subject:"Re\: Any progress on gmail.com dialback issue\?"

Re: Any progress on gmail.com dialback issue?

2009-03-27 Thread Martin Atkins


Alex Vandiver wrote:

On Thu, 2009-03-26 at 20:19 -0400, Philip Gladstone wrote:

Is anyone still looking at the problem, or does someone have the ideal
solution?


Attached is _my_ ideal solution to the problem. :)
 - Alex



This seems reasonable. Thanks for taking the time to write up the reasoning.

Given that the spec says that this is correct behavior and we've been 
unable to determine what broken implementation (if any) prompted that 
hack in the first place, I'm happy enough with this fix and I've checked 
it in.

Re: Any progress on gmail.com dialback issue?

2009-03-26 Thread Martin Atkins


Philip Gladstone wrote:

I notice that there was a flurry of activity on the gmail.com dialback
issue some time ago, but it never seemed to get resolved. Is anyone
still looking at the problem, or does someone have the ideal solution?



Having reviewed that discussion, it looks like DJabberd is in the wrong 
here, but I'd like to see some clear reasoning for why djabberd is wrong 
(based on what the spec says), what it should be doing instead, and what 
is broken (if anything) by the change.


As far as I can tell from the previous discussion, we aren't really sure 
what implementation that hack was added for.

Re: Any progress on gmail.com dialback issue?

2009-03-26 Thread Philip Gladstone


Peter Saint-Andre wrote:


What is the hack in question?

Also, please note that there were generalized issues with s2s to Google
Talk a while back, caused by some modifications on the Google side. Most
or all of those have been fixed by Google. Are there still problems
between djabberd installations and Google Talk?

Peter

  
As far as I can tell -- yes. If I am connected to google talk, and I try 
and add as a contact someone on my DJabberd server, then the dialback 
fails. For me, this is quite reproducible.


It appears that google sends a 'not-authorized' in response to DJabberd 
sending the 'stream:features/stream:features' stanza. Indeed, from a 
packet capture, this looks as though it is exactly what is happening. 
The packet flow is:


TX: ?xml version=1.0 encoding=UTF-8?stream:stream to='gmail.com' 
xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:server' 
xml:lang='en' xmlns:db='jabber:server:dialback' version='1.0'


RX: stream:stream from=gmail.com id=51FC8F15EDF601B9 version=1.0 
xmlns:stream=http://etherx.jabber.org/streams; xmlns=jabber:server 
xmlns:db=jabber:server:dialbackstream:featuresdialback 
xmlns=urn:xmpp:features:dialback//stream:features


TX: stream:features/stream:features

RX: stream:errornot-authorized 
xmlns=urn:ietf:params:xml:ns:xmpp-streams//stream:error


TX: db:result to='gmail.com' 
from='tx.pskreporter.info'i-de81e9e942031eb19e0b3aa0910810d37b2970b4/db:result


RX: /stream:stream

TX: /stream:stream

10787 DEBUG DJabberd.Delivery.S2Ss2s delivery 
attempt for philip.gladst...@gmail.com
10787 DEBUG DJabberd.Queue   Queuing stanza 
(DJabberd::Presence=ARRAY(0x8f5d9c0)) for
10787 DEBUG DJabberd.Queue .. pushing queue 
item.
10787 DEBUG DJabberd.Callback
$callback-delivered(  ) has been called from 
/usr/lib/perl5/site_perl/5.8.1/DJabberd/Delivery/Local.pm:36
10787 DEBUG DJabberd.DNS DNS socket 
IO::Socket::INET=GLOB(0x8155340) became readable for 'srv'
10787 DEBUG DJabberd.DNS DNS socket 
IO::Socket::INET=GLOB(0x8155340) for 'srv' found stuff, now doing 
hostname lookup on xmpp-server.l.google.com
10787 DEBUG DJabberd.DNS DNS socket 
IO::Socket::INET=GLOB(0x8ebc02c) became readable for 'a'
10787 DEBUG DJabberd.Queue.ServerOut Resolver callback 
for 'gmail.com': [DJabberd::IPEndPoint=HASH(0x8ea7668)]

10787 DEBUG DJabberd.Queue   Starting connection
10787 DEBUG DJabberd.Connection.ServerOutNew connection '21' 
from undef
10787 DEBUG DJabberd.Connection.ServerOutConnecting to 
'209.85.201.125' for 'gmail.com'
10787 DEBUG DJabberd.Queue   Set connection for 
queue to 'gmail.com' to connection '21'
10787 DEBUG DJabberd.Connection.XML.ServerOut21  ?xml 
version=1.0 encoding=UTF-8?stream:stream to='gmail.com' 
xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber :server' 
xml:lang='en' xmlns:db='jabber:server:dialback' version='1.0'
10787 DEBUG DJabberd.Connection.ServerOutWe got a stream 
back from connection 21!


