Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-6863

Force old SSL (Port 5223)

    XMLWordPrintable

Details

    Description

      First of all, great work with the Jabber plugin!

      There are issues with certain Jabber servers that must require the SSLSocketFactory to connect to.

      This feature is available in Pidgin as "Force old (port 5223) SSL".

      It would be great to offer something similar in the Jabber plugin

      I succeeded in this with a simple program using the Smack 3.1.0 API and just setting the SocketFactory to SSLSocketFactory.getDefault() as you see below:


      ConnectionConfiguration config = new ConnectionConfiguration("<hostname>", 5223, "<servicename>");
      config.setSocketFactory(SSLSocketFactory.getDefault());
      XMPPConnection connection = new XMPPConnection(config);
      connection.connect();


      Attachments

        1. global.jelly
          4 kB
        2. help-ssl.html
          0.1 kB
        3. instant-messaging.hpi
          92 kB
        4. jabber.hpi
          743 kB
        5. JabberIMConnection.java
          16 kB
        6. JabberPublisherDescriptor.java
          21 kB

        Issue Links

          Activity

            kutzi kutzi added a comment -

            I wonder which Jabber server you are using, which still requires legacy SSL?
            I mean, it's called 'legacy' with a reason: any halfway recent server shouldn't need it anymore.
            Can't you upgrade your server to a newer version which can handle the standard SSL?

            I've removed legacy SSL support in v1.7 of the plugin and I would really like to leave it this way - it's always good to throw away some old stuff, when it's not needed anymore.

            kutzi kutzi added a comment - I wonder which Jabber server you are using, which still requires legacy SSL? I mean, it's called 'legacy' with a reason: any halfway recent server shouldn't need it anymore. Can't you upgrade your server to a newer version which can handle the standard SSL? I've removed legacy SSL support in v1.7 of the plugin and I would really like to leave it this way - it's always good to throw away some old stuff, when it's not needed anymore.
            derekjchoi derekjchoi added a comment -

            If I had control over the Jabber server, I'd certainly move away from SSL. I think this may be the case for many users. For large companies, things move at the rate of Molasses

            derekjchoi derekjchoi added a comment - If I had control over the Jabber server, I'd certainly move away from SSL. I think this may be the case for many users. For large companies, things move at the rate of Molasses
            derekjchoi derekjchoi added a comment -

            patch

            derekjchoi derekjchoi added a comment - patch
            derekjchoi derekjchoi added a comment -

            continuation of patch, attached help-ssl.html

            derekjchoi derekjchoi added a comment - continuation of patch, attached help-ssl.html
            kutzi kutzi added a comment -

            Do you remember if you got a XMPPException when connectiong without you patch or did XMPPConnection#isConnected() simply returned false?

            kutzi kutzi added a comment - Do you remember if you got a XMPPException when connectiong without you patch or did XMPPConnection#isConnected() simply returned false?
            ssbarnea Sorin Sbarnea added a comment -

            I can't wait to test this patch. Currently I'm not able to use Jabber notifications because our corporate IM jabber server works only with old SSL 5332 port. Pidgin works but hundson doens't.

            There is no chance of upgrading the Jabber server because it is maintained by IT

            ssbarnea Sorin Sbarnea added a comment - I can't wait to test this patch. Currently I'm not able to use Jabber notifications because our corporate IM jabber server works only with old SSL 5332 port. Pidgin works but hundson doens't. There is no chance of upgrading the Jabber server because it is maintained by IT

            Code changed in hudson
            User: : kutzi
            Path:
            trunk/hudson/plugins/jabber/src/main/java/hudson/plugins/jabber/im/transport/JabberIMConnection.java
            http://jenkins-ci.org/commit/36176
            Log:
            JENKINS-6863 transparently fall back to legacy SSL if connect fails

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : kutzi Path: trunk/hudson/plugins/jabber/src/main/java/hudson/plugins/jabber/im/transport/JabberIMConnection.java http://jenkins-ci.org/commit/36176 Log: JENKINS-6863 transparently fall back to legacy SSL if connect fails
            kutzi kutzi added a comment -

            It would be great if someone could try the attached development versions of the plugins.

            kutzi kutzi added a comment - It would be great if someone could try the attached development versions of the plugins.
            kutzi kutzi added a comment -

            Note: if adapted the patch so that the bot falls back transparently to legacy SSL when the 1st connection attempt fails. So no new configuration option to force legacy SSL.

            kutzi kutzi added a comment - Note: if adapted the patch so that the bot falls back transparently to legacy SSL when the 1st connection attempt fails. So no new configuration option to force legacy SSL.
            kutzi kutzi added a comment -

            Fixed in Jabber plugin 1.2

            kutzi kutzi added a comment - Fixed in Jabber plugin 1.2
            mirabilos mirabilos added a comment -

            +1 from me (and thanks for re-adding in current plugin versions),
            Port 5223 SSL is required because the firewall blocks Port 5222
            connections to the jabberd to force the use of SSL here.

            mirabilos mirabilos added a comment - +1 from me (and thanks for re-adding in current plugin versions), Port 5223 SSL is required because the firewall blocks Port 5222 connections to the jabberd to force the use of SSL here.

            People

              kutzi kutzi
              derekjchoi derekjchoi
              Votes:
              1 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: