| 1 |
On Jan 7, 2012 9:59 AM, "Andrey Moshbear" <andrey.vul@×××××.com> wrote: |
| 2 |
> |
| 3 |
> With the following pidgin debug log: |
| 4 |
> 21:46:56) account: Connecting to account XXX@×××××.com/. |
| 5 |
> (21:46:56) connection: Connecting. gc = 0x1d44780 |
| 6 |
> (21:46:56) dnssrv: querying SRV record for gmail.com: |
| 7 |
> _xmpp-client._tcp.gmail.com |
| 8 |
> (21:46:56) dnssrv: found 5 SRV entries |
| 9 |
> (21:46:56) dnsquery: Performing DNS lookup for xmpp.l.google.com |
| 10 |
> (21:46:56) dns: Successfully sent DNS request to child 805 |
| 11 |
> (21:46:56) dns: Got response for 'xmpp.l.google.com' |
| 12 |
> (21:46:56) dnsquery: IP resolved for xmpp.l.google.com |
| 13 |
> (21:46:56) proxy: Attempting connection to 209.85.225.125 |
| 14 |
> (21:46:56) proxy: Connecting to xmpp.l.google.com:5222 with no proxy |
| 15 |
> (21:46:56) proxy: Connection in progress |
| 16 |
> (21:46:56) proxy: Connecting to xmpp.l.google.com:5222. |
| 17 |
> (21:46:56) proxy: Connected to xmpp.l.google.com:5222. |
| 18 |
> (21:46:56) jabber: Sending (XXX@×××××.com): <?xml version='1.0' ?> |
| 19 |
> (21:46:56) jabber: Sending (XXX@×××××.com): <stream:stream |
| 20 |
> to='gmail.com' xmlns='jabber:client' |
| 21 |
> xmlns:stream='http://etherx.jabber.org/streams' version='1.0'> |
| 22 |
> (21:46:56) jabber: Recv (138): <stream:stream from="gmail.com" |
| 23 |
> id="0A69C2453F195AB0" version="1.0" |
| 24 |
> xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client"> |
| 25 |
> (21:46:56) jabber: Recv (241): <stream:features><starttls |
| 26 |
> xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms |
| 27 |
> |
| 28 |
xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>X-GOOGLE-TOKEN</mechanism><mechanism>X-OAUTH2</mechanism></mechanisms></stream:features> |
| 29 |
> (21:46:56) jabber: Sending (XXX@×××××.com): <starttls |
| 30 |
> xmlns='urn:ietf:params:xml:ns:xmpp-tls'/> |
| 31 |
> (21:46:56) jabber: Recv (50): <proceed |
| 32 |
xmlns="urn:ietf:params:xml:ns:xmpp-tls"/> |
| 33 |
> (21:46:56) gnutls: Starting handshake with gmail.com |
| 34 |
> (21:46:56) util: Writing file prefs.xml to directory /home/XXX/.purple |
| 35 |
> (21:46:56) util: Writing file /home/XXX/.purple/prefs.xml |
| 36 |
> (21:46:56) gnutls: Handshake complete |
| 37 |
> (21:46:56) gnutls/x509: Key print: |
| 38 |
> 0c:99:2a:04:72:48:59:1a:3c:cf:ab:60:d0:2a:9e:73:73:42:f0:08 |
| 39 |
> (21:46:56) gnutls/x509: Key print: |
| 40 |
> dd:7a:7f:13:1d:db:a3:3d:3e:86:70:17:94:83:e6:fe:a6:98:7d:6a |
| 41 |
> (21:46:56) gnutls: Peer provided 2 certs |
| 42 |
> (21:46:56) gnutls: Lvl 0 SHA1 fingerprint: |
| 43 |
> 0c:99:2a:04:72:48:59:1a:3c:cf:ab:60:d0:2a:9e:73:73:42:f0:08 |
| 44 |
> (21:46:56) gnutls: Serial: 6d:ca:e4:9f:00:03:00:00:34:be |
| 45 |
> (21:46:56) gnutls: Cert DN: C=US,ST=California,L=Mountain |
| 46 |
> View,O=Google Inc.,CN=gmail.com |
| 47 |
> (21:46:56) gnutls: Cert Issuer DN: C=US,O=Google Inc,CN=Google |
| 48 |
> Internet Authority |
| 49 |
> (21:46:56) gnutls: Lvl 1 SHA1 fingerprint: |
