[swift-users] Swift with Openfire 4.1

[Captain Coffee]

Simple solution creating an installation script remove the new version that is corrupted and then run and automated deployment of the previous version that should bring your users back online with a stable platform.

On Jan 5, 2017 10:40 AM, Ryan Hammond <ryan.hammond at di2e.net> wrote:
We upgraded openfire from 4.0.4 to 4.1.1 this morning.  Suddenly, Swift clients can't connect, getting an "Login/password invalid" error.  Here's a representative stanza:

<!-- OUT 2017-01-05T16:21:43 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="chat.di2e.net<http://chat.di2e.net>" version="1.0">
<!-- IN 2017-01-05T16:21:43 -->
<?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="chat.di2e.net<http://chat.di2e.net>" id="6ld1lagz9i" xml:lang="en" version="1.0"><stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>EXTERNAL</mechanism></mechanisms></stream:features>
<!-- OUT 2017-01-05T16:21:43 -->
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<!-- IN 2017-01-05T16:21:43 -->
<proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<!-- OUT 2017-01-05T16:21:44 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="chat.di2e.net<http://chat.di2e.net>" version="1.0">
<!-- IN 2017-01-05T16:21:44 -->
<?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="chat.di2e.net<http://chat.di2e.net>" id="6ld1lagz9i" xml:lang="en" version="1.0"><stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>EXTERNAL</mechanism></mechanisms><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression><auth xmlns="http://jabber.org/features/iq-auth"/></stream:features>
<!-- OUT 2017-01-05T16:21:44 -->
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="EXTERNAL">=</auth>
<!-- IN 2017-01-05T16:21:44 -->
<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure>
<!-- OUT 2017-01-05T16:21:44 -->
</stream:stream>


Other clients (Pidgin, Adium, Transverse) work just fine.

Any ideas?  I do not know that we need EXTERNAL SASL support but I also don't see how to turn that off in the server.

Thanks,
Ryan

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </lists/pipermail/swift-users/attachments/20170105/48afc8fd/attachment.html>