nilzao
August 31, 2020, 1:34pm
1
Hi, the Soapbox Race community uses openfire server to run the game “Need for Speed World - EA Games”.
The game uses jabber:iq:auth protocol to login (XEP-0078).
We don’t know why (probably EA modfications tyring to avoid hackers inside their old jaber server), but the game only authenticate to Openfire server if the “mechanisms tag” is not present.
Even if all SASL mechs are disabled inside server configs, there’s the empty mechanisms tag, and the game doesn’t like it…
Today, our workaround (since Openfire 4.0.2) we modded the SASLAuthentication class, method getSASLMechanisms to return empty string.
Actual Openfire version we use Non-SASL Auth plugin, and that SASLAuthentication modded class. With all SASL methods disabled.
My suggestion today is something like this (check if there are available SASL mechs before)
public static String getSASLMechanisms( LocalSession session )
{
Set<String> supportedMechanisms = getSupportedMechanisms();
if(supportedMechanisms.isEmpty()){
return "";
}
if ( session instanceof ClientSession )
{
return getSASLMechanismsElement( (ClientSession) session ).asXML();
}
else if ( session instanceof LocalIncomingServerSession )
{
return getSASLMechanismsElement( (LocalIncomingServerSession) session ).asXML();
}
else
{
Log.debug( "Unable to determine SASL mechanisms that are applicable to session '{}'. Unrecognized session type.", session );
return "";
}
}
I’m not sure if that will break the new specs, just a suggestion, another workaround can be some property like “sasl.hide.mechtag=true” (default false)
Thanks for reading this, we love your project.
guus
August 31, 2020, 1:56pm
2
That seems like an easy option to add. I like going with the property best. I’ve raised this issue in our tracker for this: https://issues.igniterealtime.org/browse/OF-2072
guus
August 31, 2020, 2:00pm
3
1 Like
nilzao
August 31, 2020, 2:14pm
4
AWESOME! thanks a lot, that will solve our problem.
guus
August 31, 2020, 2:35pm
5
Can you test it before we merge? That’d make sure that we don’t need any follow-up commits.
nilzao
August 31, 2020, 3:19pm
6
Sure, I’m preparing here to test
1 Like
nilzao
August 31, 2020, 3:37pm
7
Done, just added sasl.client.suppressEmpty=true and worked. Thanks
guus
August 31, 2020, 6:04pm
8
Great, thanks! This change will be part of Openfire 4.6.0! I hope this helps your community!
1 Like
Knezzen
January 29, 2024, 10:22am
9
After the move to Netty Non-SASL stopped working.
I filed an issue on the plugins github page along with some log output.
opened 10:17AM - 29 Jan 24 UTC
After updating to Openfire 4.8.0 the Non-SASL plugin stopped working with the fo… llowing error in the log file:
```
2024.01.23 14:25:29.417 [1;31mERROR[m [nioEventLoopGroup-3-2]: org.jivesoftware.openfire.nio.NettyConnectionHandler - Closing connection on /servers.ip.address:5223—/clients.ip.address:49153 due to error while processing message: <iq id="0B3E0948F4C6B25A" type="set"><query xmlns="jabber:iq:auth"><username>connecting_username</username><password>this_is_a_password</password><resource>ResourceXYZ</resource></query></iq>
java.lang.NoSuchMethodError: 'int org.jivesoftware.openfire.session.LocalClientSession.getStatus()'
at org.jivesoftware.openfire.handler.IQAuthHandler.handleIQ(IQAuthHandler.java:156) ~[?:?]
at org.jivesoftware.openfire.handler.IQHandler.process(IQHandler.java:102) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.IQRouter.handle(IQRouter.java:403) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.IQRouter.route(IQRouter.java:106) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.spi.PacketRouterImpl.route(PacketRouterImpl.java:74) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.net.StanzaHandler.processIQ(StanzaHandler.java:392) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.net.ClientStanzaHandler.processIQ(ClientStanzaHandler.java:90) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:334) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.net.StanzaHandler.processStanza(StanzaHandler.java:222) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:114) ~[xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.nio.NettyConnectionHandler.channelRead0(NettyConnectionHandler.java:142) [xmppserver-4.8.0.jar:4.8.0]
at org.jivesoftware.openfire.nio.NettyConnectionHandler.channelRead0(NettyConnectionHandler.java:50) [xmppserver-4.8.0.jar:4.8.0]
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:99) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.timeout.IdleStateHandler.channelRead(IdleStateHandler.java:286) [netty-handler-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:346) [netty-codec-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:318) [netty-codec-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.traffic.AbstractTrafficShapingHandler.channelRead(AbstractTrafficShapingHandler.java:506) [netty-handler-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1471) [netty-handler-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1334) [netty-handler-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1383) [netty-handler-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529) [netty-codec-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468) [netty-codec-4.1.100.Final.jar:4.1.100.Final]
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290) [netty-codec-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562) [netty-transport-4.1.100.Final.jar:4.1.100.Final]
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) [netty-common-4.1.100.Final.jar:4.1.100.Final]
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) [netty-common-4.1.100.Final.jar:4.1.100.Final]
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) [netty-common-4.1.100.Final.jar:4.1.100.Final]
at java.lang.Thread.run(Thread.java:840) [?:?]
```
guus
January 29, 2024, 7:32pm
10
Thanks for reporting this. There indeed is a compatibility issue with the Non-SASL plugin and Openfire 4.8.0 (but I do not think it relates to Netty).
I’ve got a fix in the works: fixes #5: Compatibility with Openfire 4.8.0 by guusdk · Pull Request #6 · igniterealtime/openfire-nonSaslAuthentication-plugin · GitHub
Are you able to test that?
Knezzen
January 30, 2024, 8:06am
11
I can test it later today if a .jar is produced with your changes
guus
January 30, 2024, 10:25am
12
Try the latest snapshot release (from the table at the bottom-half of the page) from Ignite Realtime: Openfire Plugins
Knezzen
January 30, 2024, 5:32pm
13
It’s working like it should. You can push it to release if you’d like.
Thanks a lot, @guus ! You rock!
1 Like
guus
January 30, 2024, 7:36pm
14