GNOME Bugzilla – Bug 654011
Unable to connect to Oracle Jabber server
Last modified: 2011-09-26 14:48:50 UTC
I can connect to Oracle's Jabber server with pidgin but not empathy. The basic parameters are that it uses old SSL (port 5223) and presents an invalid SSL cert. I am using the stock Empathy in Fedora 15 and have also tested with Ubuntu 10.10. The error given is "Network Error".
We need Gabble logs. Can you please: - Set your presence to offline - killall telepathy-gabble - GABBLE_DEBUG=all WOCKY_DEBUG=all GABBLE_LOGFILE=/tmp/gabble.log /usr/lib/telepathy/telepathy-gabble - Turn your presence to online - Attach gabble.log
(In reply to comment #1) > We need Gabble logs. Can you please: > - Set your presence to offline > - killall telepathy-gabble > - GABBLE_DEBUG=all WOCKY_DEBUG=all GABBLE_LOGFILE=/tmp/gabble.log > /usr/lib/telepathy/telepathy-gabble > - Turn your presence to online > - Attach gabble.log I meant: GABBLE_PERSIST=1 GABBLE_DEBUG=all WOCKY_DEBUG=all GABBLE_LOGFILE=/tmp/gabble.log
(In reply to comment #2) > (In reply to comment #1) > > We need Gabble logs. Can you please: > > - Set your presence to offline > > - killall telepathy-gabble > > - GABBLE_DEBUG=all WOCKY_DEBUG=all GABBLE_LOGFILE=/tmp/gabble.log > > /usr/lib/telepathy/telepathy-gabble > > - Turn your presence to online > > - Attach gabble.log > > I meant: > GABBLE_PERSIST=1 GABBLE_DEBUG=all WOCKY_DEBUG=all > GABBLE_LOGFILE=/tmp/gabble.log I tried (on Fedora 15), though changed to /usr/libexec/telepathy-gabble. terminal output: [philip@vito ~]$ GABBLE_LOGFILE=/tmp/gabble.log [philip@vito ~]$ GABBLE_PERSIST=1 GABBLE_DEBUG=all WOCKY_DEBUG=all [philip@vito ~]$ empathy & [1] 18770 [philip@vito ~]$ ps aux | grep telepathy philip 15609 0.0 0.2 38260 8148 ? Sl 10:07 0:00 /usr/libexec/telepathy-logger philip 18775 0.0 0.0 10320 2880 ? S 13:22 0:00 /usr/libexec/telepathy-salut philip 18782 0.0 0.0 4432 772 pts/1 S+ 13:22 0:00 grep --color=auto telepathy [philip@vito ~]$ /usr/libexec/telepathy- telepathy-butterfly telepathy-haze telepathy-logger telepathy-gabble telepathy-idle telepathy-salut [philip@vito ~]$ /usr/libexec/telepathy-gabble (telepathy-gabble:18783): tp-glib-DEBUG: started version 0.12.0 (telepathy-glib version 0.14.5) (telepathy-gabble:18783): tp-glib-DEBUG: no connections, and timed out tp-glib-Message: Exiting [philip@vito ~]$ [philip@vito ~]$ ls /tmp/gabble.log ls: cannot access /tmp/gabble.log: No such file or directory
No you should do "GABBLE_LOGFILE=/tmp/gabble.log GABBLE_PERSIST=1 GABBLE_DEBUG=all WOCKY_DEBUG=all /usr/libexec/telepathy-gabble" on one line and then start Empathy.
Created attachment 191400 [details] Requested log file Used command: $ GABBLE_LOGFILE=/tmp/gabble.log GABBLE_PERSIST=1 GABBLE_DEBUG=all WOCKY_DEBUG=all /usr/libexec/telepathy-gabble Started empathy, tried a few recommects.
telepathy-gabble:20510): gabble-DEBUG: _gabble_connection_connect (connection.c:2071): disabling SRV because "server" or "old-ssl" was specified or port was not 5222, will connect to stbeehive.oracle.com (telepathy-gabble:20510): gabble-DEBUG: _gabble_connection_connect (connection.c:2130): Start connecting (telepathy-gabble:20510): wocky-DEBUG: connector_connect_async: wocky-connector.c:2311: host: stbeehive.oracle.com; port: 5223 (telepathy-gabble:20510): wocky-DEBUG: tcp_host_connected: wocky-connector.c:917: HOST connect failed: Connection refused Looks like the server is refusing the connection. Are you sure that's the right host and port? Is this server supposed to be available from Internet? I can't connect to this port either.
Hi, Yes, I've just found out the server is down this morning... should have looked more closely at the file. I'll retry when it's up later today. Server & port are correct, and I should have mentioned pidgin requires a workaround for the service as well, documented here: http://developer.pidgin.im/wiki/Protocol%20Specific%20Questions#WhydoIgetanSSLHandshakeFailederrorwhenconnectingtoOraclesXMPPserver p
Created attachment 191403 [details] Gabble log - now with cert fail issues Better log file.
