No session IQ response from the google talk server using XMPP - xmpp

I am trying to mimic the XMPP stream to connect to the google talk servers.
I am however facing a problem when sending the session IQ:
The problem: I don't receive a response from the server in any way after sending this:
<iq id="skcevhxmpp_ceschool#gmail.com_6" type="set" to="gmail.com"><session xmlns="urn:ietf:params:xml:ns:xmpp-session" /></iq>
This is the complete flow:
<stream:stream to='gmail.com' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>**
<stream:stream from="gmail.com" id="7FB5653900A7A245" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
<stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>X-OAUTH2</mechanism><mechanism>X-GOOGLE-TOKEN</mechanism></mechanisms></stream:features>
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls" />
<proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<stream:stream to='gmail.com' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>
<stream:stream from="gmail.com" id="508024A63664BA3D" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
<stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>X-OAUTH2</mechanism><mechanism>X-GOOGLE-TOKEN</mechanism><mechanism>PLAIN</mechanism></mechanisms></stream:features>
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN">{Valid auth token}</auth>
<success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>
<stream:stream to='gmail.com' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>
<stream:stream from="gmail.com" id="A407B98F76E98F73" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
<stream:features><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></stream:features>
<iq id="skcevhxmpp_ceschool#gmail.com_5" type="set"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>xmpp</resource></bind></iq>
<iq id="skcevhxmpp_ceschool#gmail.com_5" type="result"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><jid>ceschool#gmail.com/xmppFC762B4C</jid></bind></iq>
<iq id="skcevhxmpp_ceschool#gmail.com_6" type="set" to="gmail.com"><session xmlns="urn:ietf:params:xml:ns:xmpp-session" /></iq>
Extra information:
I use the PLAIN authentication (see:
https://developers.google.com/cloud-print/docs/rawxmpp)
I start using the SslStream after I receive the proceed ... xmpp tls
I use the google talk server to send the xmpp messages to (talk.google.com)
The expected response would be something like:
<iq xmlns="jabber:client" from="gmail.com" type="result" id="skcevhxmpp_ceschool#gmail.com_6" />
Thanks in advance!

try to send the session iq without the to attribute.
<iq id="abcd" type="set">
<session xmlns="urn:ietf:params:xml:ns:xmpp-session" />
</iq>

Related

How can I create an XMPP session from the command line?

Background: I'm working on an XMPP app that uses SMACK to talk to an ejabberd server.
For educational purposes, I want to be able to issue the XMPP commands by hand to the server.
I found a list of open servers and chose this one:
https://xmpp.is/account/register/xmpp_is/
I connect to it with the following command:
openssl s_client -starttls xmpp -connect xmpp.is:5222
To figure out what responses to issue I've been reading the RFCs, but also have installed an Windows XMPP app called "Swift" primarily because it has a console feature that shows the traffic between the client and server:
https://swift.im/
While I'm able to get some responses from the server, I've not been able to figure out how to successfully login from the command line.
The swift traffic for a successful login looks like:
<!-- OUT 2018-09-15T16:19:39 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<!-- IN 2018-09-15T16:19:40 -->
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='2a12ed5d-b01d-44e9-a3c4-c083340f6e1a' version='1.0' xmlns='jabber:client'><stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls></stream:features>
<!-- OUT 2018-09-15T16:19:40 -->
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<!-- IN 2018-09-15T16:19:40 -->
<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
<!-- OUT 2018-09-15T16:19:40 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<!-- IN 2018-09-15T16:19:40 -->
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='3551ba66-c71e-4113-bd52-51d7ce9edf8e' version='1.0' xmlns='jabber:client'><stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>SCRAM-SHA-1-PLUS</mechanism></mechanisms></stream:features>
<!-- OUT 2018-09-15T16:19:40 -->
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="SCRAM-SHA-1-PLUS">cD10bHMtdW5pcXVlLCxuPXNub28scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM=</auth>
<!-- IN 2018-09-15T16:19:40 -->
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscz1NR1ZsTVRoaFpqTXRZakpsTkMwMFlqSmtMV0V6Tm1FdFlURmhaR1JoWWpsa1pEZ3csaT00MDk2</challenge>
<!-- OUT 2018-09-15T16:19:40 -->
<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1jRDEwYkhNdGRXNXBjWFZsTEN3em1qc1FHRWtPeUduUjNNST0scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscD1VaFNTbmlEblM3S2I3Sm9OYUVraTRIWEJYK2M9</response>
<!-- IN 2018-09-15T16:19:40 -->
<success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>dj1Fa1ZuUGpmYU4wWTNyK0tsYWF1ViszOTVyMzg9</success>
<!-- OUT 2018-09-15T16:19:40 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<!-- IN 2018-09-15T16:19:40 -->
