[Pidgin] #17377: nss: Handshake failed (-12156)

Pidgin trac at pidgin.im
Wed Jan 23 06:12:00 EST 2019


#17377: nss: Handshake failed  (-12156)
----------------------------------+---------------------
 Reporter:  rahulps               |       Owner:  deryni
     Type:  defect                |      Status:  new
Milestone:  2.13.1                |   Component:  XMPP
  Version:  2.13.0                |  Resolution:
 Keywords:  ssl handshake failed  |
----------------------------------+---------------------

Old description:

> I have seen many tickets regarding this issue. But still none of the
> solution worked for me, Thats y i am putting up this ticket.
>
> till Fedora 27 pidgin worked fine with XMPP, after upgrade to 28 it
> stopped working with the error "SSL Handshake Failed"
>
> Same account works well in PSI or any other application.
>

> Debug Window Output >>
>
> (12:16:23) account: Connecting to account rahul.ps at xxx/.
> (12:16:23) connection: Connecting. gc = 0x560abc031490
> (12:16:23) dnssrv: querying SRV record for xxx: _xmpp-client._tcp.xxx
> (12:16:23) util: requesting to fetch a URL
> (12:16:23) dnsquery: Performing DNS lookup for xx.xx.xx.xx
> (12:16:23) Session Management: Received first save_yourself
> (12:16:23) Session Management: Received save_complete
> (12:16:23) dnssrv: res_query returned an error
> (12:16:23) dnsquery: Performing DNS lookup for xxx
> (12:16:23) dnsquery: IP resolved for xx.xx.xx.xx
> (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
> (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900 with no proxy
> (12:16:23) proxy: Connection in progress
> (12:16:23) dns: Created new DNS child 11226, there are now 1 children.
> (12:16:23) dns: Successfully sent DNS request to child 11226
> (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900.
> (12:16:23) proxy: Connected to xx.xx.xx.xx:1900.
> (12:16:23) util: request constructed
> (12:16:23) util: Response headers: 'HTTP/1.1 200 OK
> CONTENT-LENGTH: 3422
> CONTENT-TYPE: text/xml
> DATE: Thu, 01 Jan 1970 21:34:12 GMT
> LAST-MODIFIED: Thu, 01 Jan 1970 00:00:26 GMT
> SERVER: Linux/2.6.36.4brcmarm, UPnP/1.0, Portable SDK for UPnP
> devices/1.6.19
> X-User-Agent: redsonic
> CONNECTION: close
>
> '
> (12:16:23) util: parsed 3422
> (12:16:23) util: requesting to fetch a URL
> (12:16:23) dnsquery: Performing DNS lookup for xx.xx.xx.xx
> (12:16:23) dnsquery: Performing DNS lookup for xx.xx.xx.xx
> (12:16:23) dns: Got response for 'xxx'
> (12:16:23) dnsquery: IP resolved for xxx
> (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
> (12:16:23) proxy: Connecting to xxx:5222 with no proxy
> (12:16:23) proxy: Connection in progress
> (12:16:23) dnsquery: IP resolved for xx.xx.xx.xx
> (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
> (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900 with no proxy
> (12:16:23) proxy: Connection in progress
> (12:16:23) dnsquery: IP resolved for xx.xx.xx.xx
> (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
> (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900 with no proxy
> (12:16:23) proxy: Connection in progress
> (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900.
> (12:16:23) proxy: Connected to xx.xx.xx.xx:1900.
> (12:16:23) util: request constructed
> (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900.
> (12:16:23) proxy: Connected to xx.xx.xx.xx:1900.
> (12:16:23) upnp: Local IP: xx.xx.xx.xx
> (12:16:23) docklet: embedded
> (12:16:23) prefs: /pidgin/docklet/gtk/embedded changed, scheduling save.
> (12:16:23) util: Response headers: 'HTTP/1.1 200 OK
> CONTENT-LENGTH: 329
> CONTENT-TYPE: text/xml; charset="utf-8"
> DATE: Thu, 01 Jan 1970 21:34:12 GMT
> EXT:
> SERVER: Linux/2.6.36.4brcmarm, UPnP/1.0, Portable SDK for UPnP
> devices/1.6.19
> X-User-Agent: redsonic
>
> '
> (12:16:23) util: parsed 329
> (12:16:23) upnp: NAT Returned IP:
> (12:16:23) proxy: Connecting to xxx:5222.
> (12:16:23) proxy: Connected to xxx:5222.
> (12:16:23) jabber: Sending (rahul.ps at xxx): <?xml version='1.0' ?>
> (12:16:23) jabber: Sending (rahul.ps at xxx): <stream:stream to='xxx'
> xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'
> version='1.0'>
> (12:16:23) jabber: Recv (443): <?xml version='1.0'?><stream:stream
> xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'
> id='1371211368' from='xxx' version='1.0'
> xml:lang='en'><stream:features><starttls xmlns='urn:ietf:params:xml:ns
> :xmpp-tls'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-
> sasl'><mechanism>DIGEST-
> MD5</mechanism><mechanism>PLAIN</mechanism></mechanisms><register
> xmlns='http://jabber.org/features/iq-register'/></stream:features>
> (12:16:23) jabber: Sending (rahul.ps at xxx): <starttls
> xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
> (12:16:23) jabber: Recv (50): <proceed xmlns='urn:ietf:params:xml:ns
> :xmpp-tls'/>
> (12:16:24) nss: Handshake failed  (-12156)
> (12:16:24) connection: Connection error on 0x560abc031490 (reason: 5
> description: SSL Handshake Failed)
> (12:16:24) account: Disconnecting account rahul.ps at xxx/ (0x560abb577810)
> (12:16:24) connection: Disconnecting connection 0x560abc031490
> (12:16:24) connection: Destroying connection 0x560abc031490
> (12:16:28) util: Writing file prefs.xml to directory
> /home/rahup.ps/.purple
> (12:16:28) util: Writing file /home/rahup.ps/.purple/prefs.xml
> (12:16:28) util: Writing file accounts.xml to directory
> /home/rahup.ps/.purple
> (12:16:28) util: Writing file /home/rahup.ps/.purple/accounts.xml
>

> pidgin version >>
>
> Pidgin 2.13.0-6.fc29 (libpurple 2.13.0)
>

> NSS preference >>
>
> min TLS 1
> max TLS 1.2

New description:

 I have seen many tickets regarding this issue. But still none of the
 solution worked for me, Thats y i am putting up this ticket.

 till Fedora 27 pidgin worked fine with XMPP, after upgrade to 28 it
 stopped working with the error "SSL Handshake Failed"

 Same account works well in PSI or any other application.

 Debug Window Output >>

 {{{
 (12:16:23) account: Connecting to account rahul.ps at xxx/.
 (12:16:23) connection: Connecting. gc = 0x560abc031490
 (12:16:23) dnssrv: querying SRV record for xxx: _xmpp-client._tcp.xxx
 (12:16:23) util: requesting to fetch a URL
 (12:16:23) dnsquery: Performing DNS lookup for xx.xx.xx.xx
 (12:16:23) Session Management: Received first save_yourself
 (12:16:23) Session Management: Received save_complete
 (12:16:23) dnssrv: res_query returned an error
 (12:16:23) dnsquery: Performing DNS lookup for xxx
 (12:16:23) dnsquery: IP resolved for xx.xx.xx.xx
 (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
 (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900 with no proxy
 (12:16:23) proxy: Connection in progress
 (12:16:23) dns: Created new DNS child 11226, there are now 1 children.
 (12:16:23) dns: Successfully sent DNS request to child 11226
 (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900.
 (12:16:23) proxy: Connected to xx.xx.xx.xx:1900.
 (12:16:23) util: request constructed
 (12:16:23) util: Response headers: 'HTTP/1.1 200 OK
 CONTENT-LENGTH: 3422
 CONTENT-TYPE: text/xml
 DATE: Thu, 01 Jan 1970 21:34:12 GMT
 LAST-MODIFIED: Thu, 01 Jan 1970 00:00:26 GMT
 SERVER: Linux/2.6.36.4brcmarm, UPnP/1.0, Portable SDK for UPnP
 devices/1.6.19
 X-User-Agent: redsonic
 CONNECTION: close

 '
 (12:16:23) util: parsed 3422
 (12:16:23) util: requesting to fetch a URL
 (12:16:23) dnsquery: Performing DNS lookup for xx.xx.xx.xx
 (12:16:23) dnsquery: Performing DNS lookup for xx.xx.xx.xx
 (12:16:23) dns: Got response for 'xxx'
 (12:16:23) dnsquery: IP resolved for xxx
 (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
 (12:16:23) proxy: Connecting to xxx:5222 with no proxy
 (12:16:23) proxy: Connection in progress
 (12:16:23) dnsquery: IP resolved for xx.xx.xx.xx
 (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
 (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900 with no proxy
 (12:16:23) proxy: Connection in progress
 (12:16:23) dnsquery: IP resolved for xx.xx.xx.xx
 (12:16:23) proxy: Attempting connection to xx.xx.xx.xx
 (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900 with no proxy
 (12:16:23) proxy: Connection in progress
 (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900.
 (12:16:23) proxy: Connected to xx.xx.xx.xx:1900.
 (12:16:23) util: request constructed
 (12:16:23) proxy: Connecting to xx.xx.xx.xx:1900.
 (12:16:23) proxy: Connected to xx.xx.xx.xx:1900.
 (12:16:23) upnp: Local IP: xx.xx.xx.xx
 (12:16:23) docklet: embedded
 (12:16:23) prefs: /pidgin/docklet/gtk/embedded changed, scheduling save.
 (12:16:23) util: Response headers: 'HTTP/1.1 200 OK
 CONTENT-LENGTH: 329
 CONTENT-TYPE: text/xml; charset="utf-8"
 DATE: Thu, 01 Jan 1970 21:34:12 GMT
 EXT:
 SERVER: Linux/2.6.36.4brcmarm, UPnP/1.0, Portable SDK for UPnP
 devices/1.6.19
 X-User-Agent: redsonic

 '
 (12:16:23) util: parsed 329
 (12:16:23) upnp: NAT Returned IP:
 (12:16:23) proxy: Connecting to xxx:5222.
 (12:16:23) proxy: Connected to xxx:5222.
 (12:16:23) jabber: Sending (rahul.ps at xxx): <?xml version='1.0' ?>
 (12:16:23) jabber: Sending (rahul.ps at xxx): <stream:stream to='xxx'
 xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'
 version='1.0'>
 (12:16:23) jabber: Recv (443): <?xml version='1.0'?><stream:stream
 xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'
 id='1371211368' from='xxx' version='1.0'
 xml:lang='en'><stream:features><starttls xmlns='urn:ietf:params:xml:ns
 :xmpp-tls'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-
 sasl'><mechanism>DIGEST-
 MD5</mechanism><mechanism>PLAIN</mechanism></mechanisms><register
 xmlns='http://jabber.org/features/iq-register'/></stream:features>
 (12:16:23) jabber: Sending (rahul.ps at xxx): <starttls
 xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
 (12:16:23) jabber: Recv (50): <proceed xmlns='urn:ietf:params:xml:ns:xmpp-
 tls'/>
 (12:16:24) nss: Handshake failed  (-12156)
 (12:16:24) connection: Connection error on 0x560abc031490 (reason: 5
 description: SSL Handshake Failed)
 (12:16:24) account: Disconnecting account rahul.ps at xxx/ (0x560abb577810)
 (12:16:24) connection: Disconnecting connection 0x560abc031490
 (12:16:24) connection: Destroying connection 0x560abc031490
 (12:16:28) util: Writing file prefs.xml to directory
 /home/rahup.ps/.purple
 (12:16:28) util: Writing file /home/rahup.ps/.purple/prefs.xml
 (12:16:28) util: Writing file accounts.xml to directory
 /home/rahup.ps/.purple
 (12:16:28) util: Writing file /home/rahup.ps/.purple/accounts.xml
 }}}

 pidgin version >>

 Pidgin 2.13.0-6.fc29 (libpurple 2.13.0)


 NSS preference >>

 min TLS 1
 max TLS 1.2

--

Comment (by Robby):

 Format debug output.

--
Ticket URL: <https://developer.pidgin.im/ticket/17377#comment:1>
Pidgin <https://pidgin.im>
Pidgin


More information about the Tracker mailing list