How can I create an XMPP session from the command line?

1
votes

Background: I'm working on an XMPP app that uses SMACK to talk to an ejabberd server.

For educational purposes, I want to be able to issue the XMPP commands by hand to the server.

I found a list of open servers and chose this one: https://xmpp.is/account/register/xmpp_is/

I connect to it with the following command:

openssl s_client -starttls xmpp -connect xmpp.is:5222

To figure out what responses to issue I've been reading the RFCs, but also have installed an Windows XMPP app called "Swift" primarily because it has a console feature that shows the traffic between the client and server: https://swift.im/

While I'm able to get some responses from the server, I've not been able to figure out how to successfully login from the command line.

The swift traffic for a successful login looks like:

<!-- OUT 2018-09-15T16:19:39 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<!-- IN 2018-09-15T16:19:40 -->
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='2a12ed5d-b01d-44e9-a3c4-c083340f6e1a' version='1.0' xmlns='jabber:client'><stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls></stream:features>
<!-- OUT 2018-09-15T16:19:40 -->
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<!-- IN 2018-09-15T16:19:40 -->
<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
<!-- OUT 2018-09-15T16:19:40 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<!-- IN 2018-09-15T16:19:40 -->
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='3551ba66-c71e-4113-bd52-51d7ce9edf8e' version='1.0' xmlns='jabber:client'><stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>SCRAM-SHA-1-PLUS</mechanism></mechanisms></stream:features>
<!-- OUT 2018-09-15T16:19:40 -->
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="SCRAM-SHA-1-PLUS">cD10bHMtdW5pcXVlLCxuPXNub28scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM=</auth>
<!-- IN 2018-09-15T16:19:40 -->
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscz1NR1ZsTVRoaFpqTXRZakpsTkMwMFlqSmtMV0V6Tm1FdFlURmhaR1JoWWpsa1pEZ3csaT00MDk2</challenge>
<!-- OUT 2018-09-15T16:19:40 -->
<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1jRDEwYkhNdGRXNXBjWFZsTEN3em1qc1FHRWtPeUduUjNNST0scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscD1VaFNTbmlEblM3S2I3Sm9OYUVraTRIWEJYK2M9</response>
<!-- IN 2018-09-15T16:19:40 -->
<success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>dj1Fa1ZuUGpmYU4wWTNyK0tsYWF1ViszOTVyMzg9</success>
<!-- OUT 2018-09-15T16:19:40 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<!-- IN 2018-09-15T16:19:40 -->
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='3b390a8b-e137-46b6-988d-b66208277e67' version='1.0' xmlns='jabber:client'><stream:features><csi xmlns='urn:xmpp:csi:0'/><sm xmlns='urn:xmpp:sm:2'><optional/></sm><sm xmlns='urn:xmpp:sm:3'><optional/></sm><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind><session xmlns='urn:ietf:params:xml:ns:xmpp-session'><optional/></session><c hash='sha-1' ver='L89AHiFIV5exIjD3VCsiLb//JIg=' node='http://prosody.im' xmlns='http://jabber.org/protocol/caps'/><ver xmlns='urn:xmpp:features:rosterver'/></stream:features>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="session-bind" type="set"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>10ce5033-4f48-4f70-8f88-8c8f2e0525f0</resource></bind></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='session-bind' type='result'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><jid>[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0</jid></bind></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<enable xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<enabled max='300' xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="session-start" type="set"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='session-start' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'/>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="e69a06ef-8f3b-4492-95cf-206b252363bf" type="get"><vCard xmlns="vcard-temp"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="b1e82772-9d2e-474f-8677-672ce3a4a0b6" type="get"><query xmlns="jabber:iq:private"><storage xmlns="storage:bookmarks"/></query></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="e3e1361c-1541-4365-ac39-011247f07b33" type="get"><query ver="1" xmlns="jabber:iq:roster"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="991f5f2a-d923-4fa6-8dc9-e5ab065e983c" to="xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<presence><status></status><x xmlns="vcard-temp:x:update"><photo></photo></x><c hash="sha-1" node="http://swift.im" ver="3ScHZH4hKmksks0e7RG8B4cjaT8=" xmlns="http://jabber.org/protocol/caps"/></presence>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="c6facf37-8e9e-45cc-a86d-6e6b5a315911" to="xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="1" xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='e69a06ef-8f3b-4492-95cf-206b252363bf' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><vCard xmlns='vcard-temp'><VERSION>3.0</VERSION><NICKNAME>snoo</NICKNAME><EMAIL><USERID>[email protected]</USERID></EMAIL></vCard></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='b1e82772-9d2e-474f-8677-672ce3a4a0b6' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><query xmlns='jabber:iq:private'><storage xmlns='storage:bookmarks'/></query></iq><iq id='e3e1361c-1541-4365-ac39-011247f07b33' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'/><iq id='991f5f2a-d923-4fa6-8dc9-e5ab065e983c' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='pep' name='Prosody' category='pubsub'/><identity type='im' name='Prosody' category='server'/><feature var='urn:xmpp:blocking'/><feature var='urn:xmpp:ping'/><feature var='msgoffline'/><feature var='jabber:iq:version'/><feature var='vcard-temp'/><feature var='jabber:iq:roster'/><feature var='urn:xmpp:time'/><feature var='jabber:iq:time'/><feature var='jabber:iq:private'/><feature var='http://jabber.org/protocol/commands'/><feature var='jabber:iq:register'/><feature var='http://jabber.org/protocol/pubsub#publish'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/><feature var='jabber:iq:last'/><feature var='urn:xmpp:carbons:2'/><feature var='urn:xmpp:carbons:1'/><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>http://jabber.org/network/serverinfo</value></field><field type='list-multi' var='feedback-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='admin-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='abuse-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='support-addresses'><value>https://xmpp.is/contact/</value></field></x></query></iq><presence from='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><status/><x xmlns='vcard-temp:x:update'><photo/></x><c hash='sha-1' ver='3ScHZH4hKmksks0e7RG8B4cjaT8=' node='http://swift.im' xmlns='http://jabber.org/protocol/caps'/></presence><iq id='c6facf37-8e9e-45cc-a86d-6e6b5a315911' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='pep' name='Prosody' category='pubsub'/><identity type='im' name='Prosody' category='server'/><feature var='urn:xmpp:blocking'/><feature var='urn:xmpp:ping'/><feature var='msgoffline'/><feature var='jabber:iq:version'/><feature var='vcard-temp'/><feature var='jabber:iq:roster'/><feature var='urn:xmpp:time'/><feature var='jabber:iq:time'/><feature var='jabber:iq:private'/><feature var='http://jabber.org/protocol/commands'/><feature var='jabber:iq:register'/><feature var='http://jabber.org/protocol/pubsub#publish'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/><feature var='jabber:iq:last'/><feature var='urn:xmpp:carbons:2'/><feature var='urn:xmpp:carbons:1'/><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>http://jabber.org/network/serverinfo</value></field><field type='list-multi' var='feedback-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='admin-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='abuse-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='support-addresses'><value>https://xmpp.is/contact/</value></field></x></query></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="97eefcfd-204b-4afd-9ea1-cc10962d892b" to="xmpp.is" type="get"><query node="http://jabber.org/protocol/commands" xmlns="http://jabber.org/protocol/disco#items"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="4ed568f6-7c8c-46fe-9068-4a2a81bdd393" type="get"><blocklist xmlns="urn:xmpp:blocking"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="f673e890-7643-46a0-b5f4-230c5b384c8b" type="set"><enable xmlns="urn:xmpp:carbons:2"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="d0b62e41-afa5-48e8-a0e7-143c9a328c35" to="xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#items"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="7" xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='97eefcfd-204b-4afd-9ea1-cc10962d892b' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query node='http://jabber.org/protocol/commands' xmlns='http://jabber.org/protocol/disco#items'><item jid='xmpp.is' name='Ping' node='ping'/><item jid='xmpp.is' name='Get uptime' node='uptime'/></query></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='4ed568f6-7c8c-46fe-9068-4a2a81bdd393' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><blocklist xmlns='urn:xmpp:blocking'/></iq><iq id='f673e890-7643-46a0-b5f4-230c5b384c8b' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'/><iq id='d0b62e41-afa5-48e8-a0e7-143c9a328c35' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query xmlns='http://jabber.org/protocol/disco#items'><item jid='upload.xmpp.is'/><item jid='muc.xmpp.is' name='XMPP.is MUC'/></query></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="a3838d36-3d3b-4d8b-afda-e46b49ce0fdf" to="upload.xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="76c58b53-545e-40ef-8832-0beb6a74a50e" to="muc.xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="11" xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='a3838d36-3d3b-4d8b-afda-e46b49ce0fdf' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='upload.xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='file' name='HTTP File Upload' category='store'/><feature var='urn:xmpp:http:upload:0'/><feature var='urn:xmpp:http:upload'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>urn:xmpp:http:upload:0</value></field><field type='text-single' var='max-file-size'><value>10000000</value></field></x><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>urn:xmpp:http:upload</value></field><field type='text-single' var='max-file-size'><value>10000000</value></field></x></query></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='76c58b53-545e-40ef-8832-0beb6a74a50e' type='result' to='[email protected]/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='muc.xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='text' name='XMPP.is MUC' category='conference'/><feature var='http://jabber.org/protocol/muc'/><feature var='http://jabber.org/protocol/commands'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/></query></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="13" xmlns="urn:xmpp:sm:2"/>

