Atlassian uses cookies to improve your browsing experience, perform analytics and research, and conduct advertising. Accept all cookies to indicate that you agree to our use of cookies on your device. Atlassian cookies and tracking notice, (opens new window)
When a client wants to abort a SASL negotiation, Openfire does not respond with a <aborted/> SASL failure, but instead closes the socket and/or stream.
When a client wants to abort a SASL negotiation, Openfire does not respond with a <aborted/> SASL failure, but instead closes the socket and/or stream.
See http://xmpp.org/rfcs/rfc6120.html#sasl-process-neg-abort
I've seen two slightly different behaviors here:
1.) Client wants to abort SASL negotiation upon receiving a <failure/>:
S: <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure>
C: <abort xmlns="urn:ietf:params:xml:ns:xmpp-sasl" />
Openfire closes the stream (even without stream error).
2.) Client wants to abort SASL negotiation upon receiving a <challenge/>:
S: <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">......
C: <abort xmlns="urn:ietf:params:xml:ns:xmpp-sasl" />
Openfire closes the socket (without closing the stream first).
Openfire logs:
org.jivesoftware.openfire.net.StanzaHandler - Unexpected packet tag (not message,iq,presence)<abort xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>
As far as I read the specification, Openfire should return an <aborted/> SASL failure instead.