Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-45607

Potentialy spoofed IQ-packet from ejabberd 17.06 rejected by Smack filter

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • jabber-plugin
    • None
    • CentOS 6.9
      OpenJDK 1.8_131
      Jenkins 2.60.1
      Jabberd plugin 1.35
      Ejabberd 17.06

      Impossible to connect to ejabberd server since last update (from 17.01 to 17.06):

      WARNING org.jivesoftware.smack.filter.IQReplyFilter accept
      Rejected potentially spoofed reply to IQ-packet. Filter settings: packetId=rgEoT-1, to=null, local=null, server=example.com. Received packet with from=jenkins@example.com

      hudson.plugins.jabber.im.transport.JabberConnectionDebugger
      RCV PKT: <iq id='rgEoT-1' to='jenkins@example.com/resource' from='jenkins@example.com' type='result'></iq>

      hudson.plugins.jabber.im.transport.JabberIMConnection connect
      org.jivesoftware.smack.SmackException$NoResponseException
      at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:191)
      at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:175)
      at org.jivesoftware.smack.XMPPConnection.bindResourceAndEstablishSession(XMPPConnection.java:535)
      at org.jivesoftware.smack.tcp.XMPPTCPConnection.login(XMPPTCPConnection.java:260)
      at hudson.plugins.jabber.im.transport.JabberIMConnection.createConnection(JabberIMConnection.java:430)
      at hudson.plugins.jabber.im.transport.JabberIMConnection.connect(JabberIMConnection.java:189)
      at hudson.plugins.jabber.im.transport.JabberIMConnectionProvider.createConnection(JabberIMConnectionProvider.java:42)
      at hudson.plugins.im.IMConnectionProvider.create(IMConnectionProvider.java:59)
      at hudson.plugins.im.IMConnectionProvider.access$500(IMConnectionProvider.java:16)
      at hudson.plugins.im.IMConnectionProvider$ConnectorRunnable.run(IMConnectionProvider.java:165)
      at java.lang.Thread.run(Thread.java:748)

      hudson.plugins.im.IMConnectionProvider$ConnectorRunnable run

      Reconnect failed. Next connection attempt in 1 minutes

          [JENKINS-45607] Potentialy spoofed IQ-packet from ejabberd 17.06 rejected by Smack filter

          Benoit Donneaux added a comment -

          In our effort to fix this issue, we came to help Flowdalic to bump with Smack 4.1.9 (https://github.com/jenkinsci/jabber-plugin/pull/17).
          Upgrading Smack turned out to fix this false positive.
          Now running successfully jabber-plugin 1.36-snapshot for more than a day without any negative impact.

          Benoit Donneaux added a comment - In our effort to fix this issue, we came to help Flowdalic to bump with Smack 4.1.9 ( https://github.com/jenkinsci/jabber-plugin/pull/17 ). Upgrading Smack turned out to fix this false positive. Now running successfully jabber-plugin 1.36-snapshot for more than a day without any negative impact.

          Florian Schmaus added a comment -

          Fixed in 1.36

          Florian Schmaus added a comment - Fixed in 1.36

            flow Florian Schmaus
            bdonneaux Benoit Donneaux
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: