Bug#654853: ejabberd: libpurple-based implementations cannot authorize with DIGEST-MD5

Wed, 13 Jun 2012 11:36:12 -0700 

Package: ejabberd
Followup-For: Bug #654853

Dear Maintainer,

We installed the new version of ejabberd on our server but
unfortunately I still can not authenticate.

>From my musing with ejabber it seems that the problem is happening in
cyrsasl_digest.erl on

mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
    case parse(ClientIn) of
        bad ->
            {error, "bad-protocol"};
        KeyVals ->
            DigestURI = xml:get_attr_s("digest-uri", KeyVals),
            UserName = xml:get_attr_s("username", KeyVals),
            case is_digesturi_valid(DigestURI, State#state.host, 
State#state.hostfqdn) of
                false ->
                    ?DEBUG("User login not authorized because digest-uri "
                           "seems invalid: ~p (checking for Host ~p, FQDN ~p)", 
[DigestURI,
                           State#state.host, State#state.hostfqdn]),
                    {error, "not-authorized", UserName};
                true ->
                    AuthzId = xml:get_attr_s("authzid", KeyVals),
                    case (State#state.get_password)(UserName) of
                        {false, _} ->
                            ?DEBUG("~p 1", [UserName]),
                            {error, "not-authorized", UserName};
                        {Passwd, AuthModule} ->
                                case (State#state.check_password)(UserName, "",
                                        xml:get_attr_s("response", KeyVals),
                                        fun(PW) -> response(KeyVals, UserName, 
PW, Nonce, AuthzId,
                                                "AUTHENTICATE") end) of
                                {true, _} ->
                                    RspAuth = response(KeyVals,
                                                       UserName, Passwd,
                                                       Nonce, AuthzId, ""),
                                    {continue,
                                     "rspauth=" ++ RspAuth,
                                     State#state{step = 5,
                                                 auth_module = AuthModule,
                                                 username = UserName,
                                                 authzid = AuthzId}};
                                false ->
                                    ?DEBUG("~p 2", [UserName]),
                                    {error, "not-authorized", UserName};
                                {false, _} ->
                                    ?DEBUG("~p 3", [UserName]),
                                    {error, "not-authorized", UserName}
                            end
                    end
            end
    end;

In the "2" stage of the debug but I don't know what it means (I
suppose there is a check_password method in State that fails)

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to