Uploaded image for project: 'Openfire'
  1. OF-2368

Ghost detection shouldn't kick non-ghost occupants

    Details

    • Type: Bug
    • Status: Resolved (View workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects versions: None
    • Fix versions: 4.7.0
    • Components: MUC
    • Labels:
      None

      Description

      Recently, I've been kicked out of the open_chat room, for no good reason. This was caused by another user sending me a disco/info request:

      <iq xmlns="jabber:client" to="guus.der.kinderen@igniterealtime.org/octarine" from="open_chat@conference.igniterealtime.org/svais" id="4f66ef82-8cf7-49ff-a383-1b2c1f3a2428" type="get">
          <query xmlns="http://jabber.org/protocol/disco#info" node="https://conversejs.org#bWAbgKReOpc5xmIvP67bt8JrPOE="/>
      </iq>

      My client responds with a 'item-not-found' to that. This response is taken by the MUC implementation as an indication that I'm a ghost, and thus kicks me.

      2022.01.12 15:01:02 INFO  [socket_c2s-thread-2]: org.jivesoftware.openfire.muc.spi.MultiUserChatServiceImpl - Removing guus.der.kinderen@igniterealtime.org/octarine (nickname 'Guus') from room open_chat as we've received an indication (logged at debug level) that this is now a ghost user.
      2022.01.12 15:01:02 DEBUG [socket_c2s-thread-2]: org.jivesoftware.openfire.muc.spi.MultiUserChatServiceImpl - Stanza indicative of a ghost user: 
      <iq to="open_chat@conference.igniterealtime.org/svais" id="4f66ef82-8cf7-49ff-a383-1b2c1f3a2428" type="error" from="guus.der.kinderen@igniterealtime.org/octarine">
      <error type="cancel">
      <item-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"></item-not-found>
      </error>
      </iq>

      This problem is apparent to me, in open_chat, only after the fix for OF-2319 Resolved was deployed. However, as allowpm is rarely used, this probably affects a lot of users in generic installations.

      What's a bit odd is that the 'ghost kicking' implementation ( OF-2209 Resolved ) was added after OF-910 Resolved (which seems to be very similar) was added. A key difference is that OF-910 Resolved explicitly does not act on IQ, as noted in its commit message:

      IQ stanzas do not trigger the same response, as these may be due to lack of client support rather than a vanished occupant.

      The implementation of OF-2209 Resolved uses an IQ ping, which is an IQ message. To 'catch' the ghost user, OF-2209 Resolved checks for errors very generically - with partial overlap to OF-910's detection, but more broadly. This opens the opportunity for every IQ error to be responded to as if it was sent by a ghost.

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                Guus der Kinderen
                Reporter:
                Guus der Kinderen
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: