Bug 249605

Summary: Connecting to DJabberd fails TLS logins
Product: [Fedora] Fedora Reporter: Edward Rudd <urkle>
Component: pidginAssignee: Warren Togami <wtogami>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 7CC: eblanton, lschiere+bugs, mark, redhat-bugzilla, stu
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: 2.1.0 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-23 17:26:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Edward Rudd 2007-07-25 18:30:31 UTC 
Description of problem:
When connecting to DJabberd using TLS, pidgin fails to connect. DJabberd logs a
SSL_read 23061: 1 - error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
SSL Read error: SSL_read 23061: 1 - error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number

Error when 64bit pidgin connects.


Version-Release number of selected component (if applicable):
2.0.2-3.fc7

How reproducible:
Everytime

Steps to Reproduce:
1. Setup DJabberd w/ an SSL certificate.
2. Connect w/ pidgin
  
Actual results:
Pidgin fails to connect and DJabberd reports a "wrong version number" error

Expected results:
Pidgin to connect.

Additional info:
64bit PSI  connects fine using qca-tls, which uses openssl.
32bit pidgin on windows and F7 works fine (exact same configuration)
64bit pidgin works when compiled with gnutls ONLY and NOT nss (f7 pidgin build
use NSS only and windows pidgin builds use NSS only).
64bit pidgin w/ gnutls AND nss support built in does not work (thinking pidgin
favors nss over gnutls)

If I configure pidgin to use "Old SSL" AND change the port to 5223 AND specify
the hostname to connect to, it connects fine on 64bit.

Not sure if this is a bug in pidgin specifically or a bug in NSS.

I've only tested this against djabberd as the only other jabber server I have
readily available is an OLD install of jabberd14 which doesn't support TLS.
Comment 1 Edward Rudd 2007-08-23 17:26:35 UTC 
Issue has gone away w/ Pidgin 2.1.0. (though nothing noted in their changelog,
something they did fixed it)