4.1.2 and sendxmpp: SASL / auth problem?

Folks;

upgrading our OpenFire from 4.0.x to 4.1.2 rendered our nagios / sendxmpp integration useless. We use sendxmpp in order to deliver status messages to XMPP recipients / groups, and by now this worked pretty well. Starting with 4.1.2, it doesn’t, anymore; sendxmpp just terminates like this:

XML::Stream: Send: (YXV0aHppZD0ia3JAd3d3LnBsYW5jb25uZWN0Lm V1QG9wZW5maXJlMiIsY2hhcnNldD11dGYtOCxjbm9uY2U9Ijg0NmRjZGJlNTMzZmE4ODlmMWMyMGI4Zm ZlN2M0OWVlIixkaWdlc3QtdXJpPSJ4bXBwL29wZW5maXJlMiIsbmM9MDAwMDAwMDEsbm9uY2U9IkNlNG pQR2R2U21ET0k3U0Q3TnR2ZGtjZ3RKbnZxOEZwZ3Blb1dkL3MiLHFvcD1hdXRoLHJlYWxtPSJ3d3cucG xhbmNvbm5lY3QuZXUiLHJlc3BvbnNlPWY1NWM4YzRiOGM0NmExZmZkYWRlNWJlZWZmMTc3ZjhhLHVzZX JuYW1lPSJrckB3d3cucGxhbmNvbm5lY3QuZXUi)

XML::Stream: Process: block(0)

XMPP::Conn: AuthSASL: haven’t authed yet… let’s wait.

XMPP::Conn: Process: timeout(1)

XML::Stream: Read: buff()

XML::Stream: Node: _handle_element: sid(pl3eh5iw0) sax(XML::Stream::Parser=HASH(0x25f4228)) tag(failure) att( xmlns urn:ietf:params:xml:ns:xmpp-sasl )

XML::Stream: Node: _handle_element: check( -1 )

XML::Stream: Node: _handle_element: sid(pl3eh5iw0) sax(XML::Stream::Parser=HASH(0x25f4228)) tag(not-authorized) att( )

XML::Stream: Node: _handle_element: check( 0 )

XML::Stream: Node: _handle_close: sid(pl3eh5iw0) sax(XML::Stream::Parser=HASH(0x25f4228)) tag(not-authorized)

XML::Stream: Node: _handle_close: check( 1 )

XML::Stream: Node: _handle_close: check2( 0 )

XML::Stream: Node: _handle_close: sid(pl3eh5iw0) sax(XML::Stream::Parser=HASH(0x25f4228)) tag(failure)

XML::Stream: Node: _handle_close: check( 0 )

XML::Stream: Node: _handle_close: check2( -1 )

XML::Stream: Process: block(0)

XMPP::Conn: AuthSASL: Authentication failed.

Error ‘AuthSend’: error: not-authorized[?]

XML::Stream: Send: (</stream:stream>)

XML::Stream: SetCallBacks: tag(node) func(CODE(0x1703a68))

XMPP::Conn: Disconnect: bye bye

sendxmpp: Disconnect

Any ideas? Any hints on which information required to help track this down?

TIA,

K.

Does your Openfire Property sasl.mechs happen to be set? If so, what is it set to?

Nope, no sasl.mechs set here. Should it be?

Actually, see this https://community.igniterealtime.org/message/262980#comment-262980

Yeah, already stumbled across this trying to resolve the issue in the meantime, however installing said plugin doesn’t change things for me. Guess I’ll have to either find a workaround or a different way to send XMPP messages from within nagios.

Did you restart Openfire? You could also try setting sasl.mechs=PLAIN and see if that works

1 Like

Restarting in itself didn’t change anything even after installing the plugin. sasl.mechs=PLAIN however seems to have fixed it. Thanks a bunch!

Hi,

I’m seeing this too however I’m reluctant to apply the suggested fix as our current value for sasl.mechs=GSSAPI,PLAIN and GSSAPI is a requirement here.

Is it possible to roll-back to an earlier version of Openfire e.g. 4.0.x if you’re using an external MySQL database? I notice that the database format is “upgraded” on first start after an upgrade but don’t know how it would cope with a downgrade

Here’s my sendxmpp output:

[zenoss@zen-master ~]$ echo “horray it works part” |sendxmpp -u zenxmpp -r zenxmpp -e -n -d -c ug@conference.jabber.is.ed.ac.uk

sendxmpp: config: ‘password’ => ********’

Use of uninitialized value $val in concatenation (.) or string at /usr/bin/sendxmpp line 200.

sendxmpp: config: ‘component’ => ‘’

sendxmpp: config: ‘jserver’ => ‘jabber.is.ed.ac.uk

sendxmpp: config: ‘port’ => ‘5223’

sendxmpp: config: ‘username’ => ‘zenxmpp’

XML::Stream: new: hostname = (zen-master.is.ed.ac.uk)

