question about SSL/ allow plain text Auth over unencrypted streams

ajith kumar ajithnair.it at gmail.com
Thu Oct 14 14:30:23 EDT 2010


Hello All ,

Pidgin version : 2.6.1 ( libpurple 2.6.1)

Connecting to my server using XMPP protocol .

Problem :

 On version 2.6.1 , When i create my account , under advanced settings
we are advised usually to check/enable "require SSL/TLS"  to connect
to our server since our server supports only SASL authentication
Mechanism .  When we choose (check) "allow plain text Auth over
unencrypted streams" we wont get connected .

 Now on pidgin version 2.7.3 , If i do the same operation "allow plain
text Auth over unencrypted streams " i am able to connect to my
server. As per my understanding plain text authentication Mechanism is
not supported .

Questions:
 1) what does "allow plain text Auth over unencrypted streams "
exactly Means ? Does it mean we supply username/passwd in clear text
to server ? or its kind of again a SSL mechanism option?

2) What is there is difference between pidgin 2.6.1 and 2.7.3 when we
have the same settings in place ? One is trying to connect while other
is not ?

This will help us to correct the setting on our server if it is really
alllowing for plain text or is it a bug ?

Regards
Aj




More information about the Support mailing list