(a)Smack 4.0.0-rc1 NoResponseException on login

Hello everyone,

I updated to aSmack 4.0.0-rc1 and now I’m getting org.jivesoftware.smack.SmackException$NoResponseException while i’m logging in. Code works with aSmack 8.10. Server(“chatstage.quickblox.com”) is runing on Tigase 5.2.0

Code snippet that uses aSmack 8.10(works):

ConnectionConfiguration configuration = new ConnectionConfiguration(“chatstage.quickblox.com”, 5222);

XMPPConnection connection = new XMPPConnection(configuration);

connection.connect();

connection.login(“18551-438”, “videoChatUser1”);

Code snippet that uses aSmack 4.0.0rc-1(throws exception):

ConnectionConfiguration configuration = new ConnectionConfiguration(“chatstage.quickblox.com”);

XMPPConnection connection = new XMPPTCPConnection(configuration);

connection.connect();

connection.login(“18551-438”, “videoChatUser1”);

Log:

  • org.jivesoftware.smack.SmackException$NoResponseException*
    
  •        at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 358)*
    
  •        at org.jivesoftware.smack.XMPPTCPConnection.login(XMPPTCPConnection.java:233)*
    
  •        at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:376)*
    
  •        at com.quickblox.sample.test.chat.chatservice.TestSmack.testConnection(TestSmack.j ava:38)*
    
  •        at java.lang.reflect.Method.invokeNative(Native Method)*
    
  •        at java.lang.reflect.Method.invoke(Method.java:511)*
    
  •        at android.test.InstrumentationTestCase.runMethod(InstrumentationTestCase.java:214 )*
    
  •        at android.test.InstrumentationTestCase.runTest(InstrumentationTestCase.java:199)*
    
  •        at junit.framework.TestCase.runBare(TestCase.java:134)*
    
  •        at junit.framework.TestResult$1.protect(TestResult.java:115)*
    
  •        at junit.framework.TestResult.runProtected(TestResult.java:133)*
    
  •        at junit.framework.TestResult.run(TestResult.java:118)*
    
  •        at junit.framework.TestCase.run(TestCase.java:124)*
    
  •        at android.test.AndroidTestRunner.runTest(AndroidTestRunner.java:190)*
    
  •        at android.test.AndroidTestRunner.runTest(AndroidTestRunner.java:175)*
    
  •        at android.test.InstrumentationTestRunner.onStart(InstrumentationTestRunner.java:5 55)*
    
  •        at android.app.Instrumentation$InstrumentationThread.run(Instrumentation.java:1584 )
    

D/SMACK﹕ SENT (0): <stream:stream to=“chatstage.quickblox.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>

D/SMACK﹕ RCV (0): <?xml version='1.0'?><stream:stream xmlns=‘jabber:client’ xmlns:stream=‘http://etherx.jabber.org/streams’ from=‘chatstage.quickblox.com’ id=‘0be866ba-97ea-4e14-80e5-e8ebf21ea2a4’ version=‘1.0’ xml:lang=‘en’>

D/SMACK﹕ RCV (0): stream:featuresPLAINANONYMOUSzlib</stream:features>

D/SMACK﹕ SENT (0):

D/SMACK﹕ RCV (0):

D/SMACK﹕ SENT (0): </stream:stream>

Credentials are valid, so everyone can test it.

What I found during debugging: PacketWriter sends closing tag() before packetReader gets response from server, but I don’t know why.

Please, help me solve this issue.

Thanks!

Thanks for the detailed report. Will have a look once I’m back home from holiday.

I am also having this very problem with same code changes as Igor.

This appears to be a problem with TLS negotiation. The TLS initiating entity does not send a new initial stream header, as described in RFC 6120 5.4.3.3. To verfiy, try to disable stream encryption and see if the problem persists.

Make sure that you set a SSLConext in ConnectionConfiguration, that allows a secure connection to the server.

I am using SSLContext like this:

try

{

SSLContext sc = SSLContext.getInstance(“TLS”);

sc.init(null, null, new SecureRandom());

this.connConfig.setCustomSSLContext(sc);

} catch (NoSuchAlgorithmException e)

{

throw new IllegalStateException(e);

} catch (KeyManagementException e)

{

throw new IllegalStateException(e);

}

1 Like

This will get the default SSLContext and use it with Smack. The question is if the context accepts the certificate presented by the server. I can’t tell from the code snipped because it depends on how the SSLContext is configured.

