HTTP Binding bug messing up federation

This week we noticed a problem after connecting to the server using HTTP binding: if the user that connects has users on his roster that are members of a federated domain, the Wildfire server will lose its outgoing session connection to that domain. As soon as the user logs off the outgoing connection is restored (if it wasn’'t already).

Simultaneously, we noticed that presence that is broadcasted to all users subscribed to the HTTP-connected user contains the namespace

We assume that the malformed presence stanzas sent to the federated domains cause the outgoing session connection to close.

We tracked down the code that is responsible for including the namespace in the presence stanza. In org.jivesoftware.wildfire.http.HttpSessionManager, method forwardRequest(), a for-loop is used to iterate over Elements of the root node of the incoming request.

That incoming request could look something like this:

<body rid="4" sid="344f0cc4" xmlns=""><presence><priority>10</priority></presence></body>

When looking at each element individually, an XML element can be identified by the namespace of its parent element. That’‘s probably what is happening when the for-loop iterates over each element, and that’'s why the presence element gets the namespace that is defined in the body tag that encapsulates the XMPP stanzas. That presence stanza is finally broadcasted to all subscribing users, causing confusion on federating domains.

To verify, we adjusted the namespace that is used in the body tag by capitalizing a few letters. Sure enough, subscribing users received a presence stanza with a namespace containing the same capitalization.

As a hack, we adjusted HttpBindServlet to strip the namespace from the body element as soon as it received. After doing that, our federating connections remain open. This hack however isn’'t ideal. Besides using expensive String manipulation, we are malforming the original request.

Two possible solutions would be to strip the enclosing body tags from the request before the request is parsed as XML, or to adjust the XML parser to make sure namespaces aren’‘t copied to child elements when iterating over them. I’‘m not sure if the latter solution breaks XML specification, and since the body tags aren’'t part of the original XMPP anyway, I prefer the first one.

Thanks Guus for the detailed report. I have tracked down the issue and checked in a fix. It is now available in subversion.