jackalctl will create invalid users
SamWhited opened this issue · 3 comments
- Version: jackal version: v0.61.0
- Platform:
Linux 5.18.16-arch1-1 #1 SMP PREEMPT_DYNAMIC Wed, 03 Aug 2022 11:25:04 +0000 x86_64 GNU/Linux - Subsystem: auth
No authentication using any SCRAM mechanism is ever successful for me. I have tried going back in the history (as far as v0.58.0) and haven't found a working commit. The issue appears to be that FetchUser passes in the username from the SCRAM properties. Ie. if we're authenticating with the JID me@example.net it will pass in me for the username, but in the database the user is me@example.net. If I instead do FetchUser(username+"@example.net") everything works fine.
EDIT: looking at this again, maybe this is correct and when I create the user using jackalctl it accepts me@example.net and thinks it's the username? I don't see how any user would be associated with a virtual host in that case though. I'm unsure if this is a bug in jackalctl allowing invalid user input or Jackal using the incorrect username.
👋
I'm unsure if this is a bug in jackalctl allowing invalid user input or Jackal using the incorrect username.
That's the key.
The jackalctl command only expects username value as input, without domain. So for the above exposed example would look like this:
jackalctl user add me:somesecretpasswordDefinitely this is some kind of bug.
If I have multiple domains, how would I choose what domain the user exists for in this case?
Sounds like users exist for every single vhost. Nothing wrong with this I guess, but it's very unexpected.