1 Like

Disabling TLS authentication helped, but now the question is how to create TrustManager that will accept the certificate presented by the server.

You have basically two choices:

Use the default SSLContext that will usually a TrustManager that uses the systems global valid CA certificates based on the common constraints for a valid certifciate (valid chain, not expiered, name matches host, …)

Implement your own TrustManager that accepts the certificate based on your conditions (like a valid fingerprint if you want to pin the certificate)

The SSLContext allows you to chain TrustManagers using a combination of the above and/or other approaches.

I’ve tried to use SSLContext as Diego pointed in his answer, you said that it should return default context, it didn’t work for me.

I had the same issue… Are you really using SSL?

I got a “NoReponseException” on login, too without any purpose for security. The solution was to explicitly disable the “SecurityMode”:

configuration.setSecurityMode(SecurityMode.disabled);

1 Like

Here is the description of the situation:

If your SSLContext does not allow the TLS connection, Smack 4.0 will throw a NoResponseException when trying to perform SASL auth. This is not ideal and I’m working on throwing a more meaningful Exception on connect() when TLS failes. Everyone is invited to test the code at https://github.com/Flowdalic/Smack/tree/tlsexception

With version 4.0.0-rc2-SNAPSHOT. I get this exception:

WARNING: Connection closed with error

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.ssl.Alerts.getSSLException(Unknown Source)

at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

at sun.security.ssl.Handshaker.processLoop(Unknown Source)

at sun.security.ssl.Handshaker.process_record(Unknown Source)

at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

at org.jivesoftware.smack.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.j ava:720)

at org.jivesoftware.smack.PacketReader.parsePackets(PacketReader.java:219)

at org.jivesoftware.smack.PacketReader.access$000(PacketReader.java:45)

at org.jivesoftware.smack.PacketReader$1.run(PacketReader.java:79)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.validator.PKIXValidator.doBuild(Unknown Source)

at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)

at sun.security.validator.Validator.validate(Unknown Source)

at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)

at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)

at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

… 12 more

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)

at java.security.cert.CertPathBuilder.build(Unknown Source)

… 18 more

Is this exception thrown by connect()? Because it looks like the exception which is beeing logged within PacketReader, which should have been there even with 4.0.0-rc1.

The commit in the tlsexception branch should make connect() to also throw this exception. Can you confirm this (I still found no time to test it myself yet)?

Yes… This exception is thrown by connect():

WARNING: Connection closed with error

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.ssl.Alerts.getSSLException(Unknown Source)

at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

at sun.security.ssl.Handshaker.processLoop(Unknown Source)

at sun.security.ssl.Handshaker.process_record(Unknown Source)

at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

at org.jivesoftware.smack.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.j ava:720)

at org.jivesoftware.smack.PacketReader.parsePackets(PacketReader.java:219)

at org.jivesoftware.smack.PacketReader.access$000(PacketReader.java:45)

at org.jivesoftware.smack.PacketReader$1.run(PacketReader.java:79)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.validator.PKIXValidator.doBuild(Unknown Source)

at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)

at sun.security.validator.Validator.validate(Unknown Source)

at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)

at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)

at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

… 12 more

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)

at java.security.cert.CertPathBuilder.build(Unknown Source)

… 18 more

org.jivesoftware.smack.SmackException: org.jivesoftware.smack.SmackException$NoResponseException

at org.jivesoftware.smack.XMPPTCPConnection.initConnection(XMPPTCPConnection.java: 564)

at org.jivesoftware.smack.XMPPTCPConnection.connectUsingConfiguration(XMPPTCPConne ction.java:466)

at org.jivesoftware.smack.XMPPTCPConnection.connectInternal(XMPPTCPConnection.java :862)

at org.jivesoftware.smack.XMPPConnection.connect(XMPPConnection.java:358)

thank you very much^^

It was a great help…

Hi,

I’m using 4.0.0-rc2 and I think I get similar problem as Igor described during login, but with a bit different stack trace (the log sequence is kept):

SENT (0): <stream:stream to=“taxijabber.verifoneway.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>

RCV (0): <?xml version='1.0'?><stream:stream xmlns=‘jabber:client’ xmlns:stream=‘http://etherx.jabber.org/streams’ id=‘272129112’ from=‘taxijabber.verifoneway.com’ version=‘1.0’ xml:lang=‘en’>