My first attempt to emulate what swift is doing from the command line:

openssl s_client -starttls xmpp -connect xmpp.is:5222
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = xmpp.is
verify return:1
---
Certificate chain
 0 s:/CN=xmpp.is
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHazCCBlOgAwIBAgISA8Vupt6pSMDO3eLJAR+p6kioMA0GCSqGSIb3DQEBCwUA
[DELETED MOST OF THE CERTIFICATE]
XTe7RnD/qWEeN3o0dj8yBJE+dDG74QBST5ihqjZoEA==
-----END CERTIFICATE-----
subject=/CN=xmpp.is
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Shared Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Peer signing digest: SHA512
Server Temp Key: ECDH, P-384, 384 bits
---
SSL handshake has read 4238 bytes and written 641 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID:
    Session-ID-ctx:
    Master-Key: C7BAD8006A9058DEB850C31C07AD8DC3F6ABF39740A9477BAC2F191C0AD5A35CA70C1ACE08AF3B5357FBC97F226402F3
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1537024886
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='18367b2a-2df5-4dd9-be5f-607c05d6760f' version='1.0' xmlns='jabber:client'><stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>SCRAM-SHA-1-PLUS</mechanism></mechanisms></stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/></stream:stream>closed

The stream closed after issuing the command:

<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>

with:

<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>

I'm guessing it might be because I've already opened a TLS connection from the command line. So I thought I'd skip the first couple of commands and proceed straight to authentication. Here is the session for my new attempt:

openssl s_client -starttls xmpp -connect xmpp.is:5222
CONNECTED(00000003)
...
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='f57f8d05-6550-42ac-b458-775b8cb78319' version='1.0' xmlns='jabber:client'><stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>SCRAM-SHA-1-PLUS</mechanism></mechanisms></stream:features><auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="SCRAM-SHA-1-PLUS">cD10bHMtdW5pcXVlLCxuPXNub28scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM=</auth>
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTNhZGY4MTBmMy1hMWU4LTQxZGItOGM0OS01NDAxZWQxYTQ3NjQscz1NR1ZsTVRoaFpqTXRZakpsTkMwMFlqSmtMV0V6Tm1FdFlURmhaR1JoWWpsa1pEZ3csaT00MDk2</challenge><response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1jRDEwYkhNdGRXNXBjWFZsTEN3em1qc1FHRWtPeUduUjNNST0scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscD1VaFNTbmlEblM3S2I3Sm9OYUVraTRIWEJYK2M9</response>
<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><malformed-request/><text>Invalid channel binding value.</text></failure>

Now that looked a bit better because the server sent me the "challenge", but when I sent the response from the Swift app's session it issued:

Invalid channel binding value

I'm guessing that it is complaining because I used the challenge token from the Swift app's session instead of the info in the current command line session. So I'm wondering when I receive a challenge from the server like this one:

<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscz1NR1ZsTVRoaFpqTXRZakpsTkMwMFlqSmtMV0V6Tm1FdFlURmhaR1JoWWpsa1pEZ3csaT00MDk2</challenge>

How do I formulate a response like this:

<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1jRDEwYkhNdGRXNXBjWFZsTEN3em1qc1FHRWtPeUduUjNNST0scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscD1VaFNTbmlEblM3S2I3Sm9OYUVraTRIWEJYK2M9</response>

I'm guessing that I probably need to use the challenge token the server sent as the input into a signing process...

But, also if someone knows a simpler way to initiate a command line session with a different public XMPP server then I'd be happy to use that. Thanks...

UPDATE:

I've done the following:

  • Installed my own eJabberd server on my development machine
  • Changed the settings in the Swift client to
    • Secure Connection: Never
    • Allow Sending Password over Insecure Connection: true

enter image description here

The Swift logs for connecting to the server with these new settings:

