Possible bug in s2s code (#650)

Artur Hefczyc opened 9 years ago

Due Date
2016-02-28

Looking at some logs from Tigase installation I found following:

2016-02-19 15:29:45.511 [in_9-sess-man]    SessionManager.processPacket()     INFO:     Impossible happened, please report to developer packet: from=wjabber.net, to=sess-man@orange.sure.im, DATA=<db:verify type="error" id="350575437" from="wjabber.net" to="pandion.im"><error type="cancel" code="404"><remote-server-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/><text xmlns="urn:ietf:params:xml:ns:xmpp-stanzas" xml:lang="en">S2S - destination host not found</text></error></db:verify>, SIZE=299, XMLNS=null, PRIORITY=NORMAL, PERMISSION=LOCAL, TYPE=error, connection: XMPPResourceConnection=[user_jid=sess-man@orange.sure.im, packets=43424, connectioId=null, domain=orange.sure.im, authState=NOT_AUTHORIZED, isAnon=false, isTmp=false, parentSession hash=450707468, parentSession liveTime=1544086107].
2016-02-19 15:29:45.514 [in_9-sess-man]    SessionManager.processPacket()     INFO:     Impossible happened, please report to developer packet: from=wjabber.net, to=sess-man@orange.sure.im, DATA=<db:verify type="error" id="1251609896" from="wjabber.net" to="pandion.im"><error type="cancel" code="404"><remote-server-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/><text xmlns="urn:ietf:params:xml:ns:xmpp-stanzas" xml:lang="en">S2S - destination host not found</text></error></db:verify>, SIZE=300, XMLNS=null, PRIORITY=NORMAL, PERMISSION=LOCAL, TYPE=error, connection: XMPPResourceConnection=[user_jid=sess-man@orange.sure.im, packets=43425, connectioId=null, domain=orange.sure.im, authState=NOT_AUTHORIZED, isAnon=false, isTmp=false, parentSession hash=450707468, parentSession liveTime=1544086110].

Note, the SessionManager reports a problem with "db:verify" packet which should be handled by s2s component and should never go out of s2s component.

Please investigate how this can happen.

Activities

Andrzej Wójcik (Tigase) commented 9 years ago

I checked code and found a way in which this packet could be delivered to sess-man@. This could happen if @<db:verify type="error"/> packet was sent to us on authenticated connection with XMLNS not set and in parent <stream:stream/> element there was no db:xmlns="jabber:server:dialback" attribute. As in other either packet would be rejected (due to not authorized connection) or XML parser would change it to <verify xmlns="jabber:server:dialback" type="error"/> and this packet would be processed by S2S.

This case is very small and only solution I see at this point would be to filter every packet by checking it's name - however I do not think this is needed as packet was properly rejected.

I tried to check which server implementation was used and triggered this issue, however at this point there is no XMPP server for domain wjabber.net so I cannot check it and find cause of this.
Artur Hefczyc commented 9 years ago

Ok, thanks for looking into this. I wonder if this may happen when a server tries to reuse the same s2s connections for multiple domains and tries to authorize another domain on a connection which is already used for some domain.

In any case, if the packet was correctly handled in the server, then we can leave it as it is.
Andrzej Wójcik (Tigase) commented 9 years ago

It could but only if last stream open Tigase received (inner stream open, ie. after starttls@) @<stream:stream> was without db:xmlns attribute - in that case this <db:verify> packet should be sent with xmlns set - while here it was not and was not handled by dialback.

From what I see, this was issue with bad s2s stream (issue in implementation of s2s in remote server). However there is no impact on our current implementation - except for log entry, so I think we can leave it as it is.
Login to comment

Type	Bug
Priority	Normal
Assignee	Artur Hefczyc
RedmineID	3962
Version	tigase-server-7.1.0
Spent time	0

Issue Votes (0)

Watchers (0)

Reference

tigase/_server/server-core#650