New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PubSub Access Model 'open' still results in auth errors if node is queried from another account #2483

Closed
vanitasvitae opened this Issue Jun 22, 2018 · 2 comments

Comments

Projects
None yet
3 participants
@vanitasvitae

vanitasvitae commented Jun 22, 2018

What version of ejabberd are you using?

18.04

What operating system (version) are you using?

raspbian stretch

How did you install ejabberd (source, package, distribution)?

compiled from source

What did not work as expected? Are there error messages in the log? What
was the unexpected behavior? What was the expected result?

When I change the access model of a pubsub node to 'open' and later query the node from an account which is not subscribed to the node owner, I get an auth error stating that subscription is required.
Below is a stanza log showing creation of the node, change of access model and fetching the node from another account.

# Create Node

16:08:13 SENT (1): <iq to='smack-inttest-two-txydb@server.tld' id='VEKYj-188' type='get'><query xmlns='http://jabber.org/protocol/disco#info' node='urn:xmpp:openpgp:0:public-keys'></query></iq>

16:08:14 RECV (1): <iq xml:lang='en' to='smack-inttest-two-txydb@server.tld/two-txydb' from='smack-inttest-two-txydb@server.tld' type='result' id='VEKYj-188'><query node='urn:xmpp:openpgp:0:public-keys' xmlns='http://jabber.org/protocol/disco#info'><identity type='registered' category='account'/></query></iq>

16:08:14 SENT (1): <iq to='smack-inttest-two-txydb@server.tld' id='VEKYj-190' type='set'><pubsub xmlns='http://jabber.org/protocol/pubsub'><create node='urn:xmpp:openpgp:0:public-keys'/></pubsub></iq>

16:08:17 RECV (1): <iq xml:lang='en' to='smack-inttest-two-txydb@server.tld/two-txydb' from='smack-inttest-two-txydb@server.tld' type='result' id='VEKYj-190'><pubsub xmlns='http://jabber.org/protocol/pubsub'><create node='urn:xmpp:openpgp:0:public-keys'/></pubsub></iq>


# Change Access Model

16:08:17 SENT (1): <iq to='smack-inttest-two-txydb@server.tld' id='VEKYj-192' type='get'><pubsub xmlns='http://jabber.org/protocol/pubsub#owner'><configure node='urn:xmpp:openpgp:0:public-keys'/></pubsub></iq>

