powered by Jive Software

Wildfire server 100% CPU / Hang during Pandion registration

Hello,

I upgraded our server from Wildfire 2.4.4 to 2.5 over the weekend and initially everything seemed to be working OK with our Pandion 2.5 clients.

Today someone tried to register a new user using Pandion which failed. Looking at the server, the wildfire-service process was at 100%. The web GUI was unresponsive and I had to restart the service to get it going again. I have downgraded back to 2.4.4 and everything is working as expected again.

The problem is repeatable both on this and another test system - each time a Pandion client tries to register the server goes to 100%. The warn log contains this:

2006.02.20 10:43:56 SaslException

javax.security.sasl.SaslException: DIGEST-MD5: IO error acquiring password Caused by java.io.IOException: org.jivesoftware.wildfire.user.UserNotFoundException: a.user

at com.sun.security.sasl.digest.DigestMD5Server.validateClientResponse(Unknown Source)

at com.sun.security.sasl.digest.DigestMD5Server.evaluateResponse(Unknown Source)

at org.jivesoftware.wildfire.net.SASLAuthentication.doHandshake(SASLAuthentication .java:199)

at org.jivesoftware.wildfire.net.SocketReader.authenticateClient(SocketReader.java :315)

at org.jivesoftware.wildfire.net.SocketReader.readStream(SocketReader.java:276)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:119)

at java.lang.Thread.run(Unknown Source)

Caused by: java.io.IOException: org.jivesoftware.wildfire.user.UserNotFoundException: a.user

at org.jivesoftware.wildfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:69)

… 7 more

Regards,

Kris.

Same here, i just downgraded to 2.4.4 and registering worked again

I’'m using the linux version, with a 8.2 suse linux

Java tops @ 100% cpu…and must restart server.

no problem with windows based version…

also an other issue…

Under plugins i cannot see nothing (not even the plugin provided) and Plugins to not work. with the windows version all ok…

Ceers

Hello,

My server is running Windows 2003. I didn’'t notice any particular problems other than the registering not working with Pandion. I did a quick test earlier and registering is OK with Spark 1.1.1. Also, previous to my earlier email the web gui is still available, but because the server is busy the response time is high (which is why I thought it had hung).

Kris.

Hello,

I’'m replying to myself, but perhaps this information might be useful.

I have doing some tests to see if I can narrow down why Wildfire 2.5/Pandion 2.5 are having problems.

I founf that setting Pandion to use SSL encryption makes registration work OK. Setting Pandion to use TLS or no encryption causes the Wildfire server to hit 100% CPU.

Regards,

Kris.

Hey Guys,

Thanks for the bug report. In the next nightly build you will find a fix for this problem. To update your installation just copy the new lib/wildfire.jar file over the existing one. Related jira issue: JM-569

Thanks,

– Gato

Hello,

Thank you for the quick response! I’‘ll report back when I’'ve tried the fix.

Regards,

Kris.

Sup,

I found another xml example that can cause the loop. Added it to the JM issue, and sent an email.

Guys,

A fix for the later problem has been checked in. However, note that only malicious clients may fall under this case since xmpp compliant clients should use the correct namespace for the auth element.

Thanks again,

– Gato

well, badly coded clients could cause this to happen too

That’'s true.

– Gato

Hello,

A test today showed that the nightly build has resolved the Pandion registration problem.

Copying the lib/wildfire.jar file alone was not enough, the server wouldn’'t start afterwards. Not knowing its dependancies I ended up copying all of the lib files over and that seemed to work.

Regards,

Kris.