Opened 7 years ago

Last modified 6 years ago

#5834 new defect

ejabberd RPM needs to install/create cert

Reported by: wad Owned by: daf
Priority: high Milestone: 8.2.0 (was Update.2)
Component: telepathy-other Version:
Keywords: Cc:
Blocked By: Blocking:
Deployments affected: Action Needed: package
Verified: no

Description

After following the directions on http://wiki.laptop.org/go/Ejabberd_Configuration , and installing ejabberd-1.1.4-1.7.20071205svn1050.fc7.olpc and enabling shared rosters, etc. I was able to "register" a laptop with the school server (a user account was created on the server, and the .sugar config file now specifies "schoolserver" as the Jabber server), but the Jabber server is showing no registration by the laptop.

The school server was running build 141. The laptop was running build 1489, and was connected to the school server via the mesh.

The presenceservice logs from the laptop are attached.

Attachments (9)

presenceservice.log (3.8 KB) - added by wad 7 years ago.
presenceservice2.log (4.3 KB) - added by wad 7 years ago.
telepathy-gabble2.log (4.8 KB) - added by wad 7 years ago.
telepathy-salut2.log (10.4 KB) - added by wad 7 years ago.
presenceservice3.log (4.3 KB) - added by wad 7 years ago.
telepathy-gabble3.log (4.8 KB) - added by wad 7 years ago.
telepathy-salut3.log (10.3 KB) - added by wad 7 years ago.
telepathy-gabble4.log (4.9 KB) - added by wad 7 years ago.
ejabberd.cfg (10.8 KB) - added by wad 7 years ago.

Download all attachments as: .zip

Change History (18)

Changed 7 years ago by wad

Changed 7 years ago by wad

Changed 7 years ago by wad

Changed 7 years ago by wad

comment:1 Changed 7 years ago by wad

Followed the debugging instructions at:
http://wiki.laptop.org/go/Telepathy-debug

In order to obtain the attached logs.

Changed 7 years ago by wad

Changed 7 years ago by wad

Changed 7 years ago by wad

Changed 7 years ago by wad

Changed 7 years ago by wad

comment:2 Changed 7 years ago by morgs

  • Component changed from presence-service to telepathy-other
  • Owner changed from morgs to daf

comment:3 Changed 7 years ago by wad

The /var/log/ejabberd/sasl.log file contains the following:

=CRASH REPORT==== 4-Jan-2008::04:28:05 ===

crasher:

pid: <0.531.0>
registered_name: []
error_info: {{badmatch,{error,"SSL_CTX_use_certificate_file failed: error:02

001002:system library:fopen:No such file or directory"}},

[{ejabberd_socket,starttls,2},

{ejabberd_c2s,init,1},
{gen_fsm,init_it,6},
{proc_lib,init_p,5}]}

initial_call: {gen,init_it,

[gen_fsm,

<0.238.0>,
<0.238.0>,
ejabberd_c2s,
[{ejabberd_socket,

{socket_state,gen_tcp,#Port<0.437>,<0.530.0>}},

[inet6,

{access,c2s},
{shaper,c2s_shaper},
tls,
{certfile,"/etc/ejabberd/ejabberd.pem"},
{max_stanza_size,524288}]],

[]]}

ancestors: [ejabberd_c2s_sup,ejabberd_sup,<0.36.0>]
messages: []
links: [<0.238.0>,#Port<0.438>]
dictionary: []
trap_exit: false
status: running
heap_size: 987
stack_size: 21
reductions: 256

neighbours:

Which leads to the observation that there is no /etc/ejabberd/ejabberd.pem file.

comment:4 Changed 7 years ago by wad

Generating a pem file by hand:

openssl req -newkey rsa:1024 -keyout ejabberd.pem -nodes -x509 -days 3650 -out ejabberd.cer

echo "" >> ejabberd.pem

cat ejabberd.cer >> ejabberd.pem

and installing it as /etc/ejabberd/ejabberd.pem with ownership ejabberd:ejabberd and 400 permissions fixed the problem.

comment:5 Changed 7 years ago by jg

  • Milestone changed from Never Assigned to Update.1
  • Priority changed from normal to high

comment:6 Changed 7 years ago by morgs

  • Summary changed from Laptop unable to connect to schoolserver jabber server to ejabberd RPM needs to install/create cert

comment:7 Changed 7 years ago by daf

comment:8 Changed 6 years ago by mstone

  • Action Needed set to package

A comment about the patch: this patch relies on the hostname being correctly defined at package installation time, which wouldn't work very well with distributing ejabberd as part of a simple flashable binary image. However, I think we can safely go ahead with what we have since that is a fairly unusual use case for server software.

I think the next step here is to submit this patch upstream in bugzilla.redhat.com for merging by peter or silfreed (the current ejabberd maintainers listed in https://admin.fedoraproject.org/pkgdb/packages/name/ejabberd).

comment:9 Changed 6 years ago by gdesmott

The patch was merged to Fedora's devel package. My new version of the XS package include it too. Will test it soon.

http://git.collabora.co.uk/?p=user/cassidy/ejabberd-rpm;a=shortlog;h=refs/heads/XS

Note: See TracTickets for help on using tickets.