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='3b390a8b-e137-46b6-988d-b66208277e67' version='1.0' xmlns='jabber:client'><stream:features><csi xmlns='urn:xmpp:csi:0'/><sm xmlns='urn:xmpp:sm:2'><optional/></sm><sm xmlns='urn:xmpp:sm:3'><optional/></sm><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind><session xmlns='urn:ietf:params:xml:ns:xmpp-session'><optional/></session><c hash='sha-1' ver='L89AHiFIV5exIjD3VCsiLb//JIg=' node='http://prosody.im' xmlns='http://jabber.org/protocol/caps'/><ver xmlns='urn:xmpp:features:rosterver'/></stream:features>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="session-bind" type="set"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>10ce5033-4f48-4f70-8f88-8c8f2e0525f0</resource></bind></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='session-bind' type='result'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><jid>snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0</jid></bind></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<enable xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<enabled max='300' xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="session-start" type="set"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='session-start' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'/>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="e69a06ef-8f3b-4492-95cf-206b252363bf" type="get"><vCard xmlns="vcard-temp"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="b1e82772-9d2e-474f-8677-672ce3a4a0b6" type="get"><query xmlns="jabber:iq:private"><storage xmlns="storage:bookmarks"/></query></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="e3e1361c-1541-4365-ac39-011247f07b33" type="get"><query ver="1" xmlns="jabber:iq:roster"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="991f5f2a-d923-4fa6-8dc9-e5ab065e983c" to="xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<presence><status></status><x xmlns="vcard-temp:x:update"><photo></photo></x><c hash="sha-1" node="http://swift.im" ver="3ScHZH4hKmksks0e7RG8B4cjaT8=" xmlns="http://jabber.org/protocol/caps"/></presence>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="c6facf37-8e9e-45cc-a86d-6e6b5a315911" to="xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="1" xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='e69a06ef-8f3b-4492-95cf-206b252363bf' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><vCard xmlns='vcard-temp'><VERSION>3.0</VERSION><NICKNAME>snoo</NICKNAME><EMAIL><USERID>foo#bar.com</USERID></EMAIL></vCard></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='b1e82772-9d2e-474f-8677-672ce3a4a0b6' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><query xmlns='jabber:iq:private'><storage xmlns='storage:bookmarks'/></query></iq><iq id='e3e1361c-1541-4365-ac39-011247f07b33' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'/><iq id='991f5f2a-d923-4fa6-8dc9-e5ab065e983c' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='pep' name='Prosody' category='pubsub'/><identity type='im' name='Prosody' category='server'/><feature var='urn:xmpp:blocking'/><feature var='urn:xmpp:ping'/><feature var='msgoffline'/><feature var='jabber:iq:version'/><feature var='vcard-temp'/><feature var='jabber:iq:roster'/><feature var='urn:xmpp:time'/><feature var='jabber:iq:time'/><feature var='jabber:iq:private'/><feature var='http://jabber.org/protocol/commands'/><feature var='jabber:iq:register'/><feature var='http://jabber.org/protocol/pubsub#publish'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/><feature var='jabber:iq:last'/><feature var='urn:xmpp:carbons:2'/><feature var='urn:xmpp:carbons:1'/><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>http://jabber.org/network/serverinfo</value></field><field type='list-multi' var='feedback-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='admin-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='abuse-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='support-addresses'><value>https://xmpp.is/contact/</value></field></x></query></iq><presence from='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><status/><x xmlns='vcard-temp:x:update'><photo/></x><c hash='sha-1' ver='3ScHZH4hKmksks0e7RG8B4cjaT8=' node='http://swift.im' xmlns='http://jabber.org/protocol/caps'/></presence><iq id='c6facf37-8e9e-45cc-a86d-6e6b5a315911' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='pep' name='Prosody' category='pubsub'/><identity type='im' name='Prosody' category='server'/><feature var='urn:xmpp:blocking'/><feature var='urn:xmpp:ping'/><feature var='msgoffline'/><feature var='jabber:iq:version'/><feature var='vcard-temp'/><feature var='jabber:iq:roster'/><feature var='urn:xmpp:time'/><feature var='jabber:iq:time'/><feature var='jabber:iq:private'/><feature var='http://jabber.org/protocol/commands'/><feature var='jabber:iq:register'/><feature var='http://jabber.org/protocol/pubsub#publish'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/><feature var='jabber:iq:last'/><feature var='urn:xmpp:carbons:2'/><feature var='urn:xmpp:carbons:1'/><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>http://jabber.org/network/serverinfo</value></field><field