[Pkg-telepathy-maintainers] Bug#699103: Empathy fails to connect to SIP proxy over TLS
Daniel Pocock
daniel at pocock.com.au
Sun Jan 27 16:51:53 UTC 2013
Package: telepathy-rakia
Version: 0.7.4-1
Severity: Serious
I've marked this serious because (a) there is no detailed error from
Empathy and (b) the SIP proxy is using a cert signed by a root in the
Debian distribution, so it should be trusted and work seamlessly. Two
other SIP softphones (Lumicall and Jitsi) are working fine in the same
network with this TLS server.
I configured Empathy to use TLS to connect to a SIP account on a proxy
running repro
The repro proxy is on the same subnet, running v1.8.5 from wheezy. It
has a server cert signed by the CACert.org class 3 root, expiring 2014,
4096 bit
Empathy fails to connect
Running repro in debug mode with console output, I notice this error:
ssl/TlsConnection.cxx:161 | TLS connected
ssl/TlsConnection.cxx:175 | TLS handshake want read
Connection.cxx:372 | Exception on socket 31 code: 32; closing connection
In Empathy, I click the setting to ignore TLS errors, and then the
connection succeeds
Note: the repro proxy has both the server cert and the CAcert.org class
3 intermediate cert in the pem file, so the client should be able to
work the trust chain up to /etc/ssl/certs/cacert.org.pem (CAcert.org
class 1 root)
More information about the Pkg-telepathy-maintainers
mailing list