10787 DEBUG DJabberd.Connection.ServerOutConnection 21 
supports dialback
10787 DEBUG DJabberd.Connection.ServerOut21 sending 
'stream:features/stream:features'
10787 INFO  DJabberd.DialbackParams  Generating dialback 
result for vhost tx.pskreporter.info
10787 DEBUG DJabberd.DialbackParams  Generated dialback 
result 'i-943ed83cb0418bda534dfdb3eedcd1269b46198d' using secret(of 
handle 'i')='0.04732086797012160.13565853855344 
70.1457952183362890.9075679498738470.2177336623192260.8758091022577370.0628607367050.5635862747686350.231101005128160.4286760888640120.2214270472847350.9095990008557030.57575470886356 
30.7550563768889770.1736854451641530.5955004488794020.02450323087547450.1811562417291730.165928613504960.608589929046897', 
params='1EDD5525A32C8444|gmail.com|tx.pskreporter.info'
10787 DEBUG DJabberd.Connection.ServerOut21 sending res 
'i-943ed83cb0418bda534dfdb3eedcd1269b46198d'
10787 DEBUG DJabberd.Connection.XML.ServerOut21  features 
xmlns='http://etherx.jabber.org/streams'dialback 
xmlns='urn:xmpp:features:dialback'//features
10787 DEBUG DJabberd.Connection.XML.ServerOut21  error 
xmlns='http://etherx.jabber.org/streams'not-authorized 
xmlns='urn:ietf:params:xml:ns:xmpp-streams'//error
Unknown/handled stanza: {http://etherx.jabber.org/streams}error on 
connection (21), DJabberd::Connection::ServerOut
10787 DEBUG DJabberd.Queue   connection error 
for queue

10787 DEBUG DJabberd.Queue .. match
10787 ERROR DJabberd.Queue.ServerOut Connection error 
while connecting to gmail.com, giving up
10787 DEBUG DJabberd.Callback$callback-error( 
connection failure ) has been called

Re: Any progress on gmail.com dialback issue?

2009-03-26 Thread Alex Vandiver

On Thu, 2009-03-26 at 17:31 -0700, Martin Atkins wrote:
 Having reviewed that discussion, it looks like DJabberd is in the wrong 
 here, but I'd like to see some clear reasoning for why djabberd is wrong 
 (based on what the spec says), what it should be doing instead, and what 
 is broken (if anything) by the change.

The RFC says ( http://xmpp.org/rfcs/rfc3920.html#rfc.section.4.6 ):

If the initiating entity includes the 'version'
attribute set to a value of at least 1.0 in the
initial stream header, the receiving entity MUST send a
features/ child element (prefixed by the streams
namespace prefix) to the initiating entity in order to
announce any stream-level features that can be
negotiated (or capabilities that otherwise need to be
advertised)

In this case, djabberd is the _initiating_ entity, and as such, no
features/ element is expected.  True, it never explicitly states that
servers initiating connections MUST NOT or SHOULD NOT send features/
elements, but it is heavily implied that the only context in which they
are expected is when the receiving server is declaring what features it
supports.  Since the iniator of the connection starts tls, etc, the
receiving entity doesn't particularly care what features it supports.

 As far as I can tell from the previous discussion, we aren't really sure 
 what implementation that hack was added for.

It was part of the initial commit which added s2s support.  As such, I
regard it as slightly suspect.
 - Alex

Re: Any progress on gmail.com dialback issue?

Re: Any progress on gmail.com dialback issue?

Re: Any progress on gmail.com dialback issue?

Re: Any progress on gmail.com dialback issue?

4 matches

Site Navigation

Mail list logo

Footer information