Bug 474212 - Pidgin Package 2.3.1-2.el5_2 Cannot Connect to SILC Server [NEEDINFO]
Pidgin Package 2.3.1-2.el5_2 Cannot Connect to SILC Server
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: pidgin (Show other bugs)
5.2
All Linux
low Severity medium
: rc
: ---
Assigned To: Warren Togami
desktop-bugs@redhat.com
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-12-02 15:03 EST by Jeremy Wiley
Modified: 2014-06-02 09:16 EDT (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-06-02 09:16:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
pm-rhel: needinfo? (jwileyrr)


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
CentOS 3279 None None None Never

  None (edit)
Description Jeremy Wiley 2008-12-02 15:03:47 EST
Description of problem:
The pidgin client package provided, or the supporting packages (libsilc, or libpurple) provided cannot connect to the latest version of SILC server. The clients fails to properly exchange keys during initial login.

Version-Release number of selected component (if applicable):
libsilc - 1.0.2-2.fc6
libpurple - 2.3.1-2.el5_2
pidgin - 2.3.1-2.el5_2


How reproducible: Easily and Reliably Reproduced.


Steps to recreate:
1.)
Download and Build SILC Server 1.1.14 from (remember to build with --enable-debug): http://silcnet.org/software/download/server/ [^]
2.)
modify SILC server config (silcd.conf) to a working config - and use public key authentication. (It should fail using preferred passphrase anyhow, but eliminate it from the mix to narrow things down)
3.) Try to use packaged versions of pidgin libsilc and libpurple available from Cent repositories to connect to the server.
4.) You should receive a key exchange error in the logs (invalid key). 
  
Actual results:


Expected results:


Additional info:

Possibly related directly or indirectly to bug 459578.
https://bugzilla.redhat.com/show_bug.cgi?id=459578
Comment 1 Jeremy Wiley 2008-12-02 15:11:48 EST
Edit: 3.) Try to use packaged versions of pidgin libsilc and libpurple available from RHEL RHN repositories to connect to the server.
Comment 2 Warren Togami 2008-12-03 06:55:59 EST
I seem to be experiencing trouble connecting to SILC even with the latest pidgin in Fedora 10 in the last few days.  I see 'Connection denied' messages from several servers, followed by long delays and sometimes key exchange errors.  At the moment I tried a SILC connect and it went through without any trouble.  So these might be only intermittent server problems?

http://people.redhat.com/wtogami/temp/pidgin/
Anyhow, we are soon upgrading RHEL4 and RHEL5 to this new pidgin.  It is pidgin-2.5.2 plus numerous backported crash fixes from upstream.  Please give it a try.
Comment 3 Stu Tomlinson 2008-12-03 10:29:58 EST
what patches are in libsilc-1.0.2-2.fc6 in RHEL5 ?
Comment 5 Warren Togami 2008-12-03 11:11:00 EST
silc-toolkit-1.0.2-libs.patch
silc-toolkit-1.0.2-wordsize.patch
Comment 6 Warren Togami 2008-12-03 14:19:53 EST
Upstream SILC says that the older versions of SILC library are no longer supported by the server.  RHEL4's 0.9.12 definitely does not work anymore.  It is possible that 1.0.2 would work except we have a broken multilib wordsize patch in that old FC6 originating package.  In any case we are unable to upgrade the libsilc libraries at this time because we lack approval.  I will attempt to get approval to upgrade both RHEL4 and RHEL5 to libsilc-1.1.8 or whatever latest upstream recommends at a later date.
Comment 7 Jeremy Wiley 2008-12-03 20:32:48 EST
(In reply to comment #2)
> I seem to be experiencing trouble connecting to SILC even with the latest
> pidgin in Fedora 10 in the last few days.  I see 'Connection denied' messages
> from several servers, followed by long delays and sometimes key exchange
> errors.  At the moment I tried a SILC connect and it went through without any
> trouble.  So these might be only intermittent server problems?
> 
> http://people.redhat.com/wtogami/temp/pidgin/
> Anyhow, we are soon upgrading RHEL4 and RHEL5 to this new pidgin.  It is
> pidgin-2.5.2 plus numerous backported crash fixes from upstream.  Please give
> it a try.

Interesting, I have not had the same experience connecting to my test environment SILC Server with Fedora 10 - it seems to work flawlessly actually. Only RHEL 5 machines seem to have the issue (I don't have any clients running RHEL4 any longer to test).   

I'm working on getting the updated pidgin packages installed now - so I'll report back on that ASAP.
Comment 8 Jeremy Wiley 2008-12-03 20:48:47 EST
Ok Pidgin updated, along with libpurple using the supplied packages and the issue persists.  That leads me to believe the issue does lie with libsilc, and likely with the broken multilib wordsize patch as you mention. As reported in bug 459578 recompiling libsilc 1.0.2 without it seemed to clear it up for fedora - so I also suspect, as you do, that 1.0.2 would suffice provided that bump is fixed.
Comment 9 Stu Tomlinson 2008-12-03 21:00:48 EST
Completely untested, but this patch might be better:
http://nosnilmot.com/patches/silc-toolkit-1.0.2-wordsize.patch
Comment 10 Warren Togami 2008-12-03 21:13:06 EST
We unfortunately cannot obtain approval to change libsilc at this point.  This issue was discovered too late.  The pidgin update is primarily for security reasons, and it is icing on the cake that we are able to push through any bug fixes at all.  SILC is not a regression so it was deemed not important enough to hold up the pidgin release further.

I am proposing the latest version of libsilc for the next update cycle of both RHEL4 and RHEL5.
Comment 11 Jeremy Wiley 2008-12-03 21:59:26 EST
>Completely untested, but this patch might be better:
>http://nosnilmot.com/patches/silc-toolkit-1.0.2-wordsize.patch

  Stu, I have applied the provided patch file and recompiled the toolkit (to the best of my meager ability) and the clients still refuse the initial key exchange. 

>I am proposing the latest version of libsilc for the next update cycle of both
>RHEL4 and RHEL5.

 Thanks for the continued effort Warren, it's appreciated.
Comment 12 Jeremy Wiley 2008-12-05 17:47:41 EST
When exactly is the next update cycle, and with what frequency do such things occur? Perhaps someone might be able to point me to the document that details the process.

Many thanks.
Comment 13 RHEL Product and Program Management 2014-03-07 07:12:22 EST
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in the  last planned RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX. To request that Red Hat re-consider this request, please re-open the bugzilla via  appropriate support channels and provide additional business and/or technical details about its importance to you.
Comment 14 RHEL Product and Program Management 2014-06-02 09:16:32 EDT
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).

Note You need to log in before you can comment on or make changes to this bug.