type='list-multi' var='feedback-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='admin-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='abuse-addresses'><value>https://xmpp.is/contact/</value></field><field type='list-multi' var='support-addresses'><value>https://xmpp.is/contact/</value></field></x></query></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="97eefcfd-204b-4afd-9ea1-cc10962d892b" to="xmpp.is" type="get"><query node="http://jabber.org/protocol/commands" xmlns="http://jabber.org/protocol/disco#items"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="4ed568f6-7c8c-46fe-9068-4a2a81bdd393" type="get"><blocklist xmlns="urn:xmpp:blocking"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="f673e890-7643-46a0-b5f4-230c5b384c8b" type="set"><enable xmlns="urn:xmpp:carbons:2"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="d0b62e41-afa5-48e8-a0e7-143c9a328c35" to="xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#items"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="7" xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='97eefcfd-204b-4afd-9ea1-cc10962d892b' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query node='http://jabber.org/protocol/commands' xmlns='http://jabber.org/protocol/disco#items'><item jid='xmpp.is' name='Ping' node='ping'/><item jid='xmpp.is' name='Get uptime' node='uptime'/></query></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='4ed568f6-7c8c-46fe-9068-4a2a81bdd393' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'><blocklist xmlns='urn:xmpp:blocking'/></iq><iq id='f673e890-7643-46a0-b5f4-230c5b384c8b' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0'/><iq id='d0b62e41-afa5-48e8-a0e7-143c9a328c35' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='xmpp.is'><query xmlns='http://jabber.org/protocol/disco#items'><item jid='upload.xmpp.is'/><item jid='muc.xmpp.is' name='XMPP.is MUC'/></query></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="a3838d36-3d3b-4d8b-afda-e46b49ce0fdf" to="upload.xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- OUT 2018-09-15T16:19:40 -->
<iq id="76c58b53-545e-40ef-8832-0beb6a74a50e" to="muc.xmpp.is" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="11" xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='a3838d36-3d3b-4d8b-afda-e46b49ce0fdf' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='upload.xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='file' name='HTTP File Upload' category='store'/><feature var='urn:xmpp:http:upload:0'/><feature var='urn:xmpp:http:upload'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>urn:xmpp:http:upload:0</value></field><field type='text-single' var='max-file-size'><value>10000000</value></field></x><x type='result' xmlns='jabber:x:data'><field type='hidden' var='FORM_TYPE'><value>urn:xmpp:http:upload</value></field><field type='text-single' var='max-file-size'><value>10000000</value></field></x></query></iq>
<!-- IN 2018-09-15T16:19:40 -->
<iq id='76c58b53-545e-40ef-8832-0beb6a74a50e' type='result' to='snoo#xmpp.is/10ce5033-4f48-4f70-8f88-8c8f2e0525f0' from='muc.xmpp.is'><query xmlns='http://jabber.org/protocol/disco#info'><identity type='text' name='XMPP.is MUC' category='conference'/><feature var='http://jabber.org/protocol/muc'/><feature var='http://jabber.org/protocol/commands'/><feature var='http://jabber.org/protocol/disco#info'/><feature var='http://jabber.org/protocol/disco#items'/></query></iq>
<!-- IN 2018-09-15T16:19:40 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-15T16:19:40 -->
<a h="13" xmlns="urn:xmpp:sm:2"/>
My first attempt to emulate what swift is doing from the command line:
openssl s_client -starttls xmpp -connect xmpp.is:5222
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = xmpp.is
verify return:1
---
Certificate chain
0 s:/CN=xmpp.is
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHazCCBlOgAwIBAgISA8Vupt6pSMDO3eLJAR+p6kioMA0GCSqGSIb3DQEBCwUA
[DELETED MOST OF THE CERTIFICATE]
XTe7RnD/qWEeN3o0dj8yBJE+dDG74QBST5ihqjZoEA==
-----END CERTIFICATE-----
subject=/CN=xmpp.is
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Shared Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Peer signing digest: SHA512
Server Temp Key: ECDH, P-384, 384 bits
---
SSL handshake has read 4238 bytes and written 641 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
Session-ID-ctx:
Master-Key: C7BAD8006A9058DEB850C31C07AD8DC3F6ABF39740A9477BAC2F191C0AD5A35CA70C1ACE08AF3B5357FBC97F226402F3
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1537024886
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='18367b2a-2df5-4dd9-be5f-607c05d6760f' version='1.0' xmlns='jabber:client'><stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>SCRAM-SHA-1-PLUS</mechanism></mechanisms></stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/></stream:stream>closed
The stream closed after issuing the command:
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
with:
<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
I'm guessing it might be because I've already opened a TLS connection from the command line. So I thought I'd skip the first couple of commands and proceed straight to authentication. Here is the session for my new attempt:
openssl s_client -starttls xmpp -connect xmpp.is:5222
CONNECTED(00000003)
...
