NPE i JabberIqAuth (#1130)

Closed

Activities

wojciech.kapcia@tigase.net opened 5 years ago

Stanza:

<iq type="set" xmlns="jabber:client" id="mirfc8815830e189f81_2">
    <query xmlns=&quot;jabber:iq :auth&quot;>
        <username>CData size: 9</username>
        <password/>
        <resource>CData size: 7</resource>
    </query>
</iq>

Log:

[2020-03-10 07:43:28:198] [FINEST  ] [ jabber:iq:auth-proc-0 ] DomainFilter.filter()            : Filtering (packet): from=c2s@ip-10-0-20-104.us-west-2.compute.internal/10.0.20.104_5222_27.147.207.192_50201, to=sess-man@ip-10-0-20-104.us-west-2.compute.internal, DATA=[iq type=&quot;set&quot; xmlns=&quot;jabber:client&quot; id=&quot;mirfc8815830e189f81_2&quot;][query xmlns=&quot;jabber:iq:auth&quot;][username]CData size: 9[/username][password/][resource]CData size: 7[/resource][/query][/iq], SIZE=176, XMLNS=jabber:client, PRIORITY=NORMAL, PERMISSION=LOCAL, TYPE=set
[2020-03-10 07:43:28:199] [FINEST  ] [ jabber:iq:auth-proc-0 ] SessionManager.processPacket()   : Packet processed by: [jabber:iq:auth]
[2020-03-10 07:43:28:200] [WARNING ] [ jabber:iq:auth-proc-0 ] JabberIqAuth.doAuth()            : Can&apos;&apos;t authenticate with given CallbackHandler
java.io.IOException: Password verification problem.
	at tigase.auth.impl.PlainCallbackHandler.handleVerifyPasswordCallback(PlainCallbackHandler.java:166)
	at tigase.auth.impl.PlainCallbackHandler.handleCallback(PlainCallbackHandler.java:117)
	at tigase.auth.impl.PlainCallbackHandler.handle(PlainCallbackHandler.java:65)
	at tigase.xmpp.impl.JabberIqAuth.doAuth(JabberIqAuth.java:260)
	at tigase.xmpp.impl.JabberIqAuth.process(JabberIqAuth.java:167)
	at tigase.server.xmppsession.SessionManager$ProcessorWorkerThread.process(SessionManager.java:2632)
	at tigase.util.processing.WorkerThread.run(WorkerThread.java:67)
Caused by: java.lang.NullPointerException
	at tigase.db.AuthRepository$DefaultCredentials.canLogin(AuthRepository.java:291)
	at tigase.auth.impl.PlainCallbackHandler.handleVerifyPasswordCallback(PlainCallbackHandler.java:161)
	... 6 more

XML:

<iq xmlns="jabber:client" type="set" id="mirfc8815830e189f81_2">
    <query xmlns="jabber:iq:auth">
        <username>CData size: 6</username>
        <password>CData size: 13</password>
        <resource>CData size: 7</resource>
    </query>
</iq>

Log

[2020-03-10 15:17:54:324] [FINEST  ] [ jabber:iq:auth-proc-0 ] DomainFilter.filter()            : Filtering (packet): from=c2s@ip-10-0-5-47.us-west-2.compute.internal/10.0.5.47_5222_27.147.207.192_51558, to=sess-man@ip-10-0-5-47.us-west-2.compute.internal, DATA=[iq xmlns=&quot;jabber:client&quot; type=&quot;set&quot; id=&quot;mirfc8815830e189f81_2&quot;][query xmlns=&quot;jabber:iq:auth&quot;][username]CData size: 6[/username][password]CData size: 13[/password][resource]CData size: 7[/resource][/query][/iq], SIZE=196, XMLNS=jabber:client, PRIORITY=NORMAL, PERMISSION=LOCAL, TYPE=set
[2020-03-10 15:17:54:324] [FINEST  ] [ jabber:iq:auth-proc-0 ] SessionManager.processPacket()   : Packet processed by: [jabber:iq:auth]
[2020-03-10 15:17:54:325] [WARNING ] [ jabber:iq:auth-proc-0 ] JabberIqAuth.doAuth()            : Can&apos;&apos;t authenticate with given CallbackHandler
java.io.IOException: Password verification problem.
	at tigase.auth.impl.PlainCallbackHandler.handleVerifyPasswordCallback(PlainCallbackHandler.java:166)
	at tigase.auth.impl.PlainCallbackHandler.handleCallback(PlainCallbackHandler.java:117)
	at tigase.auth.impl.PlainCallbackHandler.handle(PlainCallbackHandler.java:65)
	at tigase.xmpp.impl.JabberIqAuth.doAuth(JabberIqAuth.java:260)
	at tigase.xmpp.impl.JabberIqAuth.process(JabberIqAuth.java:167)
	at tigase.server.xmppsession.SessionManager$ProcessorWorkerThread.process(SessionManager.java:2632)
	at tigase.util.processing.WorkerThread.run(WorkerThread.java:67)
Caused by: java.lang.NullPointerException
	at tigase.db.AuthRepository$DefaultCredentials.canLogin(AuthRepository.java:291)
	at tigase.auth.impl.PlainCallbackHandler.handleVerifyPasswordCallback(PlainCallbackHandler.java:161)
	... 6 more

wojciech.kapcia@tigase.net commented 5 years ago

There were two issues here:

NPE was thrown for nonexistent users;
there was an issue with additional account_status value that were not covered by enum in code (-5);

Both issues are fixed now.

We have quite a lot of those "-5" accounts - Andrzej said they were Eric's form of banning the users. Maybe we should delete them?

mysql> select account_status,count(*) from tigasedb.tig_users group by account_status;
+----------------+----------+
| account_status | count(*) |
+----------------+----------+
|             -5 |      233 |
|             -2 |        1 |
|             -1 |   108193 |
|              0 |        2 |
|              1 |      800 |
+----------------+----------+
5 rows in set (0.17 sec)

mysql> select account_status,count(*) from tigaseim.tig_users group by account_status;
+----------------+----------+
| account_status | count(*) |
+----------------+----------+
|             -5 |   150669 |
|             -2 |      328 |
|             -1 |       53 |
|              0 |    80262 |
|              1 |   144432 |
+----------------+----------+
5 rows in set (0.71 sec)

mysql> select account_status,count(*) from jabberone.tig_users group by account_status;
+----------------+----------+
| account_status | count(*) |
+----------------+----------+
|             -2 |        3 |
|             -1 |    17251 |
|              1 |        3 |
+----------------+----------+
3 rows in set (0.04 sec)

Type	Task
Priority	Normal
Assignee	wojciech.kapcia@tigase.net
Version	tigase-server-8.1.0
Spent time	6h

Issue Votes (0)

Watchers (0)

Reference

tigase/_server/server-core#1130