[ejabberd] MUC handling of non-groupchat messages

Peter Saint-Andre stpeter at stpeter.im
Wed Jan 9 02:49:00 MSK 2008

Badlop wrote:
> 2008/1/8, Peter Saint-Andre <stpeter at stpeter.im>:
>> I have a report that ejabberd 1.1.3 or 1.1.4 will kick a MUC room
>> occupant if the user sends a message to another occupant and the message
>> is of type "error". For example consider the following exchange (JIDs
>> changed slightly)...
>> <message type="groupchat"
>>           from="psi at conference.psi-im.org/foo"
>>           to="psi at conference.psi-im.org/bar"
>>           id="abcda">
>>    <body>This message is encrypted.</body>
>>    <x xmlns='jabber:x:encrypted'>
>>      big-encrypted-blob-here
>>    </x>
>> </message>
> Is this stanza a private message sent by the client?

Yes, I think so.

> In that case, Type should be 'chat', and From should be the user's
> JID, not the room participant JID, right? Better something like:
> <message type="chat"
>           from="senderuser at example.org/Res"
>           to="psi at conference.psi-im.org/bar"
>           id="abcda">
>    <body>This message is encrypted.</body>
>    <x xmlns='jabber:x:encrypted'>
>      big-encrypted-blob-here
>    </x>
> </message>

Correct, the client sends with no 'from' address so it's stamped by the 

>> <message type="error"
>>           from="psi at conference.psi-im.org/bar"
>>           to="psi at conference.psi-im.org/foo"
>>           id="abcda">
>>    <body>
>>      [ERROR: This message is encrypted, and you are unable
>>      to decrypt it.]
>>    </body>
>>    <error type="modify" code="406" >
>>      <not-acceptable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
>>      <text xmlns="urn:ietf:params:xml:ns:xmpp-stanzas">
>>        Unable to decrypt
>>      </text>
>>    </error>
>> </message>
>> At this point, ejabberd will kick user "bar" from the room. That seems
>> unfriendly, and potentially even a DoS. I think it would be better for
>> ejabberd to deliver the message or, if that is thought to be a problem,
>> at least ignore the stanza.
> Looking at mod_muc_room.erl SVN, ejabberd kicks a participant that
> sends a stanza with type=error in three situations:
>   Line 294: a message sent to the chatroom JID
>   Line 473: a message sent to a participant's JID
>   Line 895: a presence update
> Alexey implemented those checks [1] to kick dead connections, e.g. if
> a participant's server crashed, or network failure occurred.
> The check that annoys you is the one in line 473. Once removed [2],
> ejabberd no longer kicks the participant, instead it delivers the
> message to the other participant. Alexey accepts to remove it, and
> hopefully the checks in lines 294 and 895 will be enough to kick dead
> connections.
> I'm checking with Textshell if my proposed patch is enough to fix this problem.

OK thanks.

> BTW, this bug is tracked here:
> MUC kicks a participant if sends a private message with type=error
> https://support.process-one.net/browse/EJAB-496

Er, yes, I should have just reported the bug, right? My bad. I'll try to 
be better behaved in the future. :)


Peter Saint-Andre

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.jabber.ru/pipermail/ejabberd/attachments/20080108/5a5ed08f/attachment-0001.bin 

More information about the ejabberd mailing list