<!-- OUT 2018-09-22T11:35:47 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="desktop-2neut2i" version="1.0">
<!-- IN 2018-09-22T11:35:47 -->
<?xml version='1.0'?><stream:stream id='5884973410867271599' version='1.0' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' from='desktop-2neut2i' xmlns='jabber:client'>
<!-- IN 2018-09-22T11:35:47 -->
<stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>DIGEST-MD5</mechanism><mechanism>X-OAUTH2</mechanism><mechanism>SCRAM-SHA-1</mechanism></mechanisms><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/><register xmlns='http://jabber.org/features/iq-register'/></stream:features>
<!-- OUT 2018-09-22T11:35:47 -->
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="SCRAM-SHA-1">biwsbj1iaWxibyxyPTE3NDNjNzJiLWE2MTMtNGNhMC1hZmE2LTU4M2RkMDFiMmFiNg==</auth>
<!-- IN 2018-09-22T11:35:47 -->
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj0xNzQzYzcyYi1hNjEzLTRjYTAtYWZhNi01ODNkZDAxYjJhYjY5UnlVQmYxd0FzUU9vQ0hMdWhDMWlBPT0scz1WeXBnZ1hpL1k3bmxBUkk5TzA5R1dnPT0saT00MDk2</challenge>
<!-- OUT 2018-09-22T11:35:47 -->
<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1iaXdzLHI9MTc0M2M3MmItYTYxMy00Y2EwLWFmYTYtNTgzZGQwMWIyYWI2OVJ5VUJmMXdBc1FPb0NITHVoQzFpQT09LHA9YStFSU81a1gyeXd3L0pGYUFzR3I1aVpCMktrPQ==</response>
<!-- IN 2018-09-22T11:35:47 -->
<success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>dj1hMHJsY1ZVUHhabEdoTU5QOW9EbGoyZEJkcEk9</success>
<!-- OUT 2018-09-22T11:35:47 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="desktop-2neut2i" version="1.0">
<!-- IN 2018-09-22T11:35:47 -->
<?xml version='1.0'?><stream:stream id='8501231819433449809' version='1.0' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' from='desktop-2neut2i' xmlns='jabber:client'>
<!-- IN 2018-09-22T11:35:47 -->
<stream:features><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'/><session xmlns='urn:ietf:params:xml:ns:xmpp-session'><optional/></session><c ver='sg7ZnA5zzsPpRyrmVVRdsh4nhRU=' node='http://www.process-one.net/en/ejabberd/' hash='sha-1' xmlns='http://jabber.org/protocol/caps'/><sm xmlns='urn:xmpp:sm:2'/><sm xmlns='urn:xmpp:sm:3'/><csi xmlns='urn:xmpp:csi:0'/></stream:features>
<!-- OUT 2018-09-22T11:35:47 -->
<iq id="session-bind" type="set"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>125157816940461441277</resource></bind></iq>
<!-- IN 2018-09-22T11:35:48 -->
<iq type='result' id='session-bind'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><jid>bilbo@desktop-2neut2i/125157816940461441277</jid></bind></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<enable xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-22T11:35:48 -->
<enabled xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="session-start" type="set"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq>
<!-- IN 2018-09-22T11:35:48 -->
<iq xml:lang='en' to='bilbo@desktop-2neut2i/125157816940461441277' from='bilbo@desktop-2neut2i' type='result' id='session-start'/>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="eb7ec3d0-1aa5-448d-8dd9-8fa603905cb2" type="get"><vCard xmlns="vcard-temp"/></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="d2bca196-93e8-46f2-b36b-14bb2ebd8670" type="get"><query xmlns="jabber:iq:private"><storage xmlns="storage:bookmarks"/></query></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="6e5a62ef-3e7f-4eb3-9520-a10bb7206602" type="get"><query xmlns="jabber:iq:roster"/></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="257a9caf-53fa-4e34-9bb6-5b2310e20b82" to="desktop-2neut2i" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<presence><status></status><x xmlns="vcard-temp:x:update"><photo></photo></x><c hash="sha-1" node="http://swift.im" ver="3ScHZH4hKmksks0e7RG8B4cjaT8=" xmlns="http://jabber.org/protocol/caps"/></presence>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="b1e68799-5ea4-47c1-98ea-7205927b3681" to="desktop-2neut2i" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- IN 2018-09-22T11:35:48 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-22T11:35:48 -->
<a h="1" xmlns="urn:xmpp:sm:2"/>

So tried to login again, this time using:

telnet localhost 5222

I pasted the commands from the Swift session above. But I still arrive at the same dilemma, I do not know how to respond to the challenge issued by the server.

I can do some of the steps in the following post: XMPP SASL SCRAM-SHA1 Authentication

Such as the base64 decoding and encoding using this tool: https://www.base64decode.org/

I think I'm probably missing something basic. Now that I have my own server, I was hoping I could disable all the additional security mechanisms and login with a plain username and password. But I have not figured out how to do that. Any ideas on how to complete the login from telnet?

1
xmppejabberdsmack

1 Answers

0
votes

You are trying to use SCRAM-SHA-1-PLUS to authenticate and it is a calculated cryptographic exchange. Part of that exchange is the unique session key negotiated when opening the SSL connection. You will not be able to complete the authentication process using SCRAM on the command line you are better using PLAIN or using an existing library to code your own client.