AOL logon problem

Mark Doliner mark at kingant.net
Wed Apr 11 16:42:01 EDT 2012 

(cc'ing devel at pidgin.im again)

I don't see anything obviously wrong with the cert, and it's not clear
to me why our cert validation code doesn't like.  Maybe your computer
just doesn't trust one of the CAs...?  But I feel like we log
something obvious in that case.

/me shrugs

On Wed, Apr 11, 2012 at 1:31 PM, Tom Henderson
<thenderson at extremelabs.com> wrote:
> Mark,
>
> Thanks for answering. Here's the dump from the debug window:
>
> 16:18:38) account: Connecting to account henderson9.
> (16:18:38) connection: Connecting. gc = 0x7f91ea419d50
> (16:18:38) oscar: Registered modules: alert (family=0x0018, version=0x0001,
> toolid=0x0010, toolversion=0x0629), auth (family=0x0017, version=0x0000,
> toolid=0x0000, toolversion=0x0000), icq (family=0x0015, version=0x0001,
> toolid=0x0110, toolversion=0x047c), feedbag (family=0x0013, version=0x0004,
> toolid=0x0110, toolversion=0x0629), bart (family=0x0010, version=0x0001,
> toolid=0x0010, toolversion=0x0629), chat (family=0x000e, version=0x0001,
> toolid=0x0010, toolversion=0x0629), chatnav (family=0x000d, version=0x0001,
> toolid=0x0010, toolversion=0x0629), stats (family=0x000b, version=0x0001,
> toolid=0x0104, toolversion=0x0001), userlookup (family=0x000a,
> version=0x0001, toolid=0x0110, toolversion=0x0629), bos (family=0x0009,
> version=0x0001, toolid=0x0110, toolversion=0x0629), popup (family=0x0008,
> version=0x0001, toolid=0x0104, toolversion=0x0001), admin (family=0x0007,
> version=0x0001, toolid=0x0010, toolversion=0x0629), messaging
> (family=0x0004, version=0x0001, toolid=0x0110, toolversion=0x0629), buddy
> (family=0x0003, version=0x0001, toolid=0x0110, toolversion=0x0629), locate
> (family=0x0002, version=0x0001, toolid=0x0110, toolversion=0x0629), oservice
> (family=0x0001, version=0x0003, toolid=0x0110, toolversion=0x0629), misc
> (family=0xffff, version=0x0000, toolid=0x0000, toolversion=0x0000),
> (16:18:38) oscar: Registered handlers: 0001/0001, 0001/0005, 0001/000f,
> 0001/0013, 0001/001f, 0002/0003, 0003/0001, 0003/0003, 0003/000b, 0003/000c,
> 0004/0007, 0004/000a, 0004/000b, 0004/0014, 0007/0003, 0007/0005, 0007/0007,
> 0008/0002, 0009/0001, 0009/0003, 000a/0001, 000a/0003, 000d/0001, 000d/0009,
> 000e/0001, 000e/0002, 000e/0003, 000e/0004, 000e/0006, 0010/0005, 0013/0001,
> 0013/0003, 0013/0006, 0013/0008, 0013/0009, 0013/000e, 0013/0015, 0013/0019,
> 0013/001b, 0013/001c, 0017/0003, 0017/0007, 0017/000a, 0018/0001, 0018/0007,
> ffff/0003, ffff/0006,
> (16:18:38) oscar: oscar_login: gc = 0x7f91ea419d50
> (16:18:38) util: requesting to fetch a URL
> (16:18:38) dnsquery: Performing DNS lookup for api.screenname.aol.com
> (16:18:38) dns: Wait for DNS child 13834 failed: No child processes
> (16:18:38) dns: Created new DNS child 13899, there are now 1 children.
> (16:18:38) dns: Successfully sent DNS request to child 13899
> (16:18:38) dns: Got response for 'api.screenname.aol.com'
> (16:18:38) dnsquery: IP resolved for api.screenname.aol.com
> (16:18:38) proxy: Attempting connection to 64.12.173.137
> (16:18:38) proxy: Connecting to api.screenname.aol.com:443 with no proxy
> (16:18:38) proxy: Connection in progress
> (16:18:38) proxy: Connecting to api.screenname.aol.com:443.
> (16:18:38) proxy: Connected to api.screenname.aol.com:443.
> (16:18:39) nss: subject=CN=api.screenname.aol.com,OU=Terms of use at
> www.verisign.com/rpa (c)05,OU=Core Services,O=AOL
> LLC.,L=Dulles,ST=Virginia,C=US issuer=OU=www.verisign.com/CPS Incorp.by Ref.
> LIABILITY LTD.(c)97 VeriSign,OU=VeriSign International Server CA - Class
> 3,OU="VeriSign, Inc.",O=VeriSign Trust Network
> (16:18:39) nss: subject=OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY
> LTD.(c)97 VeriSign,OU=VeriSign International Server CA - Class
> 3,OU="VeriSign, Inc.",O=VeriSign Trust Network issuer=OU=Class 3 Public
> Primary Certification Authority,O="VeriSign, Inc.",C=US
> (16:18:39) nss: subject=OU=Class 3 Public Primary Certification
> Authority,O="VeriSign, Inc.",C=US issuer=OU=Class 3 Public Primary
> Certification Authority,O="VeriSign, Inc.",C=US
> (16:18:39) certificate/x509/tls_cached: Starting verify for
> api.screenname.aol.com
> (16:18:39) certificate/x509/tls_cached: Checking for cached cert...
> (16:18:39) certificate/x509/tls_cached: ...Not in cache
> (16:18:39) certificate: Checking signature chain for
> uid=CN=api.screenname.aol.com,OU=Terms of use at www.verisign.com/rpa
> (c)05,OU=Core Services,O=AOL LLC.,L=Dulles,ST=Virginia,C=US
> (16:18:39) certificate: ...Good signature by OU=www.verisign.com/CPS
> Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign,OU=VeriSign International Server
> CA - Class 3,OU="VeriSign, Inc.",O=VeriSign Trust Network
> (16:18:39) certificate: ...Good signature by OU=Class 3 Public Primary
> Certification Authority,O="VeriSign, Inc.",C=US
> (16:18:39) certificate: Chain is VALID
> (16:18:39) certificate/x509/tls_cached: Checking for a CA with DN=OU=Class 3
> Public Primary Certification Authority,O="VeriSign, Inc.",C=US
> (16:18:39) certificate/x509/tls_cached: Also checking for a CA with
> DN=OU=Class 3 Public Primary Certification Authority,O="VeriSign, Inc.",C=US
> (16:18:39) certificate: Failed to verify certificate for
> api.screenname.aol.com
> (16:18:39) connection: Connection error on 0x7f91ea419d50 (reason: 0
> description: Error requesting
> https://api.screenname.aol.com/auth/clientLogin: Unable to connect to
> api.screenname.aol.com: SSL peer presented an invalid certificate)
> (16:18:39) account: Disconnecting account henderson9 (0x7f91ea4005d0)
> (16:18:39) connection: Disconnecting connection 0x7f91ea419d50
> (16:18:39) oscar: Signed off.
> (16:18:39) connection: Destroying connection 0x7f91ea419d50
> (16:18:44) msn: C: NS 000: PNG
> (16:18:44) util: Writing file accounts.xml to directory
> /home/notyourbusiness/.purple

More information about the Devel mailing list