Hello

I think i've found a bug somewhere in the authentication part of gajim.

Some of my users complained they couldn't use gajim with our jabber server but could use other clients like psi, gossip, etc. I am myself using gajim without trouble, so this kind of surprised me.

I tested with an account known not to be able to connect using gajim and i discovered something weird in the <auth> packet.

For example with this account:
jid: [EMAIL PROTECTED]
password: AZERTYUIOP99 (i changed the password so no worries)

the auth packet sent by gajim is the following:

<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN">Y3Jhc2h0ZXN0LmR1bW15QHVuaXYtbmFudGVzLmZyAGNyYXNodGVzdC5kdW1teQBBWkVSVFlVSU9Q
OTk=
</auth>

notice the line wrap inside the base64 encoded data (no, it's not a mailer line wrap, that's actually how the packet was sent)? where is that coming from? indeed, decoding this base64 string will give a wrong password... after asking different users it seems like this is why the users couldn't log on all the one who had trouble logging in actually have a line wrap in the <auth> packet and users who can log on fine don't.

Any idea?

Arnaud Abélard
_______________________________________________
Gajim-devel mailing list
Gajim-devel@gajim.org
https://lists.gajim.org/cgi-bin/listinfo/gajim-devel

Reply via email to