RCV (0): stream:featureszlibSCRAM-SHA-1PLAINDIGEST-MD5<register xmlns='http://jabber.org/features/iq-register’/></stream:features>

SENT (0):

RCV (0):

SENT (0): <stream:stream to=“taxijabber.verifoneway.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>

RCV (0): <?xml version='1.0'?><stream:stream xmlns=‘jabber:client’ xmlns:stream=‘http://etherx.jabber.org/streams’ id=‘1245180057’ from=‘taxijabber.verifoneway.com’ version=‘1.0’ xml:lang=‘en’>

RCV (0): stream:featureszlibSCRAM-SHA-1PLAINDIGEST-MD5<register xmlns='http://jabber.org/features/iq-register’/></stream:features>

SENT (0):

RCV (0): bm9uY2U9IjQxODc2NDk2OTciLHFvcD0iYXV0aC IsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M=

org.jivesoftware.smack.SmackException$NoResponseException

  •       at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 346)*
    
  •       at org.jivesoftware.smack.tcp.XMPPTCPConnection.login(XMPPTCPConnection.java:242)*
    
  • …*

D/SMACK(20314): SENT (0): </stream:stream>

Connection closed with error

java.lang.NullPointerException

  •      at com.novell.sasl.client.DigestMD5SaslClient.DigestCalcHA1(DigestMD5SaslClient.ja va:447)*
    
  •      at com.novell.sasl.client.DigestMD5SaslClient.createDigestResponse(DigestMD5SaslCl ient.java:646)*
    
  •      at com.novell.sasl.client.DigestMD5SaslClient.evaluateChallenge(DigestMD5SaslClien t.java:356)*
    
  •      at org.jivesoftware.smack.sasl.SASLMechanism.challengeReceived(SASLMechanism.java: 190)*
    
  •      at org.jivesoftware.smack.SASLAuthentication.challengeReceived(SASLAuthentication. java:427)*
    
  •      at org.jivesoftware.smack.tcp.PacketReader.parsePackets(PacketReader.java:252)*
    
  •      at org.jivesoftware.smack.tcp.PacketReader.access$000(PacketReader.java:48)*
    
  •      at org.jivesoftware.smack.tcp.PacketReader$1.run(PacketReader.java:82)*
    

SENT (0): <stream:stream to=“taxijabber.verifoneway.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>

RCV (0): <?xml version='1.0'?><stream:stream xmlns=‘jabber:client’ xmlns:stream=‘http://etherx.jabber.org/streams’ id=‘426231073’ from=‘taxijabber.verifoneway.com’ version=‘1.0’ xml:lang=‘en’>

RCV (0): stream:featureszlibSCRAM-SHA-1PLAINDIGEST-MD5<register xmlns='http://jabber.org/features/iq-register’/></stream:features>

SENT (0):

RCV (0):

SENT (0): <stream:stream to=“taxijabber.verifoneway.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>

RCV (0): <?xml version='1.0'?><stream:stream xmlns=‘jabber:client’ xmlns:stream=‘http://etherx.jabber.org/streams’ id=‘3190381734’ from=‘taxijabber.verifoneway.com’ version=‘1.0’ xml:lang=‘en’>

RCV (0): stream:featureszlibSCRAM-SHA-1PLAINDIGEST-MD5<register xmlns='http://jabber.org/features/iq-register’/></stream:features>

Also I’m using SSLContext as Diego B. wrote:

try

{

SSLContext sc = SSLContext.getInstance(“TLS”);

sc.init(null, null, new SecureRandom());

this.connConfig.setCustomSSLContext(sc);

} catch (NoSuchAlgorithmException e)

{

throw new IllegalStateException(e);

} catch (KeyManagementException e)

{

throw new IllegalStateException(e);

}

Disabling security mode didn’t help and my code worked with previous asmack version 0.8.10.

Thank you.

Connection closed with error

java.lang.NullPointerException

  •      at com.novell.sasl.client.DigestMD5SaslClient.DigestCalcHA1(DigestMD5SaslClient.ja va:447)*
    
  •      at com.novell.sasl.client.DigestMD5SaslClient.createDigestResponse(DigestMD5SaslCl ient.java:646)*
    
  •      at com.novell.sasl.client.DigestMD5SaslClient.evaluateChallenge(DigestMD5SaslClien t.java:356)*
    

Fixed with aSmack 2c6eee74, fix is included in asmack-4.0.0-rc3-SNAPSHOT-2014-06-05.

This fixed the problem, thnx!