Bug #3920
stuck in "Signing in" after DNS SRV lookup failure
| Status: | New | Start date: | 10/22/2014 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | v15 - AWESOME APP | |||
| Component: |
Description
hello
ChatSecure 14.0.4 gets stuck in a "Signing in" state forever on a Nexus 7 2012 Wifi (running CyanogenMod version 11-20140916-SNAPSHOT-M10-grouper).
Assume that my XMPP account is abcdef@pook.it. I have an SRV entry for pook.it:
_xmpp-client._tcp.pook.it. 1800 IN SRV 0 5 5222 mail2.pook.it.
When ChatSecure is stuck in the "Signing in" state and I connect my Nexus 7 to an access point that I control I see the standard DNS lookups that Android makes when it connects, the DNS lookups for my email connection and pook.it (213.186.33.87). I do not see any DNS lookups for _xmpp-client._tcp.pook.it. Why is my Nexus 7 doing a DNS lookup for pook.it? Please see the attached file of "dnsmasq --log-queries" output.
Then tcpdump -i wlan0 -q "port xmpp-client or port xmpp-server" shows a continuous stream of connections to cluster014.ovh.net. cluster014.ovh.net is the fqdn of the IP address of pook.it (213.186.33.87). This is wrong. ChatSecure should never connect to cluster014.ovh.net. cluster014.ovh.net is not under my control and I don't know what is listening on cluster014.ovh.net:5222. Please see the attached tcpdump.
What I think is happening is that at some point the DNS/SRV lookup of _xmpp-client._tcp.pook.it is failing and then ChatSecure gets stuck trying to connect to pook.it.
I think that ChatSecure should reattempt the DNS/SRV lookup after every failed connection attempt unless it has had a recent successful DNS/SRV lookup. A failed connection might be caused by connecting to the wrong address after a temporary DNS/SRV lookup failure. Or perhaps ChatSecure should not attempt to connect until the DNS/SRV lookup has succeeded or indicated that there isn't a DNS/SRV entry. Until this lookup has worked ChatSecure does not know what IP address it should connect to.
Even after switching the Wifi off and on again I do not see a DNS lookup of _xmpp-client._tcp.pook.it. I do however see a DNS lookup of pook.it. Failed DNS/SVR lookups should not be cached.
I guess that I was sending my login credentials to cluster014.ovh.net and that this is a security risk. I should now change my password.
info.guardianproject.otr.app.im.plugin.xmpp.initConnection is complicated so I might have misunderstood the problem.
It would be useful if the "Signing in" message indicated what IP address ChatSecure is trying to connect to. In my case it could say "Signing in to _xmpp-client._tcp.pook.it", then "Signing in to mail2.pook.it" and then "Signing in to 88.171.134.228". When the SRV DNS lookup failed I would have seen "Signing in to _xmpp-client._tcp.pook.it", then "Signing in to pook.it" and then "Signing in to 213.186.33.87" and would have understood the problem much quicker.
thanks for ChatSecure
Stuart
tcpdump.txt 
- tcpdump of xmpp traffic from my Nexus 7
(6.36 KB)
dnsmasq.txt
- DNS lookups from my Nexus 7
(5.33 KB)
History
#1 Updated by n8fr8 over 2 years ago
- Target version set to v15 - AWESOME APP