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="xmpp.is" version="1.0">
<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' from='xmpp.is' id='f57f8d05-6550-42ac-b458-775b8cb78319' version='1.0' xmlns='jabber:client'><stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>SCRAM-SHA-1-PLUS</mechanism></mechanisms></stream:features><auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="SCRAM-SHA-1-PLUS">cD10bHMtdW5pcXVlLCxuPXNub28scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM=</auth>
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTNhZGY4MTBmMy1hMWU4LTQxZGItOGM0OS01NDAxZWQxYTQ3NjQscz1NR1ZsTVRoaFpqTXRZakpsTkMwMFlqSmtMV0V6Tm1FdFlURmhaR1JoWWpsa1pEZ3csaT00MDk2</challenge><response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1jRDEwYkhNdGRXNXBjWFZsTEN3em1qc1FHRWtPeUduUjNNST0scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscD1VaFNTbmlEblM3S2I3Sm9OYUVraTRIWEJYK2M9</response>
<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><malformed-request/><text>Invalid channel binding value.</text></failure>
Now that looked a bit better because the server sent me the "challenge", but when I sent the response from the Swift app's session it issued:
Invalid channel binding value
I'm guessing that it is complaining because I used the challenge token from the Swift app's session instead of the info in the current command line session. So I'm wondering when I receive a challenge from the server like this one:
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscz1NR1ZsTVRoaFpqTXRZakpsTkMwMFlqSmtMV0V6Tm1FdFlURmhaR1JoWWpsa1pEZ3csaT00MDk2</challenge>
How do I formulate a response like this:
<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1jRDEwYkhNdGRXNXBjWFZsTEN3em1qc1FHRWtPeUduUjNNST0scj1kYjIxNzM5Mi0yZmJkLTQxMmMtYmM4Ny00Mzg2MWZjMzMxZTM1YzgxZDE1MC1iZmFhLTQwNjQtOWJhNi0wYWUwNzA3YzhmMDQscD1VaFNTbmlEblM3S2I3Sm9OYUVraTRIWEJYK2M9</response>
I'm guessing that I probably need to use the challenge token the server sent as the input into a signing process...
But, also if someone knows a simpler way to initiate a command line session with a different public XMPP server then I'd be happy to use that. Thanks...
UPDATE:
I've done the following:
Installed my own eJabberd server on my development machine
Changed the settings in the Swift client to
Secure Connection: Never
Allow Sending Password over Insecure Connection: true
The Swift logs for connecting to the server with these new settings:
<!-- OUT 2018-09-22T11:35:47 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="desktop-2neut2i" version="1.0">
<!-- IN 2018-09-22T11:35:47 -->
<?xml version='1.0'?><stream:stream id='5884973410867271599' version='1.0' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' from='desktop-2neut2i' xmlns='jabber:client'>
<!-- IN 2018-09-22T11:35:47 -->
<stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>DIGEST-MD5</mechanism><mechanism>X-OAUTH2</mechanism><mechanism>SCRAM-SHA-1</mechanism></mechanisms><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/><register xmlns='http://jabber.org/features/iq-register'/></stream:features>
<!-- OUT 2018-09-22T11:35:47 -->
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="SCRAM-SHA-1">biwsbj1iaWxibyxyPTE3NDNjNzJiLWE2MTMtNGNhMC1hZmE2LTU4M2RkMDFiMmFiNg==</auth>
<!-- IN 2018-09-22T11:35:47 -->
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj0xNzQzYzcyYi1hNjEzLTRjYTAtYWZhNi01ODNkZDAxYjJhYjY5UnlVQmYxd0FzUU9vQ0hMdWhDMWlBPT0scz1WeXBnZ1hpL1k3bmxBUkk5TzA5R1dnPT0saT00MDk2</challenge>
<!-- OUT 2018-09-22T11:35:47 -->
<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Yz1iaXdzLHI9MTc0M2M3MmItYTYxMy00Y2EwLWFmYTYtNTgzZGQwMWIyYWI2OVJ5VUJmMXdBc1FPb0NITHVoQzFpQT09LHA9YStFSU81a1gyeXd3L0pGYUFzR3I1aVpCMktrPQ==</response>
<!-- IN 2018-09-22T11:35:47 -->
<success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>dj1hMHJsY1ZVUHhabEdoTU5QOW9EbGoyZEJkcEk9</success>
<!-- OUT 2018-09-22T11:35:47 -->
<?xml version="1.0"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="desktop-2neut2i" version="1.0">
<!-- IN 2018-09-22T11:35:47 -->
<?xml version='1.0'?><stream:stream id='8501231819433449809' version='1.0' xml:lang='en' xmlns:stream='http://etherx.jabber.org/streams' from='desktop-2neut2i' xmlns='jabber:client'>
<!-- IN 2018-09-22T11:35:47 -->
<stream:features><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'/><session xmlns='urn:ietf:params:xml:ns:xmpp-session'><optional/></session><c ver='sg7ZnA5zzsPpRyrmVVRdsh4nhRU=' node='http://www.process-one.net/en/ejabberd/' hash='sha-1' xmlns='http://jabber.org/protocol/caps'/><sm xmlns='urn:xmpp:sm:2'/><sm xmlns='urn:xmpp:sm:3'/><csi xmlns='urn:xmpp:csi:0'/></stream:features>
<!-- OUT 2018-09-22T11:35:47 -->
<iq id="session-bind" type="set"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>125157816940461441277</resource></bind></iq>
<!-- IN 2018-09-22T11:35:48 -->
<iq type='result' id='session-bind'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><jid>bilbo#desktop-2neut2i/125157816940461441277</jid></bind></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<enable xmlns="urn:xmpp:sm:2"/>
