Failed connection to ejabberd with custom certificate

[SuzanneSoy]

I'm trying to connect to my ejabberd server (nothing special in the configuration, just the default install on ubuntu), but GTalkSMS goes into an endless "Waiting…" loop.

Connecting works if I disable encryption.

When GTalkSMS asked if it should accept the the certificate, I checked "Always".

If you give me an e-mail address, I can provide you debug logs from the server and from GTalkSMS by e-mail, and I can also provide you with a test account on that server.

[madduck]

I have the same problem, but I cannot really find anything in the logs about it.

I am using ejabberd with a CAcert certificate. The CAcert root certificates are added to the Android certificate vault. I also never got a question about accepting the certificate, so I assume this works. But the client still sits in the Waiting… loop, as described.

(wondering if this software is maintained since the move from Google code…)

[Yakoo63]

The software is still maintain for major issues but I've got very low bandwidth to work on it. The encryption can depends of the android version as we reuse the system configuration.

Do you have system traces (the os not the app) related to the certificate store ? I'm using openfire with auto generated certificate with marshmallow and it works fine.

[madduck]

Hey @Yakoo63, thanks for your reply. I perfectly understand that you don't have the bandwidth to work on this right now. If it helps, I'd be very happy to send over a donation if we get it working.

I am running Android Marshmallow (6.0.1) and the latest GTalkSMS (4.4.1). Here is the logcat | grep -i gtalksms output of the last attempt:

06-14 17:21:17.876  4908  4908 I gtalksms: onStartCommand(): Intent com.googlecode.gtalksms.action.CONNECT
06-14 17:21:17.876  4908  4999 I gtalksms: handling action 'com.googlecode.gtalksms.action.CONNECT' while in state Disconnected
06-14 17:21:17.876  4908  4999 I gtalksms: xmppRequestStateChange Disconnected => Connected
06-14 17:21:17.896  4908  4999 I gtalksms: broadcasting state transition from Disconnected to Connecting via Intent com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED
06-14 17:21:17.916  3630  3741 V BroadcastQueue: [background] Process cur broadcast BroadcastRecord{8d66f79 u0 com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED qIdx=4}, state= (APP_RECEIVE) DELIVERED for app ProcessRecord{4b54f9f 4908:com.googlecode.gtalksms/u0a182}
06-14 17:21:17.916  3630  3741 D ApplicationPolicy: isStatusBarNotificationAllowedAsUser: packageName = com.googlecode.gtalksms,userId = 0
06-14 17:21:17.936  3630  3630 D MARsPolicyManager: NotificationListenerService OngoingNotificationPosted : com.googlecode.gtalksms 
06-14 17:21:17.936  3912  3912 W ResourcesManager: getTopLevelResources: /data/app/com.googlecode.gtalksm -1/base.apk / 1.0 running in com.android.systemui rsrc of package com.googlecode.gtalksms
06-14 17:21:17.946  4908  4908 I gtalksms: onStartCommand(): Intent com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED
06-14 17:21:17.976  3912  3912 W ResourcesManager: getTopLevelResources: /data/app/com.googlecode.gtalksm -1/base.apk / 1.0 running in com.android.systemui rsrc of package com.googlecode.gtalksms
06-14 17:21:18.026  3912  3912 W ResourcesManager: getTopLevelResources: /data/app/com.googlecode.gtalksm -1/base.apk / 1.0 running in com.android.systemui rsrc of package com.googlecode.gtalksms
06-14 17:21:21.246  4908  4999 E gtalksms: xmpp login failed: Not connected to server.
06-14 17:21:21.266  4908  4999 I gtalksms: broadcasting state transition from Connecting to Waiting to connect via Intent com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED
06-14 17:21:21.286  4908  4999 I gtalksms: maybeStartReconnect scheduling retry in 300000ms. Retry #27
06-14 17:21:21.286  4908  4999 I gtalksms: setupListenersForConnection()
06-14 17:21:21.306  3630  3741 V BroadcastQueue: [background] Process cur broadcast BroadcastRecord{9da84be u0 com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED qIdx=4}, state= (APP_RECEIVE) DELIVERED for app ProcessRecord{4b54f9f 4908:com.googlecode.gtalksms/u0a182}
06-14 17:21:21.306  3630  3741 D ApplicationPolicy: isStatusBarNotificationAllowedAsUser: packageName = com.googlecode.gtalksms,userId = 0
06-14 17:21:21.316  3630  3630 D MARsPolicyManager: NotificationListenerService OngoingNotificationPosted : com.googlecode.gtalksms 
06-14 17:21:21.326  3912  3912 W ResourcesManager: getTopLevelResources: /data/app/com.googlecode.gtalksm -1/base.apk / 1.0 running in com.android.systemui rsrc of package com.googlecode.gtalksms
06-14 17:21:21.336  3912  3912 W ResourcesManager: getTopLevelResources: /data/app/com.googlecode.gtalksm -1/base.apk / 1.0 running in com.android.systemui rsrc of package com.googlecode.gtalksms
06-14 17:21:21.356  4908  4908 I gtalksms: onStartCommand(): Intent com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED
06-14 17:21:21.396  4908  4999 I gtalksms: handled action 'com.googlecode.gtalksms.action.CONNECT' - state now: Waiting to connect
06-14 17:21:21.406  4908  4999 I gtalksms: handling action 'com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED' while in state Waiting to connect
06-14 17:21:21.406  4908  4999 I gtalksms: handled action 'com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED' - state now: Waiting to connect
06-14 17:21:21.406  4908  4999 I gtalksms: handling action 'com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED' while in state Waiting to connect
06-14 17:21:21.406  4908  4999 I gtalksms: handled action 'com.googlecode.gtalksms.action.XMPP.CONNECTION_CHANGED' - state now: Waiting to connect
06-14 17:21:22.146  4908  4908 I gtalksms: TTS initialized!
06-14 17:21:26.566  3630  3852 D WifiStateMachine: isPackageRunning - top:com.googlecode.gtalksms.panels.MainActivity
06-14 17:21:26.566  3630  3852 D WifiStateMachine: isPackageRunning - top:com.googlecode.gtalksms.panels.MainActivity

Related to certificates, I could only find this a little while earlier:

06-14 17:15:43.286  8461 13771 D MemorizingTrustManager: checkCertTrusted([Lcom.android.org.conscrypt.OpenSSLX509Certificate;@8fb5fe6, ECDHE_RSA, true)
06-14 17:15:43.286  8461 13771 D MemorizingTrustManager: checkCertTrusted: trying appTrustManager
06-14 17:15:43.316  8461 13771 D MemorizingTrustManager: certificate for madduck.net is in our keystore. accepting.

Does any of this help? If not, what else can I provide?

Thanks a lot!

[Yakoo63]

Are you sure that is related to certificates? Because the connect method doen't throw, only the login. Can you disable the encryption in the settings to see if it's working ?

[madduck]

Thanks for your patience!

I've disabled encryption on the client, but it seems not to make a difference. Therefore, maybe the problem isn't at all related to certificates, as you suspect?

But what else? I can connect to the server from many clients including a Jabber client on the same phone. The server logs don't show anything other than

2016-06-14 20:11:51.128 [info] <0.1075.0>@ejabberd_listener:accept:313 (#Port<0.7021>) Accepted connection ::FFFF:188.174.xx.223:41809 -> ::FFFF:188.174.yy.165:5222

even in debug mode.

[Yakoo63]

Can you check your connection settings ? if your username name is login@domain.me

The service name in server's parameters must be domain.me and your login only "login" without the domain name.

[madduck]

Yes, that is exactly what I configured (after having encountered #232).

[Yakoo63]

Can you test that : upgrade GTalkSMS to 5.0.1 because 4.4.1 is an old one. Reboot your phone (sometimes it works...) Does it work with another xmpp server ? Do you always have "xmpp login failed" ?

[madduck]

Where can I get version 5.0.1? I don't have access to the Play Store, only F-Droid…

[Yakoo63]

For FDroid I wan't the person who uploaded the apk. I can provide you the latest apk by email if you want

[madduck]

That would be great, madduck at madduck.net.

Who is doing the F-Droid upload? Would you do them too?