Password decryption failing

is this the reason for this error message:

"Wrong combination Username / Password. Please re-login to the site for synchronization" ???

Most likely a wrong username or password, for every update to that table there is an encrypt for the password.

For every time the password is needed there is a decrypt. Unless you have other alterations to the module this should not be failing at all

I had no alterations, but I will check agaisnt the most recent revision. It took me a week to figure out that it was in fact the code and not my environment. Passwords were properly encrypted, but never descrypted like they should have been. I could see this by using Firebug and watching the password that was being submitted. In all cases of failure I saw that the password being sent to the server was not the user's password, but instead the "encrypted" version. I will check the latest release as soon as I can.

Are you guys getting this issue resolved any soon, I think I'm affected as well as result XWChat can't connect because of this error: Wrong combination Username / Password (While the xmpp rooster works finely). Please re-login to the site for synchronization. Practically this makes the whole module useless, would be nice to have just even a workaround for the time being... Thanks.

This code is written with ldap in mind and works without issue.

For the non ldap portion i would suggest you show the password field on the user edit form and then enter the password in there.

That will then save the password and it will be utilized correctly.

also make sure the save password on login is not checked.

Ok i tested a bit more in "LDAP" environment using the same drupal login password everything works... yet if I try to save a different password and not use the drupal login one, the error returns.

Toren - If you want a work around then shoot me an email - brandon.s.dixon@gmail.com. Feel free to hit me up via Google Talk as well. I am running an LDAP environment and noticed the issue. The best way to troubleshoot the problem and see if its related to passwords not being decrypted is to use firebug and watch the authentication take place. You should see your username and password passed in the clear (depending on your configuration).

For me, the problem is that the value of $account->xmpp_user->password is not encrypted.

I'm trying to figure out why, but that's causing me problems.

Here's the fix:


function xmpp_user_update($edit, $account, $category = NULL) {
...
...

elseif (isset($edit['xmpp_user']['password']) && !is_null($edit['xmpp_user']['password']) && drupal_strlen($edit['xmpp_user']['password'])) {
$password = xmpp_user_encrypt_password($edit['xmpp_user']['password']);
db_query("UPDATE {xmpp_user} SET jid = '%s', resource = '%s', password = '%s' WHERE uid = %d", $edit['xmpp_user']['jid'], $resource, $password, $account->uid);
$edit['xmpp_user']['password'] = $password; // <----------- store the encrypted password
}

......
......

Can you put the fix into a cvs diff patch based off the current branch then i will be able to look at it and determine if it wont break the functionality which currently works on all 100+ sites it is deployed on our end.