Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-45607

Potentialy spoofed IQ-packet from ejabberd 17.06 rejected by Smack filter

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: jabber-plugin
    • Labels:
      None
    • Environment:
      CentOS 6.9
      OpenJDK 1.8_131
      Jenkins 2.60.1
      Jabberd plugin 1.35
      Ejabberd 17.06
    • Similar Issues:

      Description

      Impossible to connect to ejabberd server since last update (from 17.01 to 17.06):

      WARNING org.jivesoftware.smack.filter.IQReplyFilter accept
      Rejected potentially spoofed reply to IQ-packet. Filter settings: packetId=rgEoT-1, to=null, local=null, server=example.com. Received packet with from=jenkins@example.com

      hudson.plugins.jabber.im.transport.JabberConnectionDebugger
      RCV PKT: <iq id='rgEoT-1' to='jenkins@example.com/resource' from='jenkins@example.com' type='result'></iq>

      hudson.plugins.jabber.im.transport.JabberIMConnection connect
      org.jivesoftware.smack.SmackException$NoResponseException
      at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:191)
      at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:175)
      at org.jivesoftware.smack.XMPPConnection.bindResourceAndEstablishSession(XMPPConnection.java:535)
      at org.jivesoftware.smack.tcp.XMPPTCPConnection.login(XMPPTCPConnection.java:260)
      at hudson.plugins.jabber.im.transport.JabberIMConnection.createConnection(JabberIMConnection.java:430)
      at hudson.plugins.jabber.im.transport.JabberIMConnection.connect(JabberIMConnection.java:189)
      at hudson.plugins.jabber.im.transport.JabberIMConnectionProvider.createConnection(JabberIMConnectionProvider.java:42)
      at hudson.plugins.im.IMConnectionProvider.create(IMConnectionProvider.java:59)
      at hudson.plugins.im.IMConnectionProvider.access$500(IMConnectionProvider.java:16)
      at hudson.plugins.im.IMConnectionProvider$ConnectorRunnable.run(IMConnectionProvider.java:165)
      at java.lang.Thread.run(Thread.java:748)

      hudson.plugins.im.IMConnectionProvider$ConnectorRunnable run

      Reconnect failed. Next connection attempt in 1 minutes

        Attachments

          Issue Links

            Activity

            bdonneaux Benoit Donneaux created issue -
            Hide
            bdonneaux Benoit Donneaux added a comment -

            In our effort to fix this issue, we came to help Flowdalic to bump with Smack 4.1.9 (https://github.com/jenkinsci/jabber-plugin/pull/17).
            Upgrading Smack turned out to fix this false positive.
            Now running successfully jabber-plugin 1.36-snapshot for more than a day without any negative impact.

            Show
            bdonneaux Benoit Donneaux added a comment - In our effort to fix this issue, we came to help Flowdalic to bump with Smack 4.1.9 ( https://github.com/jenkinsci/jabber-plugin/pull/17 ). Upgrading Smack turned out to fix this false positive. Now running successfully jabber-plugin 1.36-snapshot for more than a day without any negative impact.
            bdonneaux Benoit Donneaux made changes -
            Field Original Value New Value
            Link This issue depends on JENKINS-45599 [ JENKINS-45599 ]
            bdonneaux Benoit Donneaux made changes -
            Description Impossible to connect to ejabberd server since last update (from 17.01 to 17.06):

