.handleAuthorizationIdCallback(PlainCallbackHandler.java:177)
	at tigase.auth.impl.PlainCallbackHandler.handleCallback(PlainCallbackHandler.java:115)
	at tigase.auth.impl.PlainCallbackHandler.handle(PlainCallbackHandler.java:65)
	at tigase.auth.mechanisms.AbstractSasl.handleCallbacks(AbstractSasl.java:72)
	at tigase.auth.mechanisms.SaslPLAIN.evaluateResponse(SaslPLAIN.java:80)
	at tigase.xmpp.impl.SaslAuth.process(SaslAuth.java:196)
	at tigase.server.xmppsession.SessionManager$ProcessorWorkerThread.process(SessionManager.java:2632)
	at tigase.util.processing.WorkerThread.run(WorkerThread.java:67)
Caused by: tigase.util.stringprep.TigaseStringprepException: Illegal characters in string, domain = tigase.im@tigase.im
	at tigase.util.stringprep.XMPPStringPrepSimple.nameprep(XMPPStringPrepSimple.java:38)
	at tigase.xmpp.jid.BareJID.bareJIDInstance(BareJID.java:101)
	at tigase.xmpp.jid.BareJID.bareJIDInstance(BareJID.java:74)
	at tigase.auth.impl.PlainCallbackHandler.handleAuthorizationIdCallback(PlainCallbackHandler.java:175)
	... 7 more

I think that we should adjust it a bit:

  • respond to the user with unauthorised
  • I'm not sure using RuntimeException is the best option in this case
wojciech.kapcia@tigase.net commented 5 years ago

private note: yes, the SASL was definitely invalid: lyllcy@tigase.im@tigase.im//lyllcy@tigase.im//<password>
wojciech.kapcia@tigase.net commented 4 years ago

@bmalkow any comments?
Bartosz MaƂkowski commented 4 years ago

Agree. The only change of your proposal is server will respond with invalid_authzid (I think this error code fits better to the case).
wojciech.kapcia@tigase.net commented 4 years ago

Thank you for addressing this.
issue 1 of 1
Type
Bug
Priority
Normal
Assignee
wojciech.kapcia@tigase.net
Version
tigase-server-8.1.0
Spent time
30m
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_server/server-core#1106
Please wait...
Page is in error, reload to recover