[Wocky] Adium and GSSAPI

Greg Hudson ghudson at MIT.EDU
Mon Dec 31 11:01:45 EST 2007


On Mon, 2007-12-31 at 05:56 -0500, Ken Raeburn wrote:
> I'm also not 100% sure whether xmpp/mit.edu (based on the user- 
> supplied account name) or xmpp/jabber.mit.edu (based on the name of  
> the server actually in use, which is looked up insecurely in DNS SRV  
> records) is the correct name to use.  It looks like Athena's gaim  
> uses the latter; is that what the spec says?

Believe yes.  That's certainly what jabber.mit.edu has a keytab for, and
Spark does it that way as well as Pidgin.  In fact, I'm a little puzzled
that Adium differs from Pidgin on this front, since they both use
libpurple.  Could be a version skew issue, since I know Pidgin had this
bug for a littlw while; I will try to find time to peer into their svn
repository and see.

If you're not in a position to build Adium from source, you will
probably run into another bug, this time in Openfire, until our server
is upgraded to 3.4.2.  This bug is that if the client doesn't specify an
"authz name", the server will reject with an authorization failure.  The
server upgrade is expected to happen soon.

You can test against wocky.mit.edu; it won't have the domain name
mismatch issue (since the XMPP domain matches the hostname for our test
server) and it's running 3.4.2 so it won't have the authz name bug.





More information about the Wocky mailing list