Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server-core
Code
Pull Requests
Issues
List
Boards
Iterations
Timesheets
Builds
Packages
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server server-core Issues #1242
JabberIqStats improperly handles some requests addressed to domain (#1242)
In Progress
wojciech.kapcia@tigase.net opened 3 years ago 
[2021-04-01 08:28:38:680] [FINEST  ] [              in_3-s2s ] MessageRouter.getServerComponentsForRegex(): Checking routings for: message-archive
[2021-04-01 08:28:38:680] [INFO    ] [              in_3-s2s ] SessionManager.processPacket()   : Impossible happened, please report to developer packet: from=s2s@ip-172-31-2-168.us-west-2.compute.internal, to=sess-man@ip-172-31-2-168.us-west-2.compute.internal, DATA=<iq to="tigase.org" id="H_971" from="jabberworld.stats@jabber.ru/comp" xmlns="jabber:client" type="get"><query xmlns="http://jabber.org/protocol/stats"><stat name="users/total"/><stat name="users/online"/></query></iq>, SIZE=218, XMLNS=jabber:client, PRIORITY=NORMAL, PERMISSION=LOCAL, TYPE=get, STABLE_ID=9c1fbd86-f4b7-41b8-b4e4-857306c6b238, connection: XMPPResourceConnection=[user_jid=sess-man@ip-172-31-2-168.us-west-2.compute.internal, packets=1213, connectioId=null, domain=ip-172-31-2-168.us-west-2.compute.internal, authState=NOT_AUTHORIZED, isAnon=false, isTmp=false, parentSession hash=1798538641, parentSession liveTime=52512268].
[2021-04-01 08:28:38:680] [FINEST  ] [              in_3-s2s ] MessageRouter.getServerComponentsForRegex(): Checking routings for: mix
[2021-04-01 08:28:38:680] [FINEST  ] [              in_3-s2s ] DomainFilter.filter()            : Filtering (packet): from=s2s@ip-172-31-2-168.us-west-2.compute.internal, to=sess-man@ip-172-31-2-168.us-west-2.compute.internal, DATA=<iq to="tigase.org" id="H_971" from="jabberworld.stats@jabber.ru/comp" xmlns="jabber:client" type="get"><query xmlns="http://jabber.org/protocol/stats"><stat name="users/total"/><stat name="users/online"/></query></iq>, SIZE=218, XMLNS=jabber:client, PRIORITY=NORMAL, PERMISSION=LOCAL, TYPE=get, STABLE_ID=9c1fbd86-f4b7-41b8-b4e4-857306c6b238
[2021-04-01 08:28:38:680] [FINEST  ] [              in_3-s2s ] MessageRouter.getServerComponentsForRegex(): Checking routings for: pubsub
[2021-04-01 08:28:38:681] [FINEST  ] [              in_3-s2s ] SessionManager.processPacket()   : Packet processed by: [http://jabber.org/protocol/stats]
[2021-04-01 08:28:38:681] [FINEST  ] [              in_3-s2s ] MessageRouter.getServerComponentsForRegex(): Checking routings for: message-router
[2021-04-01 08:28:38:681] [FINEST  ] [              in_3-s2s ] MessageRouter.processPacket()    : 2. Packet will be processed by: s2s@ip-172-31-2-168.us-west-2.compute.internal, from=jabberworld.stats@jabber.ru/comp, to=ip-172-31-2-168.us-west-2.compute.internal, DATA=<iq id="H_971" to="ip-172-31-2-168.us-west-2.compute.internal" from="jabberworld.stats@jabber.ru/comp" type="get"><command node="GETSTATS" xmlns="http://jabber.org/protocol/commands"/></iq>, SIZE=189, XMLNS=null, PRIORITY=HIGH, PERMISSION=LOCAL, TYPE=get, STABLE_ID=null
…
[2021-04-01 08:28:38:681] [FINEST  ] [              in_3-s2s ] S2SConnectionManager.processPacket(): Connection ID is: jabber.ru@ip-172-31-2-168.us-west-2.compute.internal
[2021-04-01 08:28:38:681] [FINEST  ] [              in_3-s2s ] MessageRouter.processPacket()    : Processing packet: from=ip-172-31-2-168.us-west-2.compute.internal, to=jabberworld.stats@jabber.ru/comp, DATA=<iq id="H_971" to="jabberworld.stats@jabber.ru/comp" from="ip-172-31-2-168.us-west-2.compute.internal" type="error"><command node="GETSTATS" xmlns="http://jabber.org/protocol/commands"/><error code="406" type="modify"><not-acceptable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/><text xmlns="urn:ietf:params:xml:ns:xmpp-stanzas" xml:lang="en">S2S - Incorrect source address (jabber.ru) - none of any local virtual hosts or components.</text></error></iq>, SIZE=454, XMLNS=null, PRIORITY=HIGH, PERMISSION=NONE, TYPE=error, STABLE_ID=null
[2021-04-01 08:28:38:682] [FINEST  ] [              in_3-s2s ] MessageRouter.getLocalComponent(): Called for : jabberworld.stats@jabber.ru/comp
…
[2021-04-01 08:28:38:684] [WARNING ] [              in_3-s2s ] S2SConnectionManager.processPacket(): Packet processing exception
tigase.xmpp.PacketInvalidTypeException: The packet has already 'error' type: from=ip-172-31-2-168.us-west-2.compute.internal, to=jabberworld.stats@jabber.ru/comp, DATA=<iq id="H_971" to="jabberworld.stats@jabber.ru/comp" from="ip-172-31-2-168.us-west-2.compute.internal" type="error"><command node="GETSTATS" xmlns="http://jabber.org/protocol/commands"/><error code="406" type="modify"><not-acceptable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/><text xmlns="urn:ietf:params:xml:ns:xmpp-stanzas" xml:lang="en">S2S - Incorrect source address (jabber.ru) - none of any local virtual hosts or components.</text></error></iq>, SIZE=454, XMLNS=null, PRIORITY=HIGH, PERMISSION=NONE, TYPE=error, STABLE_ID=null
	at tigase.xmpp.Authorization.getResponseMessage(Authorization.java:480)
	at tigase.server.xmppserver.S2SConnectionManager.processPacket(S2SConnectionManager.java:215)
	at tigase.server.AbstractMessageReceiver$QueueListener.run(AbstractMessageReceiver.java:1397)

