#834 mod_auth_external is unstable

Reporter Satoshi
Owner Nobody
Stars ★ (1)
  • Type-Defect
  • Status-New
  • Priority-Medium
  • Component-Community
  1. Satoshi on

    What steps will reproduce the problem? 1. enable mod_auth_external 2. have many people connect at same time 3. have them experience auth failures What is the expected output? What do you see instead? User gets "invalid login or password" sometimes. What version of the product are you using? On what operating system? trunk-743, also tried 0.10-343 NixOS Please provide any additional information below. Script logs that password is okay. Maybe that is because auth_external expects to get answer in one call to lpty:read while it may receive several consecutive writes and also several answers in one return. Or I just have buggy script. With ejabberd it worked, I first tried to use it in ejabberd mode but it worked bad then rewrote it to use native protocol. Of course I flush after each write.

  2. kousu on

    I wonder if this is related to https://prosody.im/issues/855. I saw similar behaviour on my setup with just a few people. The way I read #855, every time your auth script crashes you're going to get at least one auth error, which will clear up the next attempt, because mod_auth_external is misreading its own output as input, because lpty is mis-echoing the first input back to it.

  3. Zash on

    • tags Component-Community
  4. Zash on

    Tagging issue as affecting a community module, not officially supported by the Prosody team.

    • tags
  5. Chris on

    Even worse: Sometimes wrong passwords are accepted.

New comment

Not published. Used for spam prevention and optional update notifications.