<!-- IN 2018-09-22T11:35:48 -->
<enabled xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="session-start" type="set"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq>
<!-- IN 2018-09-22T11:35:48 -->
<iq xml:lang='en' to='bilbo#desktop-2neut2i/125157816940461441277' from='bilbo#desktop-2neut2i' type='result' id='session-start'/>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="eb7ec3d0-1aa5-448d-8dd9-8fa603905cb2" type="get"><vCard xmlns="vcard-temp"/></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="d2bca196-93e8-46f2-b36b-14bb2ebd8670" type="get"><query xmlns="jabber:iq:private"><storage xmlns="storage:bookmarks"/></query></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="6e5a62ef-3e7f-4eb3-9520-a10bb7206602" type="get"><query xmlns="jabber:iq:roster"/></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="257a9caf-53fa-4e34-9bb6-5b2310e20b82" to="desktop-2neut2i" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- OUT 2018-09-22T11:35:48 -->
<presence><status></status><x xmlns="vcard-temp:x:update"><photo></photo></x><c hash="sha-1" node="http://swift.im" ver="3ScHZH4hKmksks0e7RG8B4cjaT8=" xmlns="http://jabber.org/protocol/caps"/></presence>
<!-- OUT 2018-09-22T11:35:48 -->
<iq id="b1e68799-5ea4-47c1-98ea-7205927b3681" to="desktop-2neut2i" type="get"><query xmlns="http://jabber.org/protocol/disco#info"/></iq>
<!-- IN 2018-09-22T11:35:48 -->
<r xmlns='urn:xmpp:sm:2'/>
<!-- OUT 2018-09-22T11:35:48 -->
<a h="1" xmlns="urn:xmpp:sm:2"/>
So tried to login again, this time using:
telnet localhost 5222
I pasted the commands from the Swift session above. But I still arrive at the same dilemma, I do not know how to respond to the challenge issued by the server.
I can do some of the steps in the following post:
XMPP SASL SCRAM-SHA1 Authentication
Such as the base64 decoding and encoding using this tool:
https://www.base64decode.org/
I think I'm probably missing something basic. Now that I have my own server, I was hoping I could disable all the additional security mechanisms and login with a plain username and password. But I have not figured out how to do that. Any ideas on how to complete the login from telnet?
You are trying to use SCRAM-SHA-1-PLUS to authenticate and it is a calculated cryptographic exchange. Part of that exchange is the unique session key negotiated when opening the SSL connection. You will not be able to complete the authentication process using SCRAM on the command line you are better using PLAIN or using an existing library to code your own client.

ejabberd MucSub not working

I'm working on developing an XMPP Client communicating over an ejabberd community server (version 17.09) that we host ourselves.
I'm having trouble to implement the MucSub Feature (supported since version 16.08 as far as I know).
When I'm sending this XML command (described in the ejabberd documentation for subscribing to a chatroom):
<iq from='hag66#shakespeare.example'
to='coven#muc.shakespeare.example'
type='set'
id='E6E10350-76CF-40C6-B91B-1EA08C332FC7'>
<subscribe xmlns='urn:xmpp:mucsub:0'
nick='mynick'
password='roompassword'>
<event node='urn:xmpp:mucsub:nodes:messages' />
<event node='urn:xmpp:mucsub:nodes:affiliations' />
<event node='urn:xmpp:mucsub:nodes:subject' />
<event node='urn:xmpp:mucsub:nodes:config' />
</subscribe>
</iq>
(of course entering existing jid's for this server, allow_subscription set to true for this chatroom) I get the result:
<iq xml:lang='de'
to='hag66#shakespeare.example'
from='coven#muc.shakespeare.example'
type='error' id='E6E10350-76CF-40C6-B91B-1EA08C332FC7'>
<subscribe xmlns='urn:xmpp:mucsub:0' nick='mynick'>
<event node='urn:xmpp:mucsub:nodes:messages'/>
<event node='urn:xmpp:mucsub:nodes:affiliations'/>
<event node='urn:xmpp:mucsub:nodes:subject'/>
<event node='urn:xmpp:mucsub:nodes:config'/>
</subscribe>
<error code='503' type='cancel'>
<service-unavailable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<text xml:lang='de' xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>No module is handling this query</text>
</error>
</iq>
When I alter the query to:
<iq from='hag66#shakespeare.example'
to='coven#muc.shakespeare.example'
type='set'
id='E6E10350-76CF-40C6-B91B-1EA08C332FC7'>
<subscribe xmlns='urn:xmpp:mucsub:0'
nick='mynick'
password='roompassword'>
<event xmlns="http://jabber.org/protocol/pubsub#event" node="urn:xmpp:mucsub:nodes:messages" />
<event xmlns="http://jabber.org/protocol/pubsub#event" node="urn:xmpp:mucsub:nodes:affiliations' />
<event xmlns="http://jabber.org/protocol/pubsub#event" node="urn:xmpp:mucsub:nodes:subject' />
<event xmlns="http://jabber.org/protocol/pubsub#event" node="urn:xmpp:mucsub:nodes:config' />
</subscribe>
</iq>
I get the result:
<iq xmlns="jabber:client"
to="hag66#shakespeare.example"
xml:lang="en"
type="result"
from="coven#muc.shakespeare.example"
id="agsXMPP_8">
<subscribe xmlns="urn:xmpp:mucsub:0" nick="mynick" />
</iq>
which I interpret as the query being successfull. Also when I query the Chatrooms this user is subscribed to the chatroom is listed.
