External Component Reconnection Wrong to attribute
I am using 0.8.0-SNAPSHOT to create external components with Reconnection strategy of always after 10 seconds. If the XMPP sever restarts, then reconnect request does fire up from babbler client but the to attribute is 'dummy.com' instead of 'mycomponent.dummy.com'.
Comments (13)
-
repo owner -
repo owner - changed status to resolved
Don't derive the domain from the stream response header
Instead it must be set by the client.
This also increases security because it's used for hostname verification.
Fixes issue
#134→ <<cset 90e031e363bc>>
-
repo owner Please try latest snapshot.
-
reporter I am seeing concurrent.TimeoutException when component tries to connect the first time after startTLS is completed, client sends again jabber:component:accept request. Looks to be some issue with new change.
-
reporter - changed status to open
Change is not testable as Timeout seen
-
repo owner Do you have a stacktrace? I can't imagine the above change is responsible for this. Still works ok with Openfire.
-
reporter I am able to successfully connect in older version of snapshot(Apr 9) and not seeing exception either in server or client.
The exception occurs in the latest version of snapshot. Below is the exception and server logs when timeoutexception occurs.
rocks.xmpp.core.XmppException: java.util.concurrent.TimeoutException at rocks.xmpp.core.session.XmppSession.throwAsXmppExceptionIfNotNull(XmppSession.java:263) rocks.xmpp.core.XmppException: java.util.concurrent.TimeoutException at rocks.xmpp.core.session.XmppSession.onConnectionFailed(XmppSession.java:420) at rocks.xmpp.extensions.component.accept.ExternalComponent.connect(ExternalComponent.java:153) at rocks.xmpp.core.session.XmppSession.connect(XmppSession.java:309)
Exception in session jid: mycomponent.dummy.com : javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
-
repo owner Ah ok, try this in the
TcpConnectionConfiguration
:.hostnameVerifier((s, sslSession) -> true)
The certificate contains "dummy.com", but the client is expecting it to be "mycomponent.dummy.com", because default hostname verification uses the 'to' attribute of the request. It used to be the 'from' attribute of the response. In practice it should be the same, so it wouldn't matter, but your server behaves strange in this regard.
-
reporter Yes, connect works now.
If the external component is started before server start, then it fails to connect and doesn't initiates the connection again.
Is there a way to wait and connect if Server is down?
On another note, I noticed that login fails when an xmpp client is created using snapshot but works using 0.7.5 version. I think it was working with snapshot (Apr 9) as well. Here is the exception. Do u need separate issue opened for this?
rocks.xmpp.core.stream.StreamNegotiationException: Server doesn't support any of the requested SASL mechanisms: [SCRAM-SHA-1, DIGEST-MD5, GSSAPI, CRAM-MD5, PLAIN, ANONYMOUS]. at rocks.xmpp.core.session.AuthenticationManager.startAuthentication(AuthenticationManager.java:114) at rocks.xmpp.core.session.XmppClient.login(XmppClient.java:383)
-
repo owner There's no way to wait for the server. It will throw an exception. You could build your own loop to check if the server is available.
Thanks for pointing out the authentication failure. I've fixed it. It was introduced with a recent commit. I've deployed new snapshot.
-
reporter Yes, everything works now. Please close issue.
-
repo owner - changed status to resolved
-
repo owner - changed status to closed
Fixed with 0.8.0
- Log in to comment
This is because your server sets "dummy.com" in the from attribute of its response header instead of "mycomponent.dummy.com", what is expected. (it should match the 'to' attribute of the request).
Reconnection is currently done on basis of the 'from' attribute.