[Psi-Devel] Psi and MUC problem

[Peter Saint-Andre]

Grégoire Menuel wrote:
> Hi folks !
> Today I've encountered a relatively severe bug using psi and a MUC room 
> (specifically mu-conference, but I've tested with ejabberd's mod_muc and the 
> same problem occurs).
> 
> This bug allow anyone to kick every psi user of a room (tested with psi-0.11 
> and psi-svn from yesterday). The principe is simple, just send a buggy 
> encrypted message to a MUC room and every psi user will just happen to leave 
> the room. The problem is that Psi sends an error when it can't decode an 
> encrypted message (not-acceptable), and the MUC kick a user when it receives 
> an error message from this user.
> 
> I'm not sure if the problem is on the Psi side (the XEP-0027 doesn't say to 
> send an error back when the client can't decrypt a message), or on the MUC 
> implementations side (the XEP-0045 says "A MUC service SHOULD remove a user 
> if the service receives a delivery-related error in relation to a stanza it 
> has previously sent to the user (remote server unreachable, user not found, 
> etc.).", but does an not-acceptable error can be considered as a 
> delivery-related error ?).

IIRC this was fixed in ejabberd, not sure about other implementations. I 
agree that the phrase "delivery-related error" is a bit unclear -- this 
is intended to refer to the following errors:

gone
item-not-found
recipient-unavailable
redirect
remote-server-not-found
remote-server-timeout

(Perhaps also jid-malformed and service-unavailable, but those are open 
to debate because service-unavailable is used as a catch-all.)

I'll clarify that in the spec.

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.affinix.com/pipermail/psi-devel-affinix.com/attachments/20080801/1055ecd0/attachment.bin>