| 50 |
> dd:7a:7f:13:1d:db:a3:3d:3e:86:70:17:94:83:e6:fe:a6:98:7d:6a |
| 51 |
> (21:46:56) gnutls: Serial: 0b:67:71 |
| 52 |
> (21:46:56) gnutls: Cert DN: C=US,O=Google Inc,CN=Google Internet Authority |
| 53 |
> (21:46:56) gnutls: Cert Issuer DN: C=US,O=Equifax,OU=Equifax Secure |
| 54 |
> Certificate Authority |
| 55 |
> (21:46:56) certificate/x509/tls_cached: Starting verify for gmail.com |
| 56 |
> (21:46:56) certificate/x509/tls_cached: Checking for cached cert... |
| 57 |
> (21:46:56) certificate/x509/tls_cached: ...Found cached cert |
| 58 |
> (21:46:56) gnutls: Attempting to load X.509 certificate from |
| 59 |
> /home/XXX/.purple/certificates/x509/tls_peers/gmail.com |
| 60 |
> (21:46:56) certificate/x509/tls_cached: Peer cert matched cached |
| 61 |
> (21:46:56) util: Writing file |
| 62 |
> /home/XXX/.purple/certificates/x509/tls_peers/gmail.com |
| 63 |
> (21:46:56) certificate: Successfully verified certificate for gmail.com |
| 64 |
> (21:46:56) jabber: Sending (ssl) (XXX@×××××.com): <stream:stream |
| 65 |
> to='gmail.com' xmlns='jabber:client' |
| 66 |
> xmlns:stream='http://etherx.jabber.org/streams' version='1.0'> |
| 67 |
> (21:46:56) jabber: Recv (ssl)(138): <stream:stream from="gmail.com" |
| 68 |
> id="6C45C0A9313259E1" version="1.0" |
| 69 |
> xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client"> |
| 70 |
> (21:46:56) jabber: Recv (ssl)(197): <stream:features><mechanisms |
| 71 |
> |
| 72 |
xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>X-GOOGLE-TOKEN</mechanism><mechanism>X-OAUTH2</mechanism></mechanisms></stream:features> |
| 73 |
> (21:46:56) sasl: sasl_state is -1, failing the mech and trying again |
| 74 |
> (21:46:56) connection: Connection error on 0x1d44780 (reason: 3 |
| 75 |
> description: Server does not use any supported authentication method) |
| 76 |
> (21:46:57) account: Disconnecting account XXX@×××××.com/ (0x1a3dbb0) |
| 77 |
> (21:46:57) connection: Disconnecting connection 0x1d44780 |
| 78 |
> (21:46:57) jabber: Sending (ssl) (XXX@×××××.com): </stream:stream> |
| 79 |
> (21:46:57) connection: Destroying connection 0x1d44780 |
| 80 |
> |
| 81 |
> and USE flags: |
| 82 |
> dev-libs/cyrus-sasl-2.1.25 berkdb gdbm java kerberos mysql pam |
| 83 |
> postgres sqlite ssl -authdaemond -elibc_FreeBSD -ldapdb -openldap |
| 84 |
> -sample -srp -static-libs -urandom |
| 85 |
> net-im/pidgin-2.10.1 dbus debug doc gnutls gstreamer gtk idn ncurses |
| 86 |
> nls perl python sasl spell tcl tk xscreensaver -eds -gadu -groupwise |
| 87 |
> -meanwhile -networkmanager -prediction -silc -zephyr -zeroconf |
| 88 |
> net-libs/gnutls-2.10.5 cxx doc lzo nls zlib -bindist -examples -guile |
| 89 |
-test |
| 90 |
> |
| 91 |
> where exactly is the SSL problem? |
| 92 |
> |
| 93 |
|
| 94 |
It's not SSL problem, but SASL authentication failure. |
| 95 |
|
| 96 |
Check the following, might help : |
| 97 |
|
| 98 |
http://askubuntu.com/questions/88989/unable-to-connect-to-google-talk-using-pidgin-sasl-error |
| 99 |
|
| 100 |
Rgds, |
Archives