[Pidgin] #16262: Connecting to ejabberd that has RC4 disabled: SSL Handshake Failed

Pidgin trac at pidgin.im
Wed Oct 29 12:44:31 EDT 2014

#16262: Connecting to ejabberd that has RC4 disabled: SSL Handshake Failed
 Reporter:  asjoegren  |       Owner:  EionRobb
     Type:  defect     |      Status:  new
Milestone:             |   Component:  unclassified
  Version:  2.10.9     |  Resolution:
 Keywords:  ssl        |

Comment (by asjoegren):

 Ok, I did another test - if I use the setup shown here:
 https://netfuture.ch/tools/tls-interposer/#default-cipher i.e.:


 then Pidgin can't connect:

 (17:27:17) nss: Handshake failed  (-5938)
 (17:27:17) connection: Connection error on 0x7f82367ceec0 (reason: 5
 description: SSL Handshake Failed)

 but if I remove the ":!RC4", i.e. I use:


 then I _can_ connect (full log attached as debug2.txt) - albeit with RC4
 and SHA1:

 (17:23:14) nss: SSL version 3.3 using 128-bit RC4 with 160-bit SHA1 MAC
 Server Auth: 4096-bit RSA, Key Exchange: 4096-bit RSA, Compression: NULL
 Cipher Suite Name: TLS_RSA_WITH_RC4_128_SHA

 So it seems to me that Pidgin 2.10.10 with libnss3 3.17.2 on Debian
 unstable still needs RC4 to connect.

Ticket URL: <https://developer.pidgin.im/ticket/16262#comment:8>
Pidgin <https://pidgin.im>

More information about the Tracker mailing list