XMPP Server DialBack failure not logged in the Debug Log File

Vasco_Silva · July 18, 2013, 5:25pm

I have configured OpenFire within federation with Lync Proxy XMPP.

Unfourtunaly, it was not easy but now, is working

After some issues, the main issue was that the communication only works from OpenFire -> Lync. The reverse (Lync -> Openfire) doesn’t worked…

After more than a week of debug, analyzing all the trafic between the servers, we find that the TCP dialback was invalid. It was not shown in the Logs, it was detected only using wireshark.

So, after expering this, looking to help the Troubleshooting for the future users, I would like to suggest to include more debug messages.

The debug messages presented are:

Log:

2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: RS - Connection to AS: *****.pt successful

2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: RS - Asking AS to verify dialback key for id50e6e171

2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: db:verify answer was: <stream:features xmlns:stream=“http://etherx.jabber.org/streams”></stream:features>

2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: RS - Closing connection to Authoritative Server: *****.pt

However, the follow XMPP message was sent to the remote server:

<db:result from=“xxxxxxx.pt” to="*****.pt" type=“invalid”/>

I would like to suggest to include the following line to help the Troubleshooting:

Class: ServerDialback.java

https://geni-imf.renci.org/trac/browser/openfire/openfire/src/java/org/jivesoftw are/openfire/server/ServerDialback.java

563 boolean valid = verifyKey(key, streamID.toString(), recipient, hostname, socket);

564

565 Log.debug("ServerDialback: RS - Sending key verification result to OS: " + hostname);

566 sb = new StringBuilder();

567 sb.append("<db:result");

568 sb.append(" from="").append(recipient).append(""");

569 sb.append(" to="").append(hostname).append(""");

570 sb.append(" type="");

571 sb.append(valid ? “valid” : “invalid”);

572 sb.append(""/>");

573 connection.deliverRawText(sb.toString());

SUGGESTED NEW LINE:
Log.debug( valid ? “ServerDialback: RS - Verification result is Valid” : “ServerDialback: RS - Verification result is invalid - Check Dialback Verification!”);

Thank you,

Vasco Silva

Gary10 · August 2, 2013, 8:57am

Hi Vasco,

I’ve been trying to set this up as well and hit a slight snag with the DialBack when I try to add a Lync contact from my Openfire server.

Seeing the following in debug.log:

==> warn.log <==

2013.08.02 09:51:54 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: OS - Ignoring unexpected answer in validation from: mslync2013edge.lab.local id: A08FDEF9D6C54EB605000080 for domain: openfire.domain.net answer:<stream:error xmlns:stream=“urn:ietf:params:xml:ns:xmpp-streams”>stream:host-unknown/</stre am:error>

Any chance you’d be able to give some advice on this please? Haven’t really a clue what it means… Running Openfire 3.8.2.

Thank you.

Kind Regards,

Gary Shergill

Vasco_Silva · August 2, 2013, 3:54pm

Hello Gary,

The problem is because the Lync send an xmpp packet that OpenFire is not expecting. I don’t know if the problem is caused by Lync (sendind a packet out of order), or caused by Openfire (not ready to receive a valid XMPP packet).

You have all the problem explained here:

If you are interested, I can post here the modification needed in source code, to permit TCP_Dialback negotiation.

Regards,

Vasco Silva

DH1 · August 2, 2013, 4:50pm

We are having the same issue, I would like to see the code modification required to permit TCP_Dialback negotiation.

Gary10 · August 5, 2013, 10:17am

Hi Vasco,

That would be brilliant if you could send the source code changes! =)

Thank you.

Kind Regards,

Gary Shergill

Nelson_Almendra · August 7, 2013, 11:57am

Hi,

Here is the ServerDialback.java with the Fix that Vasco Silva was talking about: http://pastebin.com/PwTTMYM1

The difference from the original is that this one has one if in verifyKey method:

The if is in line 674 in pastebin.

if(!“db”.equals(doc.getNamespacePrefix()) && !“verify”.equals(doc.getName()))

{

 doc = reader.parseDocument().getRootElement();

 Log.debug("ServerDialback: RS - (verifyKey) doc: " + doc.asXML());

}

The thing is that Openfire is expecting a <db:verify… /> from AS and it receives a … instead, which makes the Openfire return a <db:verify type=invalid />. With this extra if I force it to read again and the next message is the <db:verify… /> (as Openfire is expecting). As I read it twice the … is discarded.

Nelson Almendra

Leon_Roy · August 8, 2013, 10:21am

In case it helps anyone, the changes above have been rolled into an Openfire 3.8.2 lib here:
http://www.globility.co.uk/downloads/openfire-3.8.2-gltd-0.0.1.jar

Leon_Roy · October 8, 2013, 1:35pm

Just as a heads up we’ve posted two articles about setting up Openfire with Lync:

Lync Openfire XMPP Federation:

http://www.globility.co.uk/?p=414

Lync CSTA Integration with Openfire:

http://www.globility.co.uk/?p=495