What is Megaphone?

What is Megaphone?
The Megaphone project is about enhancing open source chat software. Specifically, the goal is to allow ejabberd to support 1,000,000 simultaneous users. See The Plan page for more details on how I plan to solve this problem. See the About this Blog page for more details on why I created this blog.

Thursday, December 15, 2011

A Whole Lot of Nothin

To recap:

  • I reverted the <stream:features> change because it seemed to be creating an error.
  • I then started getting a "service unavailable" error.
Looking into the TCP conversation with Wireshark, it appears that that a query like this:

<body 
rid='1046681228711733' 
sid='2139dd3b-2f05-4e62-95ef-b0fdcea606b2' 
to='ubuntu2' 
xml:lang='en' 
xmlns='http://jabber.org/protocol/httpbind' 
xmlns:xmpp='urn:xmpp:xbosh'>
<iq xmlns='jabber:client' type='get' id='purple6ab52e2b'>
<query xmlns='jabber:iq:auth'>
<username>user2</username>
</query>
</iq>
</body>

Is resulting in a response like the following:

<body xmlns="http://jabber.org/protocol/httpbind" stream="36227495-0e39-4247-94be-a7bb0b7b2644">
<iq 
from="ubuntu2" 
id="purple6ab52e2b" 
type="error" 
xmlns="jabber:client" 
xmlns:stream="http://etherx.jabber.org/streams" 
version="1.0">
<error code="503" type="cancel">
<service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
</error>
</iq>
...

I looked up the "jabber:iq:auth" and came up with an authentication scheme that has been deprecated by SASL.  Thus it appears that Pidgin is trying to use an alternative to SASL authentication for some reason.  

But wait there's more!  Here is the rest of the packet that is returned with the error:

    <stream:features 
        xmlns="jabber:client" 
        xmlns:stream="http://etherx.jabber.org/streams" 
        version="1.0">
            <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
                <mechanism>SCRAM-SHA-1</mechanism>
                <mechanism>DIGEST-MD5</mechanism>
                <mechanism>PLAIN</mechanism>
            </mechanisms>
            <c 
                xmlns="http://jabber.org/protocol/caps" 
                hash="sha-1" 
                node="http://www.process-one.net/en/ejabberd/" 
                ver="wwrSvLFOLzC92POh074kJuEqYxE="/>
            <register xmlns="http://jabber.org/features/iq-register"/>
    </stream:features>
</body>

Yes, the second stanza returned along with the error is our old friend the features stanza.  Could it be that Pidgin is not seeing the features stanza quickly enough and deciding to go with an unsupported authentication mechanism?  

I took a look at the conversation for ejabberd/BOSH and here is the second stanza that Pidgin sends:

<body 
    rid='17087987592259' 
    sid='0ede0638536832fd0543658b7e2340b3f92f603d' 
    to='ubuntu2' 
    xml:lang='en' 
    xmlns='http://jabber.org/protocol/httpbind' 
    xmlns:xmpp='urn:xmpp:xbosh'>
        <auth 
            xmlns='urn:ietf:params:xml:ns:xmpp-sasl' 
            mechanism='PLAIN' 
            xmlns:ga='http://www.google.com/talk/protocol/auth' 
            ga:client-uses-full-bind-result='true'>AHVzZXIxAHRlc3QkZWphYmJlcmQ=</auth>
</body>

Argh.  It looks like the features stanza get's Pidgin to use SASL/plain, thus avoiding the problem that I saw with the 503 error.

It's times like these that make me think I don't drink enough.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)