We're updating the issue view to help you get more done. 

Openfire should return <invalid-mechanism/> SASL failure, when requesting an unknown mechanism

Description

Case 1:

Client sends unknown mechanism, e.g.:

<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="UNKNOWN"/>

Openfire returns:

<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure>

Case 2:

Client sends no mechanism:

<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" />

Openfire returns nothing at all.

In both case it should instead return:

<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><invalid-mechanism/></failure>

See http://xmpp.org/rfcs/rfc6120.html#sasl-errors-invalid-mechanism

Environment

None

Acceptance Test - Entry

None

Activity

Show:
csh
February 16, 2014, 4:25 PM

http://fisheye.igniterealtime.org/changelog/openfire?cs=13958

I've introduced a Failure enum for that and also made use of the "account-disabled" and "malformed-request" failure.

Assignee

Guus der Kinderen

Reporter

csh

Labels

None

Expected Effort

None

Ignite Forum URL

None

Fix versions

Priority

Trivial
Configure