TLS server to server connections are not working with 3.9.2

Description

Something is not working with server 2 server connections. Even igniterealtime's openfire instance is having troubles. Finding exact logs with the failure has not been fruitful yet.

Environment

None

Activity

Show:
Daryl Herzmann
May 6, 2014, 1:21 AM

I reverted the patch for and igniterealtime's Openfire appears happier now, will reopen that ticket

Tom Evans
May 5, 2014, 11:13 PM
Edited

After tweak for exception handling, now seeing this:

2014.05.05 18:05:47 org.jivesoftware.openfire.net.SocketReadingMode - Error while negotiating TLS: org.jivesoftware.openfire.net.SocketConnection@2880efbf socket: Socket[addr=/204.93.66.11,port=37019,localport=5269] session: org.jivesoftware.openfire.session.LocalIncomingServerSession@2b218e8f status: 1 address: igniterealtime.org/5affdb24 id: 5affdb24
javax.net.ssl.SSLException: Unsupported record version Unknown-47.115
at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:116)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:845)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222)
at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:168)
at org.jivesoftware.openfire.net.SocketConnection.startTLS(SocketConnection.java:182)
at org.jivesoftware.openfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode.java:85)
at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:138)
at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76)
at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:137)
at java.lang.Thread.run(Thread.java:745)

Tom Evans
May 5, 2014, 10:36 PM

FYI - I am looking closer at the modified exception handling in this commit:
https://github.com/igniterealtime/Openfire/commit/0d5d58677b49bb2c18a4e5ab24b5907e1ddd27b2

Daryl Herzmann
May 5, 2014, 6:50 PM

Another fun log message while attempting to debug

Daryl Herzmann
May 5, 2014, 6:35 PM

Attempting to debug I see this in the debug logs, still boggling

Fixed

Assignee

Tom Evans

Reporter

Daryl Herzmann

Labels