My Problem now is: no matter which of this methods I use, the user does not get notifications for messages in that chat if he is not present in exactly this chatroom.
Now the strangest thing is: if I get DiscoInfo from the server the MucSub Feature (urn:xmpp:mucsub:0) is not listed, which I don't understand as the Feature is supported by the server version I'm using and according to the documentation is enabled by default and can't even be disabled.
Has anyone experienced the same issue and/or knows how to resolve it?
Thanks in advance for your help
So finally we found the issue:
instead of sending the request to "coven#muc.shakespeare.example" we were sending it to "coven#shakespeare.example" which didn't work and was forgotten to change in the questions text

ejabberd MUC client unable to get configuration form after creating room

I was trying to create a MUC room from my XMPP client side communicating with Ejabberd.
Here's my Ejabberd muc config:
mod_muc:
## host: "conference.#HOST#"
access: muc
access_create: muc_create
access_persistent: mud_create
access_admin: muc_admin
db_type: odbc
max_user_conferences: 100
default_room_options:
mam: true
public: false
public_list: false
allow_change_subj: false
allow_user_invites: false
members_only: false
members_by_default: false
anonymous: false
allow_private_messages: true
persistent: true
Here's the features I got from the client side on muc:
<iq xmlns='jabber:client' from='conference.my.domain.com' to='my_id#my.domain.com/null' id='iqid1:sendIQ' type='result'>
<query xmlns='http://jabber.org/protocol/disco#info'>
<identity category='conference' type='text' name='Chatrooms'/>
<feature var='http://jabber.org/protocol/disco#info'/>
<feature var='http://jabber.org/protocol/disco#items'/>
<feature var='http://jabber.org/protocol/muc'/>
<feature var='http://jabber.org/protocol/muc#unique'/>
<feature var='jabber:iq:register'/>
<feature var='http://jabber.org/protocol/rsm'/>
<feature var='vcard-temp'/>
<feature var='urn:xmpp:mam:tmp'/>
<feature var='urn:xmpp:mam:0'/>
<feature var='urn:xmpp:mam:1'/>
<x xmlns='jabber:x:data' type='result'>
<field var='FORM_TYPE' type='hidden'>
<value>http://jabber.org/network/serverinfo</value>
</field>
</x>
</query>
</iq>
When I tried to create a MUC room from my client side with:
<presence from='my_id#my.domain.com/null' to='new_room_id#conference.my.domain.com/my_nickname' xmlns='jabber:client'>
<x xmlns='http://jabber.org/protocol/muc'/>
</presence>
I got a new room created response:
<presence xmlns='jabber:client' from='new_room_id#conference.my.domain.com/my_nickname' to='my_id#my.domain.com/null'>
<x xmlns='http://jabber.org/protocol/muc#user'>
<item jid='my_id#my.domain.com/null' affiliation='owner' role='moderator'/>
<status code='110'/>
<status code='100'/>
<status code='201'/>
</x>
</presence>
When I tried to get the configuration form to set up room fields with:
<iq from='my_id#my.domain.com/null' to='new_room_id#conference.my.domain.com/my_nickname' type='get' xmlns='jabber:client' id='iqid2:sendIQ'>
<query xmlns='http://jabber.org/protocol/muc#owner'/>
</iq>
I got the answer from Ejabberd server:
<iq xmlns='jabber:client' from='new_room_id#conference.my.domain.com/my_nickname' to='my_id#my.domain.com/null' id='iqid2:sendIQ' type='get'>
<query xmlns='http://jabber.org/protocol/muc#owner'/>
</iq>
So here are my questions:
Why does Ejabberd server response to my queries with the same type, but not with something like type='result' or type='error'? I've tried other queries with type='set', the same thing happened.
Why aren't there something like : <feature var='http://jabber.org/protocol/muc#owner'/> or <feature var='http://jabber.org/protocol/muc#admin'/> in the features on muc service?
It seems possible to create v-card for rooms, how does it work? Does it require some additionnal configurations on the server side?
Actually, you are not sending the packet to the room but to user nickname: 'new_room_id#conference.my.domain.com/my_nickname'. Thus, the packet you send is routed back to you. Remove "/my_nickname" and you will be able to talk to the room itself and get your configuration form.
As Mickaƫl points out, you're just sending the <iq/> to your own occupant address, so ejabberd is passing it back to you.