JabberIqStats improperly handles the incoming packet (from s2s):

<iq to="tigase.org" id="H_971" from="jabberworld.stats@jabber.ru/comp" xmlns="jabber:client" type="get">
    <query xmlns="http://jabber.org/protocol/stats">
        <stat name="users/total"/>
        <stat name="users/online"/>
    </query>
</iq>

and generates incorrectly addressed query:

[2021-04-01 08:28:38:681] [FINEST  ] [              in_3-s2s ] MessageRouter.processPacket()    : 2. Packet will be processed by: s2s@ip-172-31-2-168.us-west-2.compute.internal, from=jabberworld.stats@jabber.ru/comp, to=ip-172-31-2-168.us-west-2.compute.internal, DATA=<iq id="H_971" to="ip-172-31-2-168.us-west-2.compute.internal" from="jabberworld.stats@jabber.ru/comp" type="get"><command node="GETSTATS" xmlns="http://jabber.org/protocol/commands"/></iq>, SIZE=189, XMLNS=null, PRIORITY=HIGH, PERMISSION=LOCAL, TYPE=get, STABLE_ID=null

<iq id="H_971" to="ip-172-31-2-168.us-west-2.compute.internal" from="jabberworld.stats@jabber.ru/comp" type="get">
    <command node="GETSTATS" xmlns="http://jabber.org/protocol/commands"/>
</iq>
wojciech.kapcia@tigase.net commented 3 years ago

As per :

In most cases the http://jabber.org/protocol/stats would be tied to the component or servers admin JID so that only that JID may query the statistics however there are advantages to having a three tier system where some statistics are available to all JIDs, some to an arbitrary JID listed in the configuration file and all available to the listed admin JID. As the first case can be emulated by the second I propose that when implemented the http://jabber.org/protocol/stats namespace is configured to use the three tier method of authorizing queries.

Currently we don't have any list of stats levels that we could leverage. What's more, even locally for admin user the plugin does't work. Given, that we have abundance of ways to retrieve the statistics (ad-hoc, JMX, etc) and this plugin hasn't been used I decided to disable it. It could be fixed in the future, but this is low priority.
wojciech.kapcia@tigase.net batch edited 4 months ago
Name Previous Value Current Value 
Iterations
 empty 
Candidate for next major release
issue 1 of 1
Type
Bug
Priority
Minor
Assignee
wojciech.kapcia@tigase.net
Version
Candidate for next major release
Spent time
2h
Iterations
Issue Votes (0)
Login to vote
Watchers (2)
Reference
tigase/_server/server-core#1242
Please wait...
Page is in error, reload to recover