4 Mar 2009 gdvieira   » (Journeyer)

GTalk TLS Handshake Bug

Since late February I stopped seeing my GTalk friends in my IM client. I use a personal Jabber server (jabberd2) and all its connections to the GTalk servers were being dropped. After some investigation in the web, I found that Google:

  • Uses a buggy TLS implementation.
  • Has activated encryption for s2s connections starting in February.
The end result was that my server could not establish an encrypted connection with GTalk servers. Here is a very informative bug report.

As GTalk connectivity is very important for any open Jabber server, many servers have published workarounds for the problem. Here is a patch for jabberd2. A new release (2.2.7.1) of jabberd2 was also made to address the issue.

I have jabberd2 2.2.4 in my server. For some reason, I could not make 2.2.7.1 work because of some problems with the Berkeley DB back end. I ended up applying this patch to 2.2.4 and it fixed the problem. I also created a bug report in the Fedora Bugzilla, so maybe a fixed package will be pushed as an update.

Syndicated 2009-03-04 13:45:51 from Gustavo M. D. Vieira

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!