XML::Stream: SetCallBacks: tag(node) func(CODE(0x20a5658))

XMPP::Conn: xmppCallbackInit: start

XMPP::Conn: SetCallBacks: tag(message) func(CODE(0x20a4ff8))

XMPP::Conn: SetCallBacks: tag(presence) func(CODE(0x20a5178))

XMPP::Conn: SetCallBacks: tag(iq) func(CODE(0x20a52f8))

XMPP::Conn: SetPresenceCallBacks: type(subscribe) func(CODE(0x20a51a8))

XMPP::Conn: SetPresenceCallBacks: type(subscribed) func(CODE(0x20a4ab8))

XMPP::Conn: SetPresenceCallBacks: type(unsubscribe) func(CODE(0x20a4c38))

XMPP::Conn: SetPresenceCallBacks: type(unsubscribed) func(CODE(0x209fa90))

XMPP::Conn: SetDirectXPathCallBacks: xpath(/[@xmlns=“urn:ietf:params:xml:ns:xmpp-tls”]) func(CODE(0x20a4ae8))

XMPP::Conn: SetDirectXPathCallBacks: xpath(/[@xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”]) func(CODE(0x209f880))

XMPP::Conn: xmppCallbackInit: stop

sendxmpp: ssl_verify: 0

sendxmpp: tls_ca_path:

XMPP::Conn: Connect: host(jabber.is.ed.ac.uk:5223) namespace(jabber:client)

XMPP::Conn: Connect: timeout(10)

XML::Stream: Connect: type(tcpip)

XML::Stream: Connect: Convert normal socket to SSL

XML::Stream: Connect: sock(IO::Socket::INET=GLOB(0x20ab170))

XML::Stream: LoadSSL: Load the IO::Socket::SSL module

XML::Stream: LoadSSL: Success

XML::Stream: Connect: ssl_sock(IO::Socket::SSL=GLOB(0x20ab170))

XML::Stream: Connect: SSL: We are secure

XML::Stream: Connect: Got a connection

XML::Stream: Send: (<?xml version='1.0'?><stream:stream version=‘1.0’ xmlns:stream=‘http://etherx.jabber.org/streams’ xmlns=‘jabber:client’ to=‘jabber.is.ed.ac.uk’ from=‘zen-master.is.ed.ac.uk’ xml:lang=‘en’ >)

XML::Stream: Read: buff(<?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream=“http://etherx.jabber.org/streams” xmlns=“jabber:client” from=“jabber.is.ed.ac.uk” id=“48a1lo3425” xml:lang=“en” version=“1.0”>)

XML::Stream: Read: buff(stream:featuresPLAINGSSAPIzlib</stream:features>)

XMPP::Conn: Connect: connection made

XML::Stream: SetCallBacks: tag(node) func(CODE(0x20ab800))

sendxmpp: Connect: 1

XMPP::Conn: AuthIQAuth: old school auth

XMPP::Conn: SendAndReceiveWithID: object(Net::XMPP::IQ=HASH(0x2234058))

XMPP::Conn: SendWithID: id(netjabber-0)

XMPP::Conn: SendWithID: in(zenxmpp)

XMPP::Conn: RegisterID: tag(iq) id(netjabber-0)

XMPP::Conn: SendWithID: out(zenxmpp)

XMPP::Conn: SendXML: sent(zenxmpp)

XML::Stream: Send: (zenxmpp)

XMPP::Conn: SendAndReceiveWithID: sent with id(netjabber-0)

XMPP::Conn: WaitForID: id(netjabber-0)

XMPP::Conn: ReceivedID: id(netjabber-0)

XMPP::Conn: ReceivedID: nope…

XMPP::Conn: WaitForID: haven’t gotten it yet… let’s wait for more packets

XMPP::Conn: Process: timeout(1)

XMPP::Conn: ReceivedID: id(netjabber-0)

XMPP::Conn: ReceivedID: nope…

XMPP::Conn: WaitForID: haven’t gotten it yet… let’s wait for more packets

XMPP::Conn: Process: timeout(1)

XMPP::Conn: ReceivedID: id(netjabber-0)

XMPP::Conn: ReceivedID: nope…

XMPP::Conn: WaitForID: haven’t gotten it yet… let’s wait for more packets

XMPP::Conn: Process: timeout(1)

I have a some problem, do you have find a solution?

after some searches, I found a solution. Edit the file /usr/share/perl5/Net/XMPP/Protocol.pm (maybe not in the same location), look for the line containing – return $self->AuthSASL(%args); – and if it’s commented, remove the starting # to uncomment…

1 Like

For anyone tracking this:
I recently hit this issue with sendxmpp. My OF instance is also using SASL Mechs GSSAPI and PLAIN . The issue appears to be that sendxmpp would try to connect with a GSSAPI instead of PLAIN. I was able to work around this by disabling the GSSAPI module used by perl. I simply renamed GSSAPI.pm to GSSAPI.pm.bak .