matrix2051 icon indicating copy to clipboard operation
matrix2051 copied to clipboard

Published 20 hours ago verified publisher icon progval

SASL authentication timed out but reported as succeeded

Open toonn opened this issue 7 months ago • 8 comments

Following the instructions in the README, I've added the network and server with SASL credentials. When connecting the authentication seems to time out, then matrix2051 states authentication succeeded and then Irssi reports the connection was lost.

There is one log message, JOIN Unknown command (you are not registered), that seems suspect but the README doesn't mention anything about registering with matrix2051 and I am registered on Matrix.org.

Below is the full log of a connection attempt:

11:23 [matrix2051] Waiting for CAP LS response...
11:23 [matrix2051] -!- Irssi: Connection to localhost established
11:23 [matrix2051] -!- Capabilities requested: sasl extended-join server-time
11:23 [matrix2051] -!- Capabilities supported: account-tag batch
          draft/account-registration=before-connect draft/channel-rename
          draft/chathistory draft/message-redaction
          draft/multiline=max-bytes=8192 draft/no-implicit-names draft/sasl-ir
          echo-message extended-join labeled-response message-tags sasl=PLAIN
          server-time soju.im/account-required standard-replies
          userhost-in-names
11:23 [matrix2051] -!- JOIN Unknown command (you are not registered)
11:23 [matrix2051] -!- Capabilities acknowledged: sasl extended-join server-time
11:24 [matrix2051] -!- Cannot authenticate via SASL (The authentication timed
          out)
11:24 [matrix2051] -!- SASL authentication succeeded
11:24 [matrix2051] -!- Irssi: Connection lost to localhost

toonn avatar Apr 09 '25 09:04 toonn

The JOIN error is fine, it's because irssi always sends that command early even though it's invalid.

The timeout is because matrix.org is extremely slow this week.

progval avatar Apr 09 '25 11:04 progval

I guess that reduces this issue to the false report that authentication succeeded?

11:24 [matrix2051] -!- SASL authentication succeeded

Is there no way to configure the timeout? I've looked in Irssi's documentation and the only related settings seems to be server_connect_timeout but that's set to 5 minutes and the SASL authentication fails within a minute.

toonn avatar Apr 09 '25 17:04 toonn

96b573c11e0776af9b7714296a668162244244a5 should do it

progval avatar Apr 09 '25 18:04 progval

Connection works now. Weird thing is it was near instant this time so maybe it would've worked with the one minute timeout too.

All I need now is to configure rooms without canonical aliases to open in their own windows I suppose. Having them in the status window is sub-optimal : ) And figure out a way to deal with DMs I suppose. Would putting Pantalaimon in between M51 and Matrix.org make encrypted DMs usable?

Should we keep this issue open and rename to focus on reporting authentication success on timeout?

toonn avatar Apr 09 '25 19:04 toonn

Back on matrix2051 and I am facing this issue with halloy. I am using the latest commit. Here is my config if interested:

[servers.matrix]
server = "192.168.0.17"
port = 2051
use_tls = false

[servers.matrix.sasl.plain]
username = "username:homeserver.org"
password = "mypassword"

Errors from halloy:

Invalid number of parameters
Unknown command (you are not registered)

proJM-Coding avatar Oct 01 '25 09:10 proJM-Coding

Could you dump the network traffic between Halloy and M51? Make sure to redact base64 blobs of AUTHENTICATE commands because they contain your password.

progval avatar Oct 01 '25 09:10 progval

I can't replicate: Unknown command (you are not registered) anymore. Could have just been network issues at the time? Still facing this issue: Invalid number of parameters

Edit: All my devices are borked in one way or another...

proJM-Coding avatar Oct 03 '25 09:10 proJM-Coding

Please open a new issue and include the dump.

progval avatar Oct 03 '25 09:10 progval