<div dir="ltr">On Thu, Sep 18, 2008 at 2:15 PM, Eric Will <span dir="ltr"><<a href="mailto:rakaur@malkier.net">rakaur@malkier.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; "> <div class="Ih2E3d">Here it is, starting with the opening <stream> after successful TLS:<br></div></blockquote><div><br></div>and decoded for the base64decoder'less people: (I use `fold -w 79 | openssl base64 -d`)<div> <br></div><div>challenge : realm=<a href="http://malkier.net">malkier.net</a>,nonce="134fea83d50a222b49a08c4427c75802",qop="auth",charset=utf-8,algorithm=md5-sess</div><div><span class="Apple-style-span" style="border-collapse: collapse; ">response : </span><span class="Apple-style-span" style="border-collapse: collapse;">username="rakaur",realm="<a href="http://malkier.net">malkier.net</a>",nonce="134fea83d50a222b49a08c4427c75802",cnonce="8wOz7xs1xNIHJJGVY7gTrSaOdCgXAwZP/kI1jSRrQss=",nc=00000001,digest-uri="xmpp/<a href="http://malkier.net">malkier.net</a>",qop=auth,response=e92dad582393b1f8b0165e6d20b827ee,charset=utf-8</span></div> <div><span class="Apple-style-span" style="border-collapse: collapse;">failure</span></div><div><span class="Apple-style-span" style="border-collapse: collapse;"><br></span></div><div><span class="Apple-style-span" style="border-collapse: collapse;">and:</span></div> <div><span class="Apple-style-span" style="border-collapse: collapse;"><br></span></div><div><span class="Apple-style-span" style="border-collapse: collapse;">challenge : realm=<a href="http://malkier.net">malkier.net</a>,nonce="2062054399a6396d31196a8d0530e800",qop="auth",charset=utf-8,algorithm=md5-sess</span></div> <div><span class="Apple-style-span" style="border-collapse: collapse;">response : charset=utf-8,username="rakaur",realm="<a href="http://malkier.net">malkier.net</a>",nonce="2062054399a6396d31196a8d0530e800",nc=00000001,cnonce="8b17fd4ba66b1ef220ac5be13521f5451386520a09df2799b",digest-uri="xmpp/<a href="http://malkier.net">malkier.net</a>",response=2d8c70364862e055fcce759aec9aaa92,qop=auth<br> </span><span class="Apple-style-span" style="border-collapse: collapse; ">challenge : </span>rspauth=310f6eb7f7d99306c5252201119529bc</div><div>response : none</div><div>success</div><div><br></div><div>So I can only assume the response values are incorrect, because the other values are identical.  Does your password has any non-ascii characters that might be being encoded as utf-8 correctly?  Can you force the server to generate the same nonce for both clients?  (It would require hacking at the DIGEST-MD5 code, but it would help validate that the response is being generated correctly.</div> <div><br></div><div>Cheers</div><div><br></div><div>Norman</div><div><br>-- <br>- Norman Rasmussen<br> - Email: <a href="mailto:norman@rasmussen.co.za">norman@rasmussen.co.za</a><br> - Home page: <a href="http://norman.rasmussen.co.za/">http://norman.rasmussen.co.za/</a><br> </div></div>