Finch and mismatching x509 certificates...
alessandro salvatori
sandr8 at gmail.com
Wed Sep 23 13:01:54 EDT 2009
Hi everybody,
I am hitting this issue:
Finch doesn't ask the user whether he wants to accept a mismatching
certificate, but it just fails tls handshake and bails out.
Pidgin instead presents me with a popup window, and after i accept the
certificate i can move on.
Is there any workaround, given I have the certificate as it were saved by
Pidgin? Putting it in the certificate folder doesn't seem to suffice...
If someone's got an easy fix, I'd be glad to get a patch and rebuild.
Below you can see the (anonymized) debug logs.
thank you!
-Alessandro
┌───────────────────────┤Accounts├───────────────────────┐───────┤Debug
Window├────────────────────────────────────────────────────────────────┐
│You can enable/disable accounts from the following list.│
│
│ ────────────────────────────────────────────────────── │
▒│
│[X] abcdefgh at ijklm.com/work │XMPP │
▒│
│ │ ▒│
▒│
│ │ ▒│
▒│
│ │ ▒│
▒│
│ │ ▒│
▒│
│ │ ▒│
▒│
│ │ ▒│
▒│
│ │ ▒│
▒│
│ │ ▒│
▒│
│ │ │
▒│
│ ────────────────────────────────────────────────────── │
▒│
│ ┌─────┐ ┌────────┐ ┌────────┐ │
▒│
│ │ Add │ │ Modify │ │ Delete │ │
▒│
│ └─────┘ └────────┘ └────────┘ │
▒│
└────────────────────────────────────────────────────────┘
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│
▒│
│16:56:18 account: Connecting to account abcdefgh at ijklm.com/work.
▒│
│16:56:18 connection: Connecting. gc = 0x80ad588
▒│
│16:56:18 dnssrv: querying SRV record for cisco.com: _xmpp-client._
tcp.cisco.com
▒│
│16:56:18 dnssrv: found 1 SRV entries
▒│
│16:56:18 dns: DNS query for 'isj3cmx.nopqrstuvwxy.com' queued
▒│
│16:56:18 dns: Successfully sent DNS request to child 27517
▒│
│16:56:18 dns: Got response for 'isj3cmx.nopqrstuvwxy.com'
▒│
│16:56:18 dnsquery: IP resolved for isj3cmx.nopqrstuvwxy.com
▒│
│16:56:18 proxy: Attempting connection to 66.163.36.130
▒│
│16:56:18 proxy: Connecting to isj3cmx.nopqrstuvwxy.com:5222 with no proxy
▒│
│16:56:18 proxy: Connection in progress
▒│
│16:56:18 proxy: Connecting to isj3cmx.nopqrstuvwxy.com:5222.
▒│
│16:56:18 proxy: Connected to isj3cmx.nopqrstuvwxy.com:5222.
▒│
│16:56:18 jabber: Sending: <?xml version='1.0' ?>
▒│
│16:56:18 jabber: Sending: <stream:stream to='cisco.com'
xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'
version='1.0'> ▒│
│16:56:19 jabber: Recv (267): <stream:stream xmlns='jabber:client'
xml:lang='en-US.UTF-8' xmlns:stream='http://etherx.jabber.org/streams'
▒│
│from='cisco.com' id='5040435F4BAF7'
version='1.0'><stream:features><starttls
▒│
│xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls></stream:features>
▒│
│16:56:19 jabber: Sending: <starttls
xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
▒│
│16:56:19 jabber: Recv (50): <proceed
xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
▒│
│16:56:19 gnutls: Starting handshake with cisco.com
▒│
│16:56:19 gnutls: Handshake failed. Error A TLS fatal alert has been
received. ▒│
│16:56:19 connection: Connection error on 0x80ad588 (reason: 5 description:
SSL Handshake Failed) ▒│
│16:56:19 account: Disconnecting account abcdefgh at ijklm.com/work (0x80ab418)
▒│
│16:56:19 connection: Disconnecting connection 0x80ad588
▒│
│16:56:19 jabber: XML parser error for JabberStream 0x8341188: Domain 1,
code 5, level 3: Extra content at the end of the document ▒│
│16:56:19 connection: Destroying connection 0x80ad588
▒│
│16:56:23 util: Writing file accounts.xml to directory /home/sandr8/.purple
▒│
│16:56:23 util: Writing file /home/sandr8/.purple/accounts.xml
▒│
│
│
│
────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
│
│┌───────┐ ┌──────┐
│
││ Clear │ │ Save │ Filter:
_________________________________________________________________________________________________________
[ ] Pause│
│└───────┘ └──────┘
│
└──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/support/attachments/20090923/d6e4301e/attachment.html>
More information about the Support
mailing list