196315 – kopete fails to connect to Jabber if SSL=on allowPlain=off

Bug 196315 - kopete fails to connect to Jabber if SSL=on allowPlain=off

Summary: kopete fails to connect to Jabber if SSL=on allowPlain=off

Status:	RESOLVED FIXED

Alias:	None

Product:	kopete
Classification:	Unmaintained
Component:	Jabber Plugin (other bugs)
Version First Reported In:	unspecified
Platform:	Ubuntu Unspecified

Importance:	NOR normal
Target Milestone:	---
Assignee:	Kopete Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-06-13 11:41 UTC by Constantin Berzan
Modified:	2013-06-05 18:33 UTC (History)
CC List:	5 users (show)

See Also:
Latest Commit:
Version Fixed In:	4.11
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Constantin Berzan 2009-06-13 11:41:03 UTC

Version:            (using KDE 4.2.90)
Installed from:    Ubuntu Packages

I have an account with SSL enabled and plain-text authentication disabled.  Kopete in 4.2 and before used to connect to it just fine, but in 4.3beta2 it doesn't.  It says 'connecting' for a long time, and then it disconnects with "connection refused".  Looking at the code it appears that this error is the result of a timeout from KSocketTimeoutWatcher.

The relevant debug output:
kopete(28842)/kopete (jabber - raw protocol) JabberAccount::slotClientDebugMessage: "Client stream error."
kopete(28842)/kopete (jabber) JabberAccount::slotCSError: Error in stream signalled.
kopete(28842)/kopete (jabber) JabberAccount::slotCSError: Disconnecting.

I have checked out the SVN version and it exhibits the same behaviour.  I am unfamiliar with Kopete code, but am more than happy to help testing / debugging this problem if you tell me where to start.

Thanks.

Comment 1 CJIECAPb 2009-06-21 11:15:17 UTC

Confirm the problem.

Comment 2 Detlev Casanova 2009-06-21 18:40:11 UTC

I can't reproduce that. What server are you connecting to ?

Comment 3 Constantin Berzan 2009-06-23 06:20:45 UTC

I am connecting to a server at my school.  I have asked the admin for some details, and what shows up in the logs, and I will update this report when he gets back to me.

Some details I remember from using Kopete with that server before:
* If ssl was off OR plain-auth was enabled, the server wouldn't accept the connection.  It was configured for "maximum security".  The only way to connect was SSL=on, plain-auth=off.
* With ssl on, Kopete would give a warning message about the certificate (it was either expired or self-signed, I don't remember exactly).  This message showed up every time I connected, so eventually I clicked "do not show again".

Comment 4 CJIECAPb 2009-06-23 15:35:49 UTC

(In reply to comment #2)
> I can't reproduce that. What server are you connecting to ?

openfire 3.6.3 in my case

Comment 5 CJIECAPb 2009-07-06 15:08:25 UTC

Sorry.
As there was my problem don't concern a SSL.
Simply the jabber server is in a zone .local, and kopete don't resolved his dns.
Though nslookup and ping worked for this dns.

Comment 6 Tom Helner 2010-03-10 20:13:34 UTC

I am seeing similar behavior, and the same errors in Kopete 4.4.1.
Kopete can connect to talk.google.com using ssl with no problems. It cannot however, connect to my work jabber using ssl. It does not matter if plain-auth is enabled or disabled, if ssl is enabled it will not connect. I have found that it will connect using only plain-text auth, but obviously sending passwords in plain text is a bad idea.

Pidgin connects to my work jabber using ssl/tls without problem. Capturing traffic while connecting to work with Pidgin I see that the protocol goes from TCP to Jabber/XML with the contents of the packets are TLS encrypted. When I attempt to connect using Kopete with SSL enabled the protocol goes from TCP to TLSv1 and the connect fails.

I can include these captures if it helps.

Version:         4:4.4.1-0ubuntu1~karmic1~ppa1
Installed from:  ppa.launchpad.net/kubuntu-ppa/backports/ubuntu
OS:              Kubuntu 9.10

Comment 7 Steven Joseph 2011-08-01 01:47:08 UTC

Im having the same issue, which seems to be related to 

https://bugs.kde.org/show_bug.cgi?id=221533#c20

I think its because kopete has not upgraded to the new method of ssl connection. I really wish this could be resolved, i cant change the setting on the server, as I do not have the 'influence' for it.

Comment 8 Steven Joseph 2011-08-01 02:08:17 UTC

(In reply to comment #7)
> Im having the same issue, which seems to be related to 
> 
> https://bugs.kde.org/show_bug.cgi?id=221533#c20
> 
> I think its because kopete has not upgraded to the new method of ssl
> connection. I really wish this could be resolved, i cant change the setting on
> the server, as I do not have the 'influence' for it.
Looks like it might be fixed in oneric with libqca2-plugin-ossl v2.0

Comment 9 Steven Joseph 2011-08-02 00:55:59 UTC

Nope... upgraded to oneric, bug still exists.
(In reply to comment #8)
> (In reply to comment #7)
> > Im having the same issue, which seems to be related to 
> > 
> > https://bugs.kde.org/show_bug.cgi?id=221533#c20
> > 
> > I think its because kopete has not upgraded to the new method of ssl
> > connection. I really wish this could be resolved, i cant change the setting on
> > the server, as I do not have the 'influence' for it.
> Looks like it might be fixed in oneric with libqca2-plugin-ossl v2.0

Comment 10 Pali Rohár 2013-05-19 10:25:29 UTC

Kopete in svn has updated xmpp libiris library. Please test Kopete version from svn if this problem is fixed.