Conversations cannot log in to ejabberd - error in stream

Luis

11/30/22, 9:18 PM

The ejabberd server I'm configuring has the following configuration for certfiles and for the port 5222. Gajim, Psi and Pidgin can connect fine. Conversations cannot. There's some stream error.

ejabberd's log shows

2021-07-15 16:15:01.459 [info] <0.381.0>@ejabberd_listener:accept:273 (<0.649.0>) Accepted connection 88.88.88.72:65069 -> 192.168.7.5:5222```

For Gajim, besides a line like the one above, it has two more when opening the connection:

2021-07-15 16:16:10.465 [info] <0.651.0>@ejabberd_c2s:process_auth_result:268 (tls|<0.651.0>) Accepted c2s SCRAM-SHA-256 authentication for test1@myserver by mnesia backend from 88.88.88.72
2021-07-15 16:16:10.550 [info] <0.651.0>@ejabberd_c2s:bind:442 (tls|<0.651.0>) Opened c2s session for test1@myserver/gajim.W2AAA7JO

Part of the ejabberd's config file is:

certfiles:
  - "/usr/local/etc/ejabberd/certs/myserver.pem"
  - "/usr/local/etc/ejabberd/certs/myserver.key"
listen:
  -
    port: 5222
    ip: "192.168.7.5"
    module: ejabberd_c2s
    max_stanza_size: 262144
    shaper: c2s_shaper
    access: c2s
    tls: true
    starttls: true
    starttls_required: true
    protocol_options:
        - "no_sslv2"
        - "no_sslv3"
        - "no_tlsv1"
        - "no_tlsv1_1"
    ciphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
    dhfile:
      "/usr/local/etc/ejabberd/certs/c2s_dh2048.pem"

I've also tried commenting out the ciphers and no_ssl*, no_tls* but to no avail.

The ejabberd server is running not at the gateway but in a LAN location with port forwarding enabled.

What is wrong between Conversations and ejabberd?

1 + 0

ejabberd

Score:0

Server

Badlop

12/2/22, 11:04 AM

tls: true
starttls: true

Those options are mutually exclusive. starttls is usually set at port 5222, and tls at port 5223.

And looking at the tls option documentation:

Enabling this option implicitly disables the starttls option.

So, you enabled tls on port 5222, which is a bad idea... together with starttls, which is another bad idea.

Simply, set tls to false or remove that line.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Conversations cannot log in to ejabberd - error in stream

TH: การสนทนาไม่สามารถเข้าสู่ระบบ ejabberd - เกิดข้อผิดพลาดในสตรีม

RO: Conversațiile nu se pot conecta la ejabberd - eroare în flux

RU: Беседы не могут войти в ejabberd - ошибка в потоке

VI: Cuộc trò chuyện không thể đăng nhập vào ejabberd - lỗi trong luồng

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.