User(s) unable to connect to Exodus

We’ve got Openfire on our fileserver and our clients are connecting via Exodus. For many months, this has worked with no problems. In the last few days, however, a number of users have reported being unable to get Exodus to connect despite being able to connect to the fileserver. This problem seems to come and go–people are sometimes able to connect one day when they weren’t able to connect the day before.

I upgraded to Openfire 3.5.2 in the hopes that this would resolve the issue, but it seems to persist. Three users were still offline after the upgrade. I was able to resolve one by rebooting, one by reinstalling Exodus, but the third user is still offline and I can’t seem to get them to connect at all.

When the user opens the program, the contact list flashes briefly up on the screen and then disappears and the status balloon remains grey. When attempting to connect, the attempt will fail, retry and fail again.

Nothing of substance appears in the error logs… I tried to delete a few plugins in the hopes that they were causing the confict, but no dice.

Suggestions?

So it just goes offline and doesnt try to reconnect constantly? If it doesnt, then Exodus must be getting some packet from server to go offline (just like kicking the user when another user logs in with same username). Can you check that offline person’s profile exodus.xml. Is password there or is it cleared? We had some problems with Exodus, it was disconnecting and then password was lost, so now we did that exodus.xml is being copied to user’s profile on every login automatically.

I’m sorry I wasn’t clearer–Exodus does try to reconnect for some time, eventually stopping. I haven’t noticed anything unusual about this behavior, other than the fact that there is no connection made. The password is clearly there…

I did manage, finally, to get this last user connected by disabling the SonicWall Virtual Adapter that we use for VPN (it can be disabled while onsite). I imagine there is some conflict there. All of my users have this software and not all of them have problems connected… Anyone else have similar problems?

Oh, that reminded me completely unrelated thing on VPN stuff. Once i had a strange problem with one PC, it became unvisible to all other network while able to see (ping i mean) all others. I made a mistake not to take a look at event viewer first and wasted few hours on that. Then i found out that Cisco VPN client has internal ‘stateful’ firewall and this thing became enabled somehow.

Hmmm… Good to know. I’ll keep my eye out for that. I’m sure I’ll have to deal with this problem again in the morning when everyone’s trying to connect up again… More tomorrow…

Well, my saga with this problem continues. I am able to ping the server that has OpenFire on it from the computers that cannot connect. The Connecting screen spins and spins and eventually stops trying to connect.

I’ve had limited success uninstalling and reinstalling Exodus on the aflicted computers. It will usually work right after the reinstall, but may develop problems again. Sometimes, on the reinstall, it will tell me that the user’s preferences(?) or possibly options(?) file is in use by another program and all user settings may be lost. I usually have to reset the preferences, but once the preferences have been reset, it seems to work fine… For a while…

Help!

Have you had any luck with this issue? I can’t connect using Exodus at all and I am beating my head against a wall trying to work this through. Any insights would be appreciated.

So give more information about your case. Is it really the same as with Catlin? Maybe some errors in error.log of Openfire?

We use Exodus V10 and V9.1.0 / .1 with no problems on OF3.5.1 (and I’ve been testing on 3.6.0) with no issues.

Can you tell us what version you are using also have you enabled the debug window on Exodus prior to connecting (Shift F12 on V10)

It would be interesting to see your output from this.

Can Exodus resolve the suffix used for your JID’s ? Either direct DNS or SRV records.

Martyn wrote:

We use Exodus V10 and V9.1.0 / .1 with no problems

A bit offtopic, but i can’t say we can use V10 with no problems. It sure connects, but has too many bugs and other issues/changes, which dont let us to upgrade. http://code.google.com/p/exodus/issues/list

Agreed, it’s not perfect, what I meant was it’s working OK, and certainly without the issue being described here.

apologies, but I placed this reply in the wrong spot in the discussion.

My problem is still outstanding. I am able to get folks connected by reinstalling Exodus. I’ve got some conflict somewhere and it’s causing a real problem.

I am not sure if this the EXACT same issue but it is very very similar. I cannot connect at all with Exodus. The phrase Caitlin used about ’ The Connecting screen spins and spins’ describes exactly what is happening to me. My balloon lights up but the connecting window just spins forever. Here is what I see in the client debug window;

