how does XMPP client select an authentication mechanism?

Question

I'm trying to learn the XMPP spec (RFC 3920) by coding it in low-level Python. But I've been hung up for over an hour at step 4 of section 6.5, selecting an authentication mechanism. I'm sending: <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN'/>, and getting: <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><incorrect-encoding/></failure> instead of a base64-encoded challenge.

The "incorrect-encoding" error is supposedly to be used for when I incorrectly base64-encode something, but there was no text to encode. I'm probably missing something really obvious. Anybody got a cluestick?

I'm using talk.google.com port 5222 as the server, if that matters. I doubt that it does; this is almost definitely due to my lack of understanding this section of the RFC. And the problem isn't likely my code, other than the way I'm sending this particular stanza, or it would be failing at the previous steps. But for what it's worth, here is the code I've got so far, and the complete log (transcript of the session). Thanks.

Answer 1

First off, RFC 6120 is often more clear than 3920. [updated to point to the RFC as released]

Since you're using SASL PLAIN (see RFC 4616), many servers expect you to send a SASL "initial response" in the auth element, consisting of:

base64(\x00 + utf8(saslprep(username)) + \x00 + utf8(saslprep(password)))

All together, then, your auth element needs to look like this:

<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl'
            mechanism='PLAIN'>AGp1bGlldAByMG0zMG15cjBtMzA=</auth>

For the username "juliet" and the password "r0m30myr0m30".