My apologies for the long delay; this (Feb 3) is where I'm up to my in my email box, sadly.
On Feb 3, 2010, at 4:53 PM, Peter Saint-Andre wrote: > Someone reported to me trouble logging in to jabber.org. It seems that > his copy of Adium (1.4b17 on Snow Leopard) is trying DIGEST-MD5 but then > immediately after sending a <response/> it also tries CRAM-MD5 without > having received a further challenge or response from the server. > > The relevant snippet of debug output is: > > 16:23:43: (Libpurple: jabber) Sending (ssl) ([[email protected]/foo): > <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>[elided]</response> > > 16:23:43: (Libpurple: jabber) Sending (ssl) ([[email protected]/foo): > <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='CRAM-MD5' > xmlns:ga='http://www.google.com/talk/protocol/auth' > ga:client-uses-full-bind-result='true'/> > > It seems odd to send a DIGEST-MD5 response and then immediately try to > start a CRAM-MD5 negotiation. Am I missing something? > > BTW this does not happen for me with 1.4b17 on Leopard. Could it be a > problem with his account credentials? It seems to me that Adium would at > least wait for another challenge or for SASL failure from the server > before starting the CRAM-MD5 attempt. Is this possibly a workaround for > iChat server? > I don't see offhand where this could happen; we should be awaiting a response before trying the next auth mechanism. Does he reliably reproduce it? If so: Does it happen for another Jabber account on jabber.org? Does it happen on another server entirely which supports both DIGEST-MD5 and CRAM-MD5? Cheers, Evan
