This is filed against Empathy 2.28.2. After performing a system update, Empathy is unable to login to AIM and ICQ. Interestingly, Pidgin is also experiencing the same error, reporting the problem as "Received unexpected response from https://api.screenname.aol.com/auth/clientLogin". Empathy didn't specify what the problem was. On the basis of that error, I ran Wireshark and watched the login attempt. Empathy sends the following request to the server (with personal details omitted): ---------- GET http://api.oscar.aol.com/aim/startOSCARSession?a=[...]&f=xml&k=[...]&ts=1263348414&useTLS=1&sig_sha256=[...] HTTP/1.0 Connection: close Accept: */* Host: api.oscar.aol.com ---------- The response from the server is then as follows: ---------- HTTP/1.1 200 OK Date: Wed, 13 Jan 2010 02:06:54 GMT Server: Apache Content-Length: 286 Pragma: no-cache Cache-Control: no-store,no-cache,must-revalidate Keep-Alive: timeout=1, max=61 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0" encoding="UTF-8"?> <response xmlns="http://developer.aim.com/xsd/aim.xsd"><statusCode>400</statusCode><statusText>useTLS=1 is not allowed for non secure requests.</statusText><data><ts>1263348414</ts><upgradeData></upgradeData><betaData></betaData></data></response> ---------- Empathy then reports that the login failed. I have verified that my accounts are still valid: they successfully connect using the website Meebo. It is interesting that both Empathy and Pidgin are suddenly experiencing the same error. Thinking that the bug must be on AOL's side, I checked with other (non-Fedora) Empathy/Pidgin users, but haven't been able to find anyone else who could reproduce the bug. The output of `rpm -ql --last` | head -75` is provided in the attachment.
Created attachment 383392 [details] rpm -ql --last | head -75
I am experiencing the same error (confirmed with Wireshark) in Empathy after updating from libpurple-2.6.4-2.fc12.i686 to 2.6.5-1.fc12.i686. I undid a batch of updates applied at 2010-01-13 12:54, which brought me back to libpurple-2.6.3-2.fc12.i686. After rebooting, I was able to connect to the AIM network in Empathy. Then I updated Empathy only, to 2.6.5-1.fc12.i686, and I started getting the same error again. libpurple is part of the pidgin component, but I don't know whether the problem is in Empathy or libpurple code.
According to Bug 554978, Pidgin upstream is working on a fix.
This bug is closed by empathy-2.28.2-2.fc12, which is currently in updates-testing.
Fix confirmed.
I've got empathy-2.8.2-2.fc12.x86_64, and I am still having this problem this morning. Pidgin wasn't working for me either, but I was able to get it to work by disabling clientlogon in the advanced settings. I can't find that setting anywhere in empathy, so I believe this is still an issue.
I can confirm Jonathans statement for empathy-2.8.2-2.fc12.x86_64. I receive "network connection error" for AIM as stated and for ICQ and IRC that were working before. Jabber (Googlemail) amd YIM are working still fine.
I still see this problem with empathy-2.8.2-2.fc12.x86_64 and libpurple-2.6.5-1.fc12.x86_64. Tracing the connection, I see the same TLS error as Sean. It appears that the site api.oscar.aol.com is listening on port 443 as well as port 80.
There was an outage for a few hours for me, but everything's working fine now. Are others still experiencing this problem?
AIM, ICQ, Jabber and Yahoo are fine now for me (same sw as described above). Only IRC still breaks. Maybe a user settings issue; will have to verify
Tentatively closing again...
Empathy is working for me again, but I don't think this means that the bug has been resolved, so I am reopening the ticket to make sure that my comment is addressed. I'm perfectly fine if you disagree with me and they way you "address" my comment is by closing the ticket again; I just want to make sure that the issues I am raising here are known to the maintainer of the package. When empathy was failing on Fedora 12, the official AIM was working fine on Windows, and pidgin worked when I disabled clientlogin. Now, while it may be true that AOL did something to their servers to make empathy start working again, if there is a time during which other clients work and empathy didn't, then that strikes me as a bug in empathy, regardless of whether that time passed. It has happened several times now, and I assume will continue to happen in the future, so whatever the problem with the servers is, empathy needs to be fixed to cope with it.
I am having this problem now, the first time I am using empathy. Wireshark confirms that it is the same message from aol as in the description. The issue seems that empathy is connecting to api.oscar.aol.com on port 80 (non encrypted) and providing the startOSCARsession request including useTLS=1. I would expect that connecting to 443 and giving the exact same request would work just fine, or connecting to 80 and not asking for useTLS=1. AOL is effectively saying that if you want to have a secure (useTLS=1) connection, you should use https (443) to start it, or you're exposing a bunch of stuff (the startOSCARsession parameters which can probably be decoded pretty easily).
Confirmed that applying this upstream patch fixes the issue. Note, it must be applied to the pidgin SRPM since it applies to libpurple. I can't reassign the component of this bugzilla. http://developer.pidgin.im/viewmtn/revision/diff/267f28808ab6eeda6b5d68f6433f2b3fcf230d4f/with/0e3079d15adeb12c1e57ceaf5bf037f9b71c8abd/libpurple/protocols/oscar/clientlogin.c
Created attachment 395391 [details] Patch against pidgin SRPM
thanks for the reassign brian.
AOL changed their server for the previous clientLogin issue more than once within a week. Upstream is not yet sure that this is the only issue that will need to be fixed.
pidgin-2.6.6-2.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/pidgin-2.6.6-2.fc12
pidgin-2.6.6-2.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/pidgin-2.6.6-2.fc13
pidgin-2.6.6-2.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/pidgin-2.6.6-2.fc11
pidgin-2.6.6-2.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
*** Bug 563812 has been marked as a duplicate of this bug. ***
pidgin-2.6.6-2.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
pidgin-2.6.6-2.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.