Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-5803

Jabber plugin does not support standard secure connections (TLS)

    XMLWordPrintable

Details

    Description

      I am not able to connect to an XMPP server (Prosody) when encryption has been enabled on the server, even as an optional (not required) feature. The Hudson Jabber client reports a number of exceptions in the log, the salient message (I think) being:

      javax.net.ssl.SSLException: Unsupported record version Unknown-105.113

      (full log is attached)

      However, if I enable Legacy SSL on the server and check the box in the Hudson configuration, it connects fine. Also note that Pidgin and Empathy clients connect to the server using standard TLS (not Legacy SSL) without issue.

      After trying various combinations, I am led to believe that it is the Hudson client that is at fault, or perhaps the SMACK XMPP library that it appears to use. Or perhaps it is an interaction between this particular client and server.

      I have a work-around in enabling Legacy SSL, but, as I understand it, this is a deprecated feature and not part of the standard, and I would prefer not to have to enable it on the server for just this one client.

      Attachments

        Issue Links

          Activity

            ihhtcsufefs ihhtcsufefs added a comment -

            Hudson log after updating to Jabber 1.7 plugin, attempting to connect to Prosody secure XMPP server.

            ihhtcsufefs ihhtcsufefs added a comment - Hudson log after updating to Jabber 1.7 plugin, attempting to connect to Prosody secure XMPP server.
            kutzi kutzi added a comment -

            Attached a new snapshot which could possibly fix the problem.

            Could you 1st try the plugin without reconfiguring anything? And if that doesn't work, please disable SASL authentication (new option in the global plugin configuration) and try again.

            kutzi kutzi added a comment - Attached a new snapshot which could possibly fix the problem. Could you 1st try the plugin without reconfiguring anything? And if that doesn't work, please disable SASL authentication (new option in the global plugin configuration) and try again.

            Code changed in hudson
            User: : kutzi
            Path:
            trunk/hudson/plugins/jabber/src/main/java/hudson/plugins/jabber/im/transport/JabberIMConnection.java
            http://jenkins-ci.org/commit/29175
            Log:
            JENKINS-5803 try workaround for SASL error in Smack 3.1.0

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : kutzi Path: trunk/hudson/plugins/jabber/src/main/java/hudson/plugins/jabber/im/transport/JabberIMConnection.java http://jenkins-ci.org/commit/29175 Log: JENKINS-5803 try workaround for SASL error in Smack 3.1.0
            ihhtcsufefs ihhtcsufefs added a comment -

            Hey! That seems to have fixed it! And with SASL checked, by the way. (The XMPP server only allows secure connections, so that's the only way it would have worked.)

            Thanks a lot for your work on this issue! I'm very pleased to have it solved.

            ihhtcsufefs ihhtcsufefs added a comment - Hey! That seems to have fixed it! And with SASL checked, by the way. (The XMPP server only allows secure connections, so that's the only way it would have worked.) Thanks a lot for your work on this issue! I'm very pleased to have it solved.
            ihhtcsufefs ihhtcsufefs added a comment -

            The 1.8 update seems to fix (for me, at least) the SSL connection problem with a Prosody XMPP server.

            ihhtcsufefs ihhtcsufefs added a comment - The 1.8 update seems to fix (for me, at least) the SSL connection problem with a Prosody XMPP server.

            People

              kutzi kutzi
              ihhtcsufefs ihhtcsufefs
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: