[Pidgin] #13556: Error in DIGEST-MD5 implementation
Pidgin
trac at pidgin.im
Tue Mar 22 18:19:54 EDT 2011
#13556: Error in DIGEST-MD5 implementation
--------------------+-------------------------------------------------------
Reporter: kbotc | Owner: deryni
Type: defect | Status: new
Component: XMPP | Version: 2.7.11
Keywords: |
--------------------+-------------------------------------------------------
Hello, I am a developer over with the Adium project and I'd like to point
out an error I found.
If you attempt to connect to a server which is authenticating against a
domain (Such as an Active Directory), and the domain is hosted on another
computer, it will fail to connect via DIGEST-MD5.
The reasoning behind this is libpurple is constructing an invalid digest-
uri for the server it is connecting to. It's appending the realm name to
the uri instead of the FQDN of the server we're interested in. Any jabber
server which verifies that (As it should according to RFC-2831), will deny
the connection, as it appears that it is attempting to reach another XMPP
host.
Example:
http://trac.adium.im/attachment/ticket/14465/Adium_1.4.2nightly_AD_auth.txt
Look at line 103 on there.
The digest-uri should be:
xmpp/ichatserver.example.com (A valid service principal), not
xmpp/activedirectory.example.com
Code at fault is /libpurple/protocols/jabber/auth_digest_md5.c:252
It should be the FQDN of the server we are attempting to connect to, not
the realm.
--
Ticket URL: <http://developer.pidgin.im/ticket/13556>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list