Socket Error on ARM using STARTTLS

[jecxjo]

Attempting to connect to a local Prosody server running on a Raspberry Pi (ARM), Errbot fails to connect using TLS 1.0 and sleekxmpp retports a Socket Error #2: No such file or directory. I've tested this on both the XMPP Server's system as well as a separate system and both report back the same error. When I run it on x86_64 it works fine. Might be a bug in Python3.4, sleekxmpp running on ARM?

Debug output with personal stuff removed:

15:31:58 INFO     root                      Config check passed...
15:31:58 INFO     root                      Checking for '/home/jeff/bot'...
15:31:58 INFO     root                      Try to open db file /home/jeff/bot/core.db
15:31:58 DEBUG    root                      Opened shelf of XMPPBackend
15:31:58 DEBUG    root                      created the thread pool<errbot.bundled.threadpool.ThreadPool object at 0x75919450>
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: RFC 6120: Stream Feature: STARTTLS
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: RFC 6120: Stream Feature: Resource Binding
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: RFC 3920: Stream Feature: Start Session
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: RFC 6121: Stream Feature: Roster Versioning
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: RFC 6121: Stream Feature: Subscription Pre-Approval
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: RFC 6120: Stream Feature: SASL
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: XEP-0030: Service Discovery
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: XEP-0004: Data Forms
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: XEP-0045: Multi-User Chat
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: XEP-0199: XMPP Ping
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: XEP-0203: Delayed Delivery
15:31:58 DEBUG    sleekxmpp.plugins.base    Loaded Plugin: XEP-0249: Direct MUC Invitations
15:31:58 DEBUG    root                      check dependencies of /usr/lib/python3.4/site-packages/errbot/builtins
15:31:59 DEBUG    root                      /usr/lib/python3.4/site-packages/errbot/builtins has no requirements.txt file
15:31:59 DEBUG    root                      check dependencies of /home/jeff/bot/plugins
15:31:59 DEBUG    root                      /home/jeff/bot/plugins has no requirements.txt file
15:32:08 INFO     root                      webhooks:  Bind /echo/ to echo
15:32:09 INFO     root                      webhooks:  Bind /echo/ to echo
15:32:09 INFO     root                      webhooks:  Bind /example_webhook/ to example_webhook
15:32:09 DEBUG    root                      serve from <errbot.backends.xmpp.XMPPBackend object at 0x75b20b70>
15:32:09 DEBUG    sleekxmpp.xmlstream.resol DNS: Querying SRV records for example.com
15:32:09 DEBUG    sleekxmpp.xmlstream.resol DNS: No SRV records for example.com.
15:32:09 DEBUG    sleekxmpp.xmlstream.resol DNS: Querying example.com for AAAA records.
15:32:09 DEBUG    sleekxmpp.xmlstream.resol DNS: No AAAA records for example.com
15:32:09 DEBUG    sleekxmpp.xmlstream.resol DNS: Querying example.com for A records.
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst Connecting to 10.0.0.2:5222
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst Event triggered: connected
15:32:09 DEBUG    sleekxmpp.thirdparty.stat  ==== TRANSITION disconnected -> connected
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst Starting HANDLER THREAD
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst Loading event runner
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst SEND (IMMED): <stream:stream to='commentedcode.org' xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' xml:lang='en' version='1.0'>
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst RECV: <stream:stream xml:lang="en" version="1.0" id="00000000-0000-0000-0000-000000000000" from="example.com">
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst RECV: <stream:features xmlns="http://etherx.jabber.org/streams"><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required /></starttls></stream:features>
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst SEND (IMMED): <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required /></starttls>
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls" />
15:32:09 DEBUG    sleekxmpp.features.featur Starting TLS
15:32:09 INFO     sleekxmpp.xmlstream.xmlst Negotiating TLS
15:32:09 INFO     sleekxmpp.xmlstream.xmlst Using SSL version: TLS 1.0
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst Event triggered: socket_error
15:32:09 ERROR    sleekxmpp.xmlstream.xmlst Socket Error #2: No such file or directory
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst reconnecting...
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst Event triggered: session_end
15:32:09 DEBUG    sleekxmpp.xmlstream.xmlst SEND (IMMED): </stream:stream>
15:32:09 INFO     sleekxmpp.xmlstream.xmlst Waiting for </stream:stream> from server
^C15:32:09 DEBUG    root                      Trigger disconnect callback
15:32:09 INFO     root                      Disconnect callback, deactivating all the plugins.
15:32:09 DEBUG    root                      All plugins: ChatRoom, Webserver, Skeleton, VersionChecker
15:32:09 DEBUG    root                      Trigger shutdown
15:32:09 INFO     root                      Shutdown.
15:32:09 DEBUG    root                      Closed shelf of XMPPBackend
15:32:09 INFO     root                      Bye.

[zoni]

That looks very much like a bug in SleekXMPP itself. Considering the error gets thrown in sleekxmpp.xmlstream.xmlstream, I doubt it is caused by anything Err does specifically.

I would recommend trying to reproduce this with this SleekXMPP bot example and filing a bug against SleekXMPP directly if it exhibits the same problem.

[jecxjo]

Created the SleekXMPP bot example and it works just fine. Looking at the output I receive the cert in the SleekXMPP example but in Errbot I get a connection failure.

[zoni]

That is most interesting. This is what Err does to start up the XMPP back-end, so most likely, it's something we do here that causes the difference.

I wonder if it might be the setting of ca_certs specifically.

Are you currently setting a custom XMPP_CA_CERT_FILE? What happens if you use "/etc/ssl/certs/ca-certificates.crt" or None here?

If neither of that makes a difference, does patching Err by commenting out this line make a difference?

[jecxjo]

Sorry, it was use error. I apparently had quotes around None so it was looking for a file. No bug.