[2008-09-11 16:13:59.977] Using specified Host/Port: jabber.llbean.com 5225
[2008-09-11 16:14:00.555] SENT: <stream:stream to=“jabber.llbean.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” xml:lang=“en” version=“1.0” >
[2008-09-11 16:14:02.790] RECV: <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream=“http://etherx.jabber.org/streams” xmlns=“jabber:client” from=“jabber.llbean.com” id=“239a4536” xml:lang=“en” version=“1.0”>
[2008-09-11 16:14:02.993] RECV: stream:featuresPLAIN</mechanis ms>zlib</stream:features>
[2008-09-11 16:14:02.993] SENT:
[2008-09-11 16:14:03.758] RECV:
[2008-09-11 16:14:03.758] RECV: SSL status: “before/connect initialization”
[2008-09-11 16:14:03.758] RECV: SSL status: “before/connect initialization”
[2008-09-11 16:14:03.993] RECV: SSL status: “SSLv3 write client hello A”
[2008-09-11 16:14:04.508] RECV: SSL status: “SSLv3 read server hello A”
[2008-09-11 16:14:04.508] RECV: SSL status: “SSLv3 read server certificate A”
[2008-09-11 16:14:04.508] RECV: SSL status: “SSLv3 read server key exchange A”
[2008-09-11 16:14:04.508] RECV: SSL status: “SSLv3 read server done A”
[2008-09-11 16:14:04.571] RECV: SSL status: “SSLv3 write client key exchange A”
[2008-09-11 16:14:04.571] RECV: SSL status: “SSLv3 write change cipher spec A”
[2008-09-11 16:14:04.571] RECV: SSL status: “SSLv3 write finished A”
[2008-09-11 16:14:04.571] RECV: SSL status: “SSLv3 flush data”
[2008-09-11 16:14:04.993] RECV: SSL status: “SSLv3 read finished A”
[2008-09-11 16:14:04.993] RECV: SSL status: “SSL negotiation finished successfully”
[2008-09-11 16:14:04.993] RECV: SSL status: “SSL negotiation finished successfully”
[2008-09-11 16:14:04.993] RECV: Cipher: name = EDH-RSA-DES-CBC3-SHA; description = EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
; bits = 168; version = TLSv1/SSLv3;
[2008-09-11 16:14:05.008] SENT: <stream:stream to=“jabber.llbean.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0” >
[2008-09-11 16:14:05.133] RECV: <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream=“http://etherx.jabber.org/streams” xmlns=“jabber:client” from=“jabber.llbean.com” id=“239a4536” xml:lang=“en” version=“1.0”>stream:featuresPLAIN</mechanis ms>zlib</stream:features>
[2008-09-11 16:14:05.133] SENT: zlib
[2008-09-11 16:14:05.290] RECV:
[2008-09-11 16:14:05.290] SENT: <stream:stream to=“jabber.llbean.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0” >
[2008-09-11 16:14:05.399] RECV: <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream=“http://etherx.jabber.org/streams” xmlns=“jabber:client” from=“jabber.llbean.com” id=“239a4536” xml:lang=“en” version=“1.0”>stream:featuresPLAIN</mechanis ms></stream:features>
[2008-09-11 16:14:05.415] SENT: anNlaWxlckBqYWJiZXIubGxiZWFuLmNvbQBqc2 VpbGVyAFMzaWwzcjI1

It looks like my server will only accept PLAIN as a mechanism but I cannot log in without encrypting either. But this could be a red herring.

This is what is in the error log from the admin console.

2008.09.11 16:13:43 [org.jivesoftware.openfire.nio.ConnectionHandler.exceptionCaught(ConnectionHand ler.java:110)]
java.lang.NoClassDefFoundError: com.sun.security.sasl.util.PolicyUtils
at org.jivesoftware.openfire.sasl.SaslServerFactoryImpl.createSaslServer(SaslServe rFactoryImpl.java:52)
at javax.security.sasl.Sasl.createSaslServer(Sasl.java:486)
at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :227)
at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:160)
at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)
at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)
at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)
at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java: 665)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:690)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.lang.Thread.run(Thread.java:797)

What is really odd is that I can connect with Spark. But not Exodus, or Pandion or PSI I have tried both Exodus v 9 and v10.

You ask, ‘Can Exodus resolve the suffix used for your JID’s ? Either direct DNS or SRV records’ I think so…but I am not sure how I would confirm this? Am I misunderstanding what you are asking me? Thanks in advance, any help or ideas are very greatly appreciated.

See my reply to Martyn, I posted some debug and error messages. Any help would be very appreciated. Thanks.

I could be misreading this, but do you have a valid self signed certificate for SSL / TLS ?

When I say resolve the FQDN, I mean if it’s someone@im.example.co.com for instance, can you resolve and ping im.example.com ?

I can ping my server successfully. I think I have a valid certificate. At the risk of sounding really stoopid I am not very well versed in creating certificates anyway. Do you have a link to a doc with a cook book method? I would like to be sure I have everything correct.

Though I do wish to make sure I am creating my certs correctly I don’t think that is it. Or maybe it is and PLAIN is only available because the certs are bad. I don’t know. I can sign in to my server using the Spark client and it looks like Spark is defaulting to using plain text as I can see my password and such when spark eventually decides to communicate with the server.

These are sent packets in spark debug window;

<stream:stream to=“jabber” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>

<stream:stream to=“jabber.llbean.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>
AGpzZWlsZXIAUzNpbDNyMjU=
jseiler
jseilerxxxxxxxxspark






Available1
























and these are the received packets, well the first block of them anyway; You can see the mechanism is PLAIN even though I have taken it right out of the properties of the server. I am thinking that sicne Exodus has a setting to enforce encryption that is why is just hangs. I am very puzzled, help?

<?xml version='1.0' encoding='UTF-8'?>

stream:featuresPLAIN</mechanis ms></stream:features>

<?xml version='1.0' encoding='UTF-8'?>PLAINzlib

jseiler</quer y>

Friends




Jay S. Seiler



JSeiler@llbean.com

Jay Seiler



























26083















Information Services windows

YES! Martyn you are a lifesaver! I regenerated my ssl/tls certs and placed them in the …/resources/security directory. I then stopped and restarted my openfire server and BAM. Exodus logs in and all is well. Thank you thank you thank you.

Wait! Er! How does one regenerate certs?