[Operators] Openfire 3.6.4 (jabber.iitsp.com) vs. jabber.org

Dave Cridland dave at cridland.net
Mon Jul 5 04:52:19 CDT 2010

On Sat Jul  3 15:52:28 2010, Nigel Kukard wrote:
> [org.jivesoftware.openfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode.java:77)]
> Error while negotiating TLS:
> org.jivesoftware.openfire.net.SocketConnection at 130fdeb socket:
> Socket[addr=/,port=50577,localport=5269] session:
> org.jivesoftware.openfire.session.LocalIncomingServerSession at 14edfc3
> status: 1 address: jabber.iitsp.com/c9246456 id: c9246456

> "Unexpected end of handshake" is soooooooooooooo helpful !!! *rolls  
> eyes*
Lost connection during the handshake, with no TLS Alert sent, causing  
an unexpected termination of the TLS layer.

It's about as much as can be said, really, so I don't think there's  
any reason to roll your eyes here. (Unless you happen to want to know  
which message it failed at, but that's unlikely to help either).

The reason why the TLS session was closed on the other end will  
hopefully be in jabber.org's logs. I note that you're probably  
running in UTC - always helpful to specify the timezone of the logs.

Looking at what my server says when I try to connect to yours - my  
server being the same (mostly) as jabber.org's - I get:

7/ 5 10:21:01 xmppd    24937 (root    ) I-MBOX-Info new originator  
connection to jabber.iitsp.com host jabber.iitsp.com
7/ 5 10:21:01 xmppd    24937 (root    ) E-MBOX-Error TLS:  
routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:683:
7/ 5 10:21:02 xmppd    24937 (root    ) D-MBOX-Auth closed  
originating s2s connection to domain jabber.iitsp.com  
[] (*connection closed*)

The unknown protocol is quite interesting.

I think it's responding with a TLS subversion M-Link doesn't support.  
I'll chase this up with our nice TLS people and find out why.

Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade

More information about the Operators mailing list