For your other questions:
Interesting - I tried it out and read the Service Discovery XEP, and I think it's basically considered redundant. The #owner, #admin and #user namespaces are components of MUC, so you should assume their support just from http://jabber.org/protocol/muc. As you can see in XEP-0030, the reference example does not include them either: http://xmpp.org/extensions/xep-0030.html#example-2
I don't think vcard-temp means you can set anything - you can only request the MUC server's vCard, which returned
<vCard xmlns='vcard-temp'>
<FN>ejabberd/mod_muc</FN>
<URL>http://www.process-one.net/en/ejabberd/</URL>
<DESC>
ejabberd MUC module
Copyright (c) 2003-2011 ProcessOne
</DESC>
</vCard>
when I tried it.

Setting up XMPP Publish-Subscribe nodes: item-forbidden error posting items to the node

I'm trying to set up an XMPP Publish-Subscribe node and to configure it such that when new items are posted to the node, the payload gets automatically delivered to all the subscribers.
For this I am setting the "pubsub#deliver_payloads" configuration option to true, but when posting items to the node, I get an error. Here are the details of what I'm doing:
First I create the node:
<body rid='614709033' xmlns='http://jabber.org/protocol/httpbind' sid='515c16e0'>
<iq to='pubsub.myserver' type='set' xmlns='jabber:client' id='2:sendIQ'>
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
<create node='mynode'/>
</pubsub>
</iq>
</body>
The server replies saying that it's ok:
<body xmlns='http://jabber.org/protocol/httpbind'>
<iq xmlns="jabber:client" type="result" id="2:sendIQ" from="pubsub.myserver" to="user#myserver/515c16e0"/>
</body>
Then I configure the node setting the "pubsub#deliver_payloads" option to "true", in this way:
<body rid='614709036' xmlns='http://jabber.org/protocol/httpbind' sid='515c16e0'>
<iq from='user#myserver' to='pubsub.myserver' type='set' xmlns='jabber:client' id='4:sendIQ'>
<pubsub xmlns='http://jabber.org/protocol/pubsub#owner'>
<configure node='mynode'>
<x xmlns='jabber:x:data' type='submit'>
<field var='pubsub#deliver_payloads'>
<value>true</value>
</field>
</x>
</configure>
</pubsub>
</iq>
</body>
The server replies successfully:
<body xmlns='http://jabber.org/protocol/httpbind'>
<iq xmlns="jabber:client" type="result" id="4:sendIQ" from="pubsub.myserver" to="user#myserver/515c16e0"/>
</body>
But when I try to post some data onto that node, like this:
<body rid='614709038' xmlns='http://jabber.org/protocol/httpbind' sid='515c16e0'>
<iq type='set' to='pubsub.myserver' xmlns='jabber:client' id='5:sendIQ'>
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
<publish node='mynode'>
<item id='test'>
<geoloc xmlns='http://jabber.org/protocol/geoloc' xml:lang='en'>
<lat>0.55</lat>
<lon>1.66</lon>
<timestamp>2014-04-02T15:14:58.783Z</timestamp>
</geoloc>
</item>
</publish>
</pubsub>
</iq>
</body>
The server replies with this error:
<body xmlns='http://jabber.org/protocol/httpbind'>
<iq xmlns="jabber:client" type="error" id="5:sendIQ" from="pubsub.myserver" to="user#myserver/515c16e0">
<pubsub xmlns="http://jabber.org/protocol/pubsub">
<publish node="mynode">
<item id="test">
<geoloc xmlns="http://jabber.org/protocol/geoloc" xml:lang="en">
<lat>0.55</lat>
<lon>1.66</lon>
<timestamp>2014-04-02T15:14:58.783Z</timestamp>
</geoloc>
</item>
</publish>
</pubsub>
<error code="400" type="modify">
<bad-request xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
<item-forbidden xmlns="http://jabber.org/protocol/pubsub#errors"/>
</error>
</iq>
</body>
I'm using Openfire 3.9.1 as a server, while on the client side I'm using javascript and the Strophe library.
Can anyone explain me why I get this error?
I tried to use different configurations on the node, and when I omit the "pubsub#deliver_payloads" option I get no errors while posting items to the node...
All error conditions are explained in XEP-0060: Publish-Subscribe. You can find the item-forbidden error message at 7.1.3.6 Request Does Not Match Configuration, where it reads:
If the event type is notification + transient and the publisher
provides an item, the service MUST bounce the publication request with
a error and a pubsub-specific error condition of
.
Ok, I see, having only the option "pubsub#deliver_payloads" in the configuration the node is considered a "transient node" (no items allowed).
However, if I change the configuration to make the node "persistent" (i.e. adding the "pubsub#persist_items" and setting it to true), the server should not complain, according to 4.3 Event Types of the XEP-0060, Table 4.