It's a bug in the XMPP server (but there is a workaround) Basically, the conversation is supposed to run: • client says "I support this protocol level" • server replies with the highest level of protocol it supports • connection proceeds What happens in this case: • client says "I support TLS1.2" • the server panics and aborts You should be able to set the WOCKY_GNUTLS_OPTIONS environment variable (in gabble's environment) to restrict the protocol level used - our default is: "NORMAL:" "-COMP-NULL:" /* remove null compression */ "+COMP-DEFLATE:" /* prefer deflate */ "+COMP-NULL" To restrict ourselves to SSL we could use: "NORMAL:%COMPAT:-VERS-TLS1.2:-VERS-TLS1.1" (this will lose compression from the options, to get it back, add the COMP entries from the default back into the string) You can get more info on priority strings in the man page for gnutls-cli (or in the docs for gnutls_priority_init if you are using the developer documentation) So: GABBLE_LOGFILE=/tmp/gabble.log \ GABBLE_PERSIST=1 \ GABBLE_DEBUG=all \ WOCKY_DEBUG=all \ WOCKY_GNUTLS_OPTIONS='NORMAL:%COMPAT:-VERS-TLS1.2:-VERS-TLS1.1' \ /usr/libexec/telepathy-gabble And you should get a log file (as above) but of a successful connection attempt.
Created attachment 191464 [details] Gabble log - SSL and SASL success, new error New errors after connect process: (telepathy-gabble:24977): wocky-DEBUG: _end_element_ns: Received stanza * iq xmlns='jabber:client' from='oracle.com' id='262323794047' to='philip.antoniades@oracle.com /FedoraBox' type='get' * query xmlns='jabber:iq:privacy' * error (telepathy-gabble:24977): gabble-DEBUG: gabble_normalize_contact (util.c:557): JID oracle.com i s invalid or has no node part (telepathy-gabble:24977): gabble-DEBUG: got_jingle_info_stanza (jingle-factory.c:274): ignoring jingleinfo from 'oracle.com', not ourself nor the server (telepathy-gabble:24977): wocky-DEBUG: _write_node_tree: Serializing tree: * iq xmlns='jabber:client' type='error' to='oracle.com' id='262323794047' * query xmlns='jabber:iq:privacy' * error * error code='502' type='cancel' * service-unavailable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas' (telepathy-gabble:24977): wocky-DEBUG: Writing xml: <iq type="error" to="oracle.com" id="262323794047"><query xmlns="jabber:iq:privacy"/><error/><error code="502" type="cancel"><service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq> (telepathy-gabble:24977): gabble-DEBUG: bare_jid_disco_cb (connection.c:1694): Got disco error on bare jid: Request for info on philip.antoniades@oracle.com timed out
(In reply to comment #10) > Created an attachment (id=191464) [details] > Gabble log - SSL and SASL success, new error > > New errors after connect process: > > (telepathy-gabble:24977): wocky-DEBUG: _end_element_ns: Received stanza > * iq xmlns='jabber:client' from='oracle.com' id='262323794047' > to='philip.antoniades@oracle.com > /FedoraBox' type='get' > * query xmlns='jabber:iq:privacy' > * error > (telepathy-gabble:24977): gabble-DEBUG: gabble_normalize_contact (util.c:557): > JID oracle.com i > s invalid or has no node part > (telepathy-gabble:24977): gabble-DEBUG: got_jingle_info_stanza > (jingle-factory.c:274): ignoring > jingleinfo from 'oracle.com', not ourself nor the server > (telepathy-gabble:24977): wocky-DEBUG: _write_node_tree: Serializing tree: > * iq xmlns='jabber:client' type='error' to='oracle.com' id='262323794047' > * query xmlns='jabber:iq:privacy' > * error > * error code='502' type='cancel' > * service-unavailable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas' > (telepathy-gabble:24977): wocky-DEBUG: Writing xml: <iq type="error" > to="oracle.com" id="262323794047"><query > xmlns="jabber:iq:privacy"/><error/><error code="502" > type="cancel"><service-unavailable > xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq> > (telepathy-gabble:24977): gabble-DEBUG: bare_jid_disco_cb (connection.c:1694): > Got disco error on bare jid: Request for info on philip.antoniades@oracle.com > timed out I should add this is with the supplied command string GABBLE_LOGFILE=/tmp/gabble-02.log GABBLE_PERSIST=1 GABBLE_DEBUG=all WOCKY_DEBUG=all WOCKY_GNUTLS_OPTIONS='NORMAL:%COMPAT:-VERS-TLS1.2:-VERS-TLS1.1' /usr/libexec/telepathy-gabble Thanks!
Thanks Philip. Best to check this with telepathy-gabble developpers. I forwarded this bug to https://bugs.freedesktop.org/show_bug.cgi?id=39057 Thanks for these logs!
Thanks Guillaume!
I have filed an Oracle internal bug report against the IM server product for this issue. Philip and I can follow-up with the developers.