Openfire cannot deal with SASL <abort/>

Description

When a client wants to abort a SASL negotiation, Openfire does not respond with a <aborted/> SASL failure, but instead closes the socket and/or stream.

See http://xmpp.org/rfcs/rfc6120.html#sasl-process-neg-abort

I've seen two slightly different behaviors here:

1.) Client wants to abort SASL negotiation upon receiving a <failure/>:
S: <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure>
C: <abort xmlns="urn:ietf:params:xml:ns:xmpp-sasl" />

Openfire closes the stream (even without stream error).

2.) Client wants to abort SASL negotiation upon receiving a <challenge/>:
S: <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">......
C: <abort xmlns="urn:ietf:params:xml:ns:xmpp-sasl" />

Openfire closes the socket (without closing the stream first).

Openfire logs:

org.jivesoftware.openfire.net.StanzaHandler - Unexpected packet tag (not message,iq,presence)<abort xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>

As far as I read the specification, Openfire should return an <aborted/> SASL failure instead.

Environment

None

is related to

Activity

Show:
Fixed

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Priority

Created February 9, 2014 at 8:14 AM
Updated February 16, 2014 at 4:56 PM
Resolved February 16, 2014 at 4:56 PM

Flag notifications