OTR response messages get send to wrong address during initialization.
I'm developing a bot using twisted's XMPP and the related OTR libraries. This used to work. Lately it's been getting more issues and I'm looking into in more detail and observing the following behaviour:
The below was captured from pidgin when clicking the "start private conversation" option in a private chat with the bot. As you can see, my bot has the "firstname.lastname@example.org/dev" handle in the XMPP server, while i have email@example.com/2a8b51e1-edd8-4428-8af2-a63803fc0c9b .
- The first message is received by my bot and processed (starting the OTR dance)
- The bot sends the response this is received by Pidgin
- Pidgin sends a response as expected. But it sends the message to the wrong address! Or rather, the address without the resource extension. Meaning that this message is not delivered to my bot by the XMPP server and the OTR the connection fails to be established.
Using Pidgin XMPP Console and correcting the "to" attribute and re-sending the same message again, the connection is successfully established. And once established, I can send messages to the bot and receive answers without issues. So, the problem seems in the OTR initialization phase.
Using OTR with human-users (also using pidgin or otherwise) doesn't seem to generate this issue. I suspect that, since my bot doesn't register it's presence with server's roster (it doesn't show up in the list of users of the server) instead it is only visible as a member of a groupchat. Reviewing of the messages send by OTR connections initiated from the userlist of the account, at one point there it fails to send the message to the user@server/resource, sending it to "user@server" instead. but the message is forwarded to the user's client by the server anyway, allowing it to response and compete the OTR connection.
The following sample of the issue was captured with Pidgin 2.10.12 with OTR plug-in 4.0.2 in a Mint Linux distro talking to the bot:
<message type='chat' id='purple81281d26' firstname.lastname@example.org/dev'> <active xmlns='http://jabber.org/protocol/chatstates'/> <body>?OTRv23? email@example.com/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that. See https://otr.cypherpunks.ca/ for more information.</body> <html xmlns='http://jabber.org/protocol/xhtml-im'> <body xmlns='http://www.w3.org/1999/xhtml'> <p>?OTRv23? <span style='font-weight: bold;'>firstname.lastname@example.org/</span> has requested an <a href='https://otr.cypherpunks.ca/'>Off-the-Record private conversation</a> . However, you do not have a plugin to support that. See <a href='https://otr.cypherpunks.ca/'>https://otr.cypherpunks.ca/</a> for more information.</p> </body> </html> </message>
<message type='chat' email@example.com/2a8b51e1-edd8-4428-8af2-a63803fc0c9b' firstname.lastname@example.org/dev'> <body>?OTR:AAMCS9n61gAAAAAAAADEYnjM2iS6P3CXBz7SegINWJNKQtInF21r2z3+9RbW2rlravqp0VraRYoMoshuvqNLJSxm1TQqJ3G0WqVjN5LARK8y0caHptem+r0qU6dUxKMjM1TmSwN4s4CI1yETur/9lKC2sQWhDY4oJ3n86+KRNaZsxubvDqChVhstuCcqYRu0o+YeY3FXYnX4MpPSKhFVfl2QQ+E7xY0Jum2vxIVSlED4ND31KKG+yW+C7eUj0iQ0DE6iGOY2ECd8Bn2n/SwXsWsTBAAAACDUm6uWqQIwh/NDycCzIhcB+oCNO/NzA4+QlsZ/VyI4YA==.</body> </message>
<message type='chat' id='purple81281d27' email@example.com'> <active xmlns='http://jabber.org/protocol/chatstates'/> <body>?OTR:AAMKgn3w1kvZ+tYAAADA8gjn4cMZWewlE+VSKu3g6Vuom3ZnynGhr4SMdop48aE0jbtaXZsiYP+B8LHbTrABGr1y/Ms8laBRj6jiqsCOZGAL+/S+tJH7LAma42ZwQRteg4fAdaRdN5vgWb6ri123KabQ5wBzbqZzzybDdRIOLdXzjn/DE/HBtFJVwksIGcUhFXAw/be+7AkCtexaERbJqMErNcAoMiTUSsai4Ug7Yg0jCGWnHDHJnBhONPi3GeQz2HgGzhfsaZfz18F+ViRV.</body> </message>
The above message never arrives at the bot client.