16:08:17 RECV (1): <iq xml:lang='en' to='smack-inttest-two-txydb@server.tld/two-txydb' from='smack-inttest-two-txydb@server.tld' type='result' id='VEKYj-192'><pubsub xmlns='http://jabber.org/protocol/pubsub#owner'><configure node='urn:xmpp:openpgp:0:public-keys'><x type='form' xmlns='jabber:x:data'><field var='FORM_TYPE' type='hidden'><value>http://jabber.org/protocol/pubsub#node_config</value></field><field var='pubsub#deliver_payloads' type='boolean' label='Deliver payloads with event notifications'><value>1</value></field><field var='pubsub#notify_config' type='boolean' label='Notify subscribers when the node configuration changes'><value>0</value></field><field var='pubsub#notify_delete' type='boolean' label='Notify subscribers when the node is deleted'><value>0</value></field><field var='pubsub#notify_retract' type='boolean' label='Notify subscribers when items are removed from the node'><value>0</value></field><field var='pubsub#purge_offline' type='boolean' label='Purge all items when the relevant publisher goes offline'><value>0</value></field><field var='pubsub#persist_items' type='boolean' label='Persist items to storage'><value>1</value></field><field var='pubsub#max_items' type='text-single' label='Max # of items to persist'><value>1</value></field><field var='pubsub#subscribe' type='boolean' label='Whether to allow subscriptions'><value>1</value></field><field var='pubsub#access_model' type='list-single' label='Specify the access model'><value>presence</value><option label='Subscription requests must be approved and only subscribers may retrieve items'><value>authorize</value></option><option label='Anyone may subscribe and retrieve items'><value>open</value></option><option label='Anyone with a presence subscription of both or from may subscribe and retrieve items'><value>presence</value></option><option label='Anyone in the specified roster group(s) may subscribe and retrieve items'><value>roster</value></option><option label='Only those on a wh
itelist may subscribe and retrieve items'><value>whitelist</value></option></field><field var='pubsub#roster_groups_allowed' type='list-multi' label='Roster groups allowed to subscribe'/><field var='pubsub#pub
16:08:17 RECV (1): lish_model' type='list-single' label='Specify the publisher model'><value>publishers</value><option label='Only publishers may publish'><value>publishers</value></option><option label='Subscribers may publish'><value>subscribers</value></option><option label='Anyone may publish'><value>open</value></option></field><field var='pubsub#notification_type' type='list-single' label='Specify the event message type'><value>headline</value><option label='Messages of type normal'><value>normal</value></option><option label='Messages of type headline'><value>headline</value></option></field><field var='pubsub#max_payload_size' type='text-single' label='Max payload size in bytes'><value>60000</value></field><field var='pubsub#send_last_published_item' type='list-single' label='When to send the last published item'><value>on_sub_and_presence</value><option label='Never'><value>never</value></option><option label='When a new subscription is processed'><value>on_sub</value></option><option label='When a new subscription is processed and whenever a subscriber comes online'><value>on_sub_and_presence</value></option></field><field var='pubsub#deliver_notifications' type='boolean' label='Deliver event notifications'><value>1</value></field><field var='pubsub#presence_based_delivery' type='boolean' label='Only deliver notifications to available users'><value>1</value></field><field var='pubsub#itemreply' type='list-single' label='Whether owners or publisher should receive replies to items'><value>none</value><option label='Statically specify a replyto of the node owner(s)'><value>owner</value></option><option label='Dynamically specify a replyto of the item publisher'><value>publisher</value></option><option><value>none</value></option></field></x></configure></pubsub></iq>

16:08:17 SENT (1): <iq to='smack-inttest-two-txydb@server.tld' id='VEKYj-194' type='set'><pubsub xmlns='http://jabber.org/protocol/pubsub#owner'><configure node='urn:xmpp:openpgp:0:public-keys'><x xmlns='jabber:x:data' type='submit'><field var='pubsub#access_model' type='list-single'><value>open</value></field></x></configure></pubsub></iq>

16:08:18 RECV (1): <iq xml:lang='en' to='smack-inttest-two-txydb@server.tld/two-txydb' from='smack-inttest-two-txydb@server.tld' type='result' id='VEKYj-194'/>


# Other user queries the node

16:08:18 SENT (0): <iq to='smack-inttest-two-txydb@server.tld' id='VEKYj-203' type='get'><query xmlns='http://jabber.org/protocol/disco#info' node='urn:xmpp:openpgp:0:public-keys'></query></iq>

16:08:18 RECV (0): <iq xml:lang='en' to='smack-inttest-one-txydb@server.tld/one-txydb' from='smack-inttest-two-txydb@server.tld' type='error' id='VEKYj-203'><query node='urn:xmpp:openpgp:0:public-keys' xmlns='http://jabber.org/protocol/disco#info'/><error code='407' type='auth'><subscription-required xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/><text xml:lang='en' xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>Not subscribed</text></error></iq>

@cromain cromain self-assigned this Jun 25, 2018

@zinid zinid assigned zinid and unassigned cromain Jun 25, 2018

@zinid

This comment has been minimized.

Member

zinid commented Jun 25, 2018

@cromain I will handle the issue. It needs some mod_disco improvements and doesn't relate to PubSub, strictly speaking.

@cromain cromain added this to the ejabberd 18.08 milestone Jun 27, 2018

@zinid

This comment has been minimized.

Member

zinid commented Jun 27, 2018

After some more thoughts and discussion (read the chatlog starting from here) I decided to postpone the issue. So I close the issue until this is not clarified.

@zinid zinid closed this Jun 27, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment