[jdev] Authentication Process For Jabber.com

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Sun Mar 9 21:52:58 CDT 2008


On Sunday 09 March 2008 5:49 pm, Peter Saint-Andre wrote:
> Sergei Golovan wrote:
> > On 3/9/08, Peter Saint-Andre <stpeter at stpeter.im> wrote:
> >>  Therefore, this is wrong:
> >>
> >>
> >>  <stream:stream
> >>         xmlns:stream='http://etherx.jabber.org/streams'>
> >>   <message><gajim:die/></message>
> >>  </stream>
> >
> > It means that it's wrong to send this stanza. But it doesn't mean that
> > it's wrong to accept this stanza.
>
> Correct. The spec currently does not say that the server must enforce
> that rule. But naturally the recipient (or the sender's or recipient's
> server) could return a stanza error on receiving it. A <not-acceptable/>
> error seems appropriate:
>
> <message type='error'>
>   <error type='modify>
>     <not-acceptable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
>   </error>
>   <gajim:die/>
> </message>

Hmm, you should probably not send the original XML back in this case, since it 
is invalid.

Further, since some XML parsers throw error when an unrecognized prefix is 
encountered, those clients/servers would most likely respond not with a 
stanza error, but with an xml-not-well-formed *stream* error and close the 
connection.

I think we have to be very careful about how this stuff is routed.  Obviously 
clients shouldn't be generating invalid XML, but servers shouldn't be routing 
it either.  A good server would disconnect whoever sent gajim:die rather than 
routing it and DoS'ing other clients.

-Justin



More information about the JDev mailing list