Bug#854210: libnet-xmpp-perl: sendxmpp can't send message to hangouts (work fine for 1.02-5)

Sat Jun 24 00:14:25 UTC 2017

On Sun, 05 Feb 2017 10:24:24 +0800, Tommy Wu wrote:

> After upgrade to 1.05-1, sendxmpp program can't send message to googole hangouts.
> 
> XML::Stream: SetCallBacks: tag(node) func(CODE(0x5567d6c2aa20))
> XMPP::Conn: xmppCallbackInit: start
> XMPP::Conn: SetCallBacks: tag(message) func(CODE(0x5567d6c2aaf8))
> XMPP::Conn: SetCallBacks: tag(presence) func(CODE(0x5567d6b19538))
> XMPP::Conn: SetCallBacks: tag(iq) func(CODE(0x5567d5bc4b68))
> XMPP::Conn: SetPresenceCallBacks: type(subscribe) func(CODE(0x5567d6c2a798))
> XMPP::Conn: SetPresenceCallBacks: type(unsubscribe) func(CODE(0x5567d6c2a720))
> XMPP::Conn: SetPresenceCallBacks: type(unsubscribed) func(CODE(0x5567d6c2b068))
> XMPP::Conn: SetPresenceCallBacks: type(subscribed) func(CODE(0x5567d6c2b1d0))
> XMPP::Conn: SetDirectXPathCallBacks: xpath(/[@xmlns="urn:ietf:params:xml:ns:xmpp-tls"]) func(CODE(0x5567d6bd6a48))
> XMPP::Conn: SetDirectXPathCallBacks: xpath(/[@xmlns="urn:ietf:params:xml:ns:xmpp-sasl"]) func(CODE(0x5567d6c2aea0))
> XMPP::Conn: xmppCallbackInit: stop
> sendxmpp: ssl_verify: 1
> sendxmpp: tls_ca_path:

^^

> XMPP::Conn: Connect: host(talk.google.com:5222) namespace(jabber:client)
> XMPP::Conn: Connect: timeout(10)
> XML::Stream: Connect: srv requested
> XML::Stream: Connect: srv query failed
> XML::Stream: Connect: type(tcpip)
> Invalid or unreadable path specified for ssl_ca_path. at /usr/share/perl5/XML/Stream.pm line 641.

^^

Looks like the path to the SSL cert(s) is empty.
I gues either sendxmpp should set it, or XML::Stream should use a
sane default.

For the latter see /usr/share/perl5/XML/Stream.pm:
223    $self->{SIDS}->{default}->{ssl_ca_path} = '';                          

Changing this value to '/etc/ssl/certs' might help.

I doubt that libnet-xmpp-perl is the problem here; the change between
1.02 and 1.05 is that it passes a defined ssl_ca_path on to
XML::Stream.

Ah, sendxmpp has an option tls-ca-path which is set to an empty
string if not passed on the command line. [0] In that case probably the
empty string somehow propagates down ...

Could one of the sendxmpp please try to call it with something like
--tls-ca-path="/etc/ssl/certs"
and see if this helps?
And/or change the above mentioned line in
/usr/share/perl5/XML/Stream.pm?
And/or change the line in sendxmpp mentioned in [0]?

If this is successful we still have to think where we should make
changes.

Cheers,
gregor

[0]
287        'tls-ca-path' => ($tls_ca_path or ''),   

-- 
 .''`.  https://info.comodo.priv.at/ - Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
   `-   NP: Joint Venture: Er muß uns jetzt was singen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: Digital Signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20170624/2b14364d/attachment.sig>