Cisco XMPP

Roy Kidder rkidder at rkidder.com
Wed Aug 10 10:30:07 EDT 2011


OK, I've run pidgin with the -d argument and only this particular account
enabled. A snippet of the debug info is below. The initial connection is
in plain text then it appears to switch to ssl. Since the entire thing
isn't on ssl, my attempt at "s_client -connect  cmh2cpcup01:5222" fails,
although I am sure we're using a self-signed cert. In the past, with other
XMPP accounts, I've gotten a pop-up from pidgin asking to accept the
self-signed certificate, so I doubt the problem is the existence of the
SSC itself.

The host is cmh2cpcup01, which resolves just fine and using the FQDN
yields the same result.

Anyone have any thoughts?

Thanks,
Roy





--- begin debug snippet ---

(10:20:59) dns: Got response for 'cmh2cpcup01.'
(10:20:59) dnsquery: IP resolved for cmh2cpcup01.
(10:20:59) proxy: Attempting connection to 10.1.76.21
(10:20:59) proxy: Connecting to cmh2cpcup01.:5222 with no proxy
(10:20:59) proxy: Connection in progress
(10:20:59) proxy: Connecting to cmh2cpcup01.:5222.
(10:20:59) proxy: Connected to cmh2cpcup01.:5222.
(10:20:59) jabber: Sending (rkidder at cmh2cpcup01.): <?xml version='1.0' ?>
(10:20:59) jabber: Sending (rkidder at cmh2cpcup01.): <stream:stream
to='cmh2cpcup01.' xmlns='jabber:client'
xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
(10:20:59) jabber: Recv (280): <stream:stream xmlns='jabber:client'
xml:lang='en-US.UTF-8' xmlns:stream='http://etherx.jabber.org/streams'
from='cmh2cpcup01.'   id='4B975FD2D0D' version='1.0'>
(10:20:59) jabber: Sending (rkidder at cmh2cpcup01.): <starttls
xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
(10:20:59) jabber: Recv (50): <proceed
xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
(10:20:59) gnutls: Starting handshake with cmh2cpcup01.
(10:20:59) gnutls: Handshake failed. Error A TLS fatal alert has been
received.
(10:20:59) connection: Connection error on 0xa4f5360 (reason: 5
description: SSL Handshake Failed)
(10:20:59) account: Disconnecting account rkidder at cmh2cpcup01./ (0x9fc6c38)
(10:20:59) connection: Disconnecting connection 0xa4f5360
(10:20:59) connection: Destroying connection 0xa4f5360



--- end debug snippet ---







Aaron Leonard wrote:
> Roy,
>
> A fair number of us at Cisco use Pidgin.  I'm using:
>
> Connection security: Require encryption
>
> with "Allow plaintext auth over unencrypted streams" checked.  (Although
> a quick check shows that unchecking it works too.)
>
> I guess that doesn't give you much to go on, does it?  I can't tell you
> much more as I don't have visibility into how our XMPP server is set up
> ... perhaps logging will help.  At any rate, the answer to "has anyone
> gotten pidgin to work" is yes.
>
> Aaron
>
> ----
>
> On 8/8/2011 7:06 AM, rkidder at rkidder.com (Roy Kidder) wrote:
>> I've looked back over the last year's worth of threads and didn't have
>> any
>> luck on this.
>>
>> Has anyone gotten pidgin to work with Cisco's XMPP (UCS) product? No
>> matter what encryption method I use, I get an "SSL Handshake Failed"
>> error. A tcpdump clearly shows a TCP setup, what appears to be an
>> attempt
>> at a TLS handshake, and then the TCP disconnect.
>>
>> I'm have two other XMPP accounts (Google and a private Jabber server)
>> configured and working properly.
>>
>> I'm using Pidgin 2.9.0, compiled from source with libgnutls-dev
>> 2.8.6-1ubuntu2 on Ubuntu 11.04.
>>
>> Thanks in advance,
>> Roy
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Support at pidgin.im mailing list
>> Want to unsubscribe?  Use this link:
>> http://pidgin.im/cgi-bin/mailman/listinfo/support
>>
>
>





More information about the Support mailing list