            WARNING org.jivesoftware.smack.filter.IQReplyFilter accept
            Rejected potentially spoofed reply to IQ-packet. Filter settings: packetId=rgEoT-1, to=null, local=null, server=qiy.nl. Received packet with from=jenkins@example.com

            hudson.plugins.jabber.im.transport.JabberConnectionDebugger
            RCV PKT: <iq id='rgEoT-1' to='jenkins@example.com/resource' from='bot-jenkins@qiy.nl' type='result'></iq>

            hudson.plugins.jabber.im.transport.JabberIMConnection connect
            org.jivesoftware.smack.SmackException$NoResponseException
            at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:191)
            at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:175)
            at org.jivesoftware.smack.XMPPConnection.bindResourceAndEstablishSession(XMPPConnection.java:535)
            at org.jivesoftware.smack.tcp.XMPPTCPConnection.login(XMPPTCPConnection.java:260)
            at hudson.plugins.jabber.im.transport.JabberIMConnection.createConnection(JabberIMConnection.java:430)
            at hudson.plugins.jabber.im.transport.JabberIMConnection.connect(JabberIMConnection.java:189)
            at hudson.plugins.jabber.im.transport.JabberIMConnectionProvider.createConnection(JabberIMConnectionProvider.java:42)
            at hudson.plugins.im.IMConnectionProvider.create(IMConnectionProvider.java:59)
            at hudson.plugins.im.IMConnectionProvider.access$500(IMConnectionProvider.java:16)
            at hudson.plugins.im.IMConnectionProvider$ConnectorRunnable.run(IMConnectionProvider.java:165)
            at java.lang.Thread.run(Thread.java:748)

            hudson.plugins.im.IMConnectionProvider$ConnectorRunnable run

            Reconnect failed. Next connection attempt in 1 minutes
            Impossible to connect to ejabberd server since last update (from 17.01 to 17.06):

            WARNING org.jivesoftware.smack.filter.IQReplyFilter accept
            Rejected potentially spoofed reply to IQ-packet. Filter settings: packetId=rgEoT-1, to=null, local=null, server=example.com. Received packet with from=jenkins@example.com

            hudson.plugins.jabber.im.transport.JabberConnectionDebugger
            RCV PKT: <iq id='rgEoT-1' to='jenkins@example.com/resource' from='jenkins@example.com' type='result'></iq>

            hudson.plugins.jabber.im.transport.JabberIMConnection connect
            org.jivesoftware.smack.SmackException$NoResponseException
            at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:191)
            at org.jivesoftware.smack.PacketCollector.nextResultOrThrow(PacketCollector.java:175)
            at org.jivesoftware.smack.XMPPConnection.bindResourceAndEstablishSession(XMPPConnection.java:535)
            at org.jivesoftware.smack.tcp.XMPPTCPConnection.login(XMPPTCPConnection.java:260)
            at hudson.plugins.jabber.im.transport.JabberIMConnection.createConnection(JabberIMConnection.java:430)
            at hudson.plugins.jabber.im.transport.JabberIMConnection.connect(JabberIMConnection.java:189)
            at hudson.plugins.jabber.im.transport.JabberIMConnectionProvider.createConnection(JabberIMConnectionProvider.java:42)
            at hudson.plugins.im.IMConnectionProvider.create(IMConnectionProvider.java:59)
            at hudson.plugins.im.IMConnectionProvider.access$500(IMConnectionProvider.java:16)
            at hudson.plugins.im.IMConnectionProvider$ConnectorRunnable.run(IMConnectionProvider.java:165)
            at java.lang.Thread.run(Thread.java:748)

            hudson.plugins.im.IMConnectionProvider$ConnectorRunnable run

            Reconnect failed. Next connection attempt in 1 minutes
            flow Florian Schmaus made changes -
            Assignee kutzi [ kutzi ] Florian Schmaus [ flow ]
            flow Florian Schmaus made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            flow Florian Schmaus made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            Hide
            flow Florian Schmaus added a comment -

            Fixed in 1.36

            Show
            flow Florian Schmaus added a comment - Fixed in 1.36
            flow Florian Schmaus made changes -
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Resolved [ 5 ]
            flow Florian Schmaus made changes -
            Status Resolved [ 5 ] Closed [ 6 ]

              People

              Assignee:
              flow Florian Schmaus
              Reporter:
              bdonneaux Benoit Donneaux
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: