powered by Jive Software

Gaim SSL fails on upgrade to Wildfire 2.4

Hi!

Windows Gaim 1.5 SSL was working fine on Jive Messenter 2.2, but since upgrading to Wildfire 2.4 SSL connections fail with a read error. The following message appears in the error log:

2006.01.03 10:08:29 [org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:158)

] Connection closed before session established

62ad0d[SSL_NULL_WITH_NULL_NULL: Socket[addr=/10.0.0.70,port=2064,localport=5223]]

The following appears in the warning log:

2006.01.03 11:52:17 Stream error detected. Session: org.jivesoftware.wildfire.ClientSession@f4fb44 status: 1 address: im.sigmatek.net/a1e27eb0 id: a1e27eb0 presence:

java.lang.NullPointerException

at org.jivesoftware.wildfire.net.SocketReader.negotiateTLS(SocketReader.java:682)

at org.jivesoftware.wildfire.net.SocketReader.readStream(SocketReader.java:259)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:118)

at java.lang.Thread.run(Unknown Source)

Any ideas on how to resolve this would be welcome.

regards,

Alan.

Hey Alan,

Are you using the previous certificates or just the ones provided out of the box with Wildfire? You may try copying the /resources/security files to /resources/security and then restart the server.

I think I missed this step in the upgrade guide. Will update it now…

Thanks,

– Gato

Hi!

I was using the Wildfire ones as supplied. I tried copying the Jive Messenger ones and restarting, as you suggested, but I still have the same problem.

regards,

Alan.

Hey Alan,

I tried to reproduce the problem using Windows Gaim 1.5.0 and failed. From your logged information I see that you are connecting to port 5223 and you are also trying to use TLS. By default, TLS is used only in port 5222 and port 5223 is used for the old SSL method. Can you tell me more about your server and client configuration? Do you see this problem using other clients?

Thanks,

– Gato

Hi!

I see now that I had configured Gaim incorrectly.

I had configured Gaim to use TLS if available, but also to use SSL on port 5223. I assume it was working on the old Jive Messenger, perhaps because TLS was not available on it. Now that it is, there is a conflict between it and the requirement to use SSL.

Perhaps my explanation is not correct, but in any event it works fine if I specify TLS or SSL and not both.

Thanks very much for your help.

regards,

Alan.

Hey Gato,

We are seeing the same problem here at my company as we begin to test 2.4.0 on our test instance - we don’'t have a whole lot of users who are using clients other than our preconfigured version of Pandion, which we turn TLS off for, but this is enough of a problem that it should probably be fixed.

Thanks.

-Guy

Hey Guy,

I would be happy to fix the problem but first I would need to reproduce it to figure out what’‘s going on. At this point I’'m not sure if this is a configuration issue or a real problem on the server. Can you provide me the steps and configuration I should use in order to reproduce this problem?

Thanks,

– Gato

Hey Gato,

It should be fairly straightforward to reproduce (I hope). I just installed the 2.4.0 server, and tried to connect to it with both GAIM and with Adium X on Mac OS X. On both clients, I turned on the options for both use TLS (if available), and ‘‘force old-SSL’’ (since we run a separate port for encrypted connections).

In previous versions of Jive Messenger, the ‘‘if available’’ functioned properly - TLS wasn’'t available, so it just ignored it. Now it is failing to connect with a ‘‘read error’’ on both of those clients I tried, and throwing an exception as noted previously in the negotiateTLS method. Let me know if you need any more details. Thanks.

-Guy

I am having the same issue with Read Error using the Gaim client.

It connects for a while, but will get Read Error disconnects after a period of time

It only happens with TLS - not when i select SSL and use port 5223.

I am using Wildfire 2.4.2 and Java 1.5.0_3 on an x86_64, connected to MySQL 4.1.13, SUSE 10.0 on a Dell Poweredge 430SC.