Greetings, I am using pidgin 2.6.6 with GnuTLS 2.8.6 and the company XMPP server drops my connection attempt with a TLS alert right after the TLS client hello. Company IT says "known issue with GnuTLS, use NSS instead". Is there any way to narrow down and possibly solve this issue instead of simply falling back to NSS (which wouldn't be that easy to do as we are using distro provided packages)?
The following is the connection relevant, (anonymized) excerpt from $ PURPLE_GNUTLS_DEBUG=9 pidgin -d I don't have access to the XMPP server. Client platform is Solaris 10 x86. Please tell me if you feel that this is something which should be taken to the GnuTLS guys instead. (17:02:09) dnsquery: IP resolved for xmpp.company.com (17:02:09) proxy: Attempting connection to x.x.x.x (17:02:09) proxy: Connecting to xmpp.company.com:5223 with no proxy (17:02:09) proxy: Connection in progress (17:02:09) proxy: Connecting to xmpp.company.com:5223. (17:02:09) proxy: Connected to xmpp.company.com:5223. (17:02:09) gnutls: Starting handshake with xmpp.company.com (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 (17:02:09) gnutls: lvl 3: HSK[85dc038]: Keeping ciphersuite: RSA_ARCFOUR_MD5 (17:02:09) gnutls: lvl 3: HSK[85dc038]: CLIENT HELLO was send [65 bytes] (17:02:09) gnutls: lvl 4: REC[85dc038]: Sending Packet[0] Handshake(22) with length: 65 (17:02:09) gnutls: lvl 2: ASSERT: gnutls_cipher.c:204 (17:02:09) gnutls: lvl 4: REC[85dc038]: Sent Packet[1] Handshake(22) with length: 70 (17:02:09) gnutls: lvl 2: ASSERT: gnutls_buffers.c:322 (17:02:09) gnutls: lvl 2: ASSERT: gnutls_buffers.c:1032 (17:02:09) gnutls: lvl 2: ASSERT: gnutls_handshake.c:1045 (17:02:10) gnutls: lvl 4: REC[85dc038]: Expected Packet[0] Handshake(22) with length: 1 (17:02:10) gnutls: lvl 4: REC[85dc038]: Received Packet[0] Alert(21) with length: 2 (17:02:10) gnutls: lvl 2: ASSERT: gnutls_cipher.c:204 (17:02:10) gnutls: lvl 4: REC[85dc038]: Decrypted Packet[0] Alert(21) with length: 2 (17:02:10) gnutls: lvl 4: REC[85dc038]: Alert[2|0] - Close notify - was received (17:02:10) gnutls: lvl 2: ASSERT: gnutls_record.c:695 (17:02:10) gnutls: lvl 2: ASSERT: gnutls_record.c:1048 (17:02:10) gnutls: lvl 2: ASSERT: gnutls_buffers.c:1032 (17:02:10) gnutls: lvl 2: ASSERT: gnutls_handshake.c:1045 (17:02:10) gnutls: lvl 2: ASSERT: gnutls_handshake.c:2364 (17:02:10) gnutls: Handshake failed. Error A TLS fatal alert has been received. (17:02:10) connection: Connection error on 858e730 (reason: 5 description: SSL Handshake Failed) (17:02:10) gnutls: lvl 2: ASSERT: gnutls_record.c:262 (17:02:10) account: Disconnecting account [email protected]/XMPP (8193260) (17:02:10) connection: Disconnecting connection 858e730 (17:02:10) connection: Destroying connection 858e730 Sebastian _______________________________________________ [email protected] mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