But with this configuration:
<iq from='user#myserver' to='pubsub.myserver' type='set' xmlns='jabber:client' id='5:sendIQ'>
<pubsub xmlns='http://jabber.org/protocol/pubsub#owner'>
<configure node='mynode'>
<x xmlns='jabber:x:data' type='submit'>
<field var='pubsub#persist_items'>
<value>true</value>
</field>
<field var='pubsub#deliver_payloads'>
<value>true</value>
</field>
</x>
</configure>
</pubsub>
</iq>
if I try to post an item to the node I still get the same error:
<iq xmlns="jabber:client" type="error" id="13:sendIQ" from="pubsub.myserver" to="user#myserver/2b35c426">
<pubsub xmlns="http://jabber.org/protocol/pubsub">
<publish node="mynode">
<item id="test">
<geoloc xmlns="http://jabber.org/protocol/geoloc" xml:lang="en">
<lat>0.55</lat>
<lon>1.66</lon>
<timestamp>2014-04-03T08:50:48.682Z</timestamp>
</geoloc>
</item>
</publish>
</pubsub>
<error code="400" type="modify">
<bad-request xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
<item-forbidden xmlns="http://jabber.org/protocol/pubsub#errors"/>
</error>
</iq>
I solved the problem by simply chenging the value in the configuration from "true" to "1". Actually while reading the XEP-0060 specifications, both "true" - "false" and "1" - "0" values are used in configuration examples. However, in the form that the Openfire server sends me when I ask to configure the node, only "1" - "0" values are used.
With the following configuration all works fine:
<iq from='user#myserver' to='pubsub.myserver' type='set' xmlns='jabber:client' id='5:sendIQ'>
<pubsub xmlns='http://jabber.org/protocol/pubsub#owner'>
<configure node='mynode'>
<x xmlns='jabber:x:data' type='submit'>
<field var='pubsub#persist_items'>
<value>1</value>
</field>
<field var='pubsub#deliver_payloads'>
<value>1</value>
</field>
</x>
</configure>
</pubsub>
</iq>

XMPP Openfire server keeps on sending user avatar graphics though not requested

We create an app that uses XMPP protocol. Initially we started development and used some XMPP server for debug. That was Ok, and we managed to prevent redundant avatar loading by storing graphic files locally and checking the file hash while receiving user Presence update.
But now we switched to new Openfilre server and it keeps sending us all available user avatars not only when we request VCard but also using some message immediately after our user logs in:
<message id="ca82demo01#fffchat__jason#fffchat__jBUhd" to="jason#fffhat/FFFChat" from="ca82demo01#fffchat">
<event xmlns="http://jabber.org/protocol/pubsub#event">
<items node="urn:xmpp:avatar:data">
<item id="66d0dee0216e5466fe17403f1da16aa39d4e1698">
<data xmlns="urn:xmpp:avatar:data">... SOME BIG CHUNK OF DATA ...</data>
</item>
</items>
</event>
<delay xmlns="urn:xmpp:delay" stamp="2012-03-16T00:00:32.298Z"/>
<addresses xmlns="http://jabber.org/protocol/address">
<address jid="ca82demo01#fffchat/53bf00a8" type="replyto"/>
</addresses>
</message>
It keeps me wonder what exact outgoing message requests it from Openfire? Or is it just Openfire server configured to always send us all the avatar graphics for entire roster?
How can this be resolved so we won't have this redundant traffic?
Just in case, these are outgoing messages:
<stream:stream to="fffchat.openfire.local" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<?xml version="1.0"?>
<stream:stream to="fffchat.openfire.local" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">
<auth mechanism="DIGEST-MD5" xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>
<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">dXNlcm5hbWU9Imphc29uIixyZWFsbT0icHBpY2hhdCIsbm9uY2U9ImVhcGVpTlNFZ3NOZzRXRFlsVC9zd1cyLzVWbzMzQWlsYzRvZWFRRFIiLGNub25jZT0iMDBERUFEQkVF
<auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">AGphc29uAGFiYzEyMw==</auth>
<?xml version="1.0"?>
<stream:stream to="fffchat.openfire.local" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">
<iq id="_xmpp_bind1" type="set"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>PPIChat</resource></bind></iq>
<iq id="_xmpp_session1" type="set"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq>
<iq id="roster1" type="get"><query xmlns="jabber:iq:roster"/></iq>
<presence><show>chat</show><status>online</status><x xmlns="vcard-temp:x:update"><photo>16286eb46a54fb48d70dc4fbd548bcd16f78cd34</photo></x></presence>
<iq type="get"><query xmlns="jabber:iq:private"><ppidata xmlns="ppi:userdata:favorites"/></query></iq>
It looks like you were trying to use XEP-0084, messed it up, then switched to XEP-0153. You likely explicitly subscribed to changes to one or more peoples' avatars on your test account, rather than implementing XEP-0163 correctly, which can be quite confusing at first. Easiest fix is to just use a different account. If you want to clean it up, send XEP-0060 unsubscribe protocol in response to each publish that you get:
<iq type='set'
from='jason#fffhat/FFFChat'
to='ca82demo01#fffchat'
id='unsub1'>
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
<unsubscribe
node='urn:xmpp:avatar:data'
jid='jason#fffhat'/>
</pubsub>
</iq>