Guest

Preview Tool

Cisco Bug: CSCul13985 - CUPS Doesn't Properly Choose Auth ID During XML Stream Negotiation

Last Modified

Feb 19, 2018

Products (2)

  • Cisco Unified Communications Manager IM & Presence Service
  • Cisco Unified Presence Version 8.6

Known Affected Releases

8.6(5)

Description (partial)

Symptom:
When federating with another vendor's server, CUPS successfully negotiates SASL authentication using the "from=" header in the stanza from the federated server. Once SASL is setup and CUPS receives the subsequent XML stream from the federated server, CUPS uses the "Certificate Subject Common Name (CN)" as the stored off authentication ID for the stream instead of the "from=" header. At this point the Common Name of the cert  does not match the the federated server's domain and all requests are rejected.

Conditions:
CUPS 8.6.5 XMPP Federating over TLS with third-party XMPP server.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.