README file from Debian (read it to solve problems with cryptography!)

[eribertomota]

Hi,

Today I uploaded the sendxmpp 1.24 to Debian. I wrote a little README.Debian file to explain about some issues and solutions. I decided open a this issue to put here the content of the README file. I think that it can help some people and maybe it could be a source to improve the README file released with sendxmpp. Feel free to use it.

I hope this help.

Regards,

Eriberto

---

sendxmpp for Debian

Since 2.14 version, sendxmpp is using a new config file format. The file name must be ~/.sendxmpprc with 400 permission. See below an example of the new format:

username: john jserver: jabber.example.com port: 5222 password: my-very-nice-pass2

There are some tips for sendxmpp 2.14, when using cryptography (I believe these tips will work for 2.13 version too). The following topics will require a special attention.

1. When using sendxmpp, I get:

   "Could not connect to 'jabber.example.com' on port 5222: The server requires us to use TLS, but you did not specify that TLS was an option."

   To solve this problem, use -t option.

2. When sending a message, the following error is shown:

   "Invalid or unreadable path specified for ssl_ca_path. at /usr/share/perl5/XML/Stream.pm line 641."

   Use '-a /etc/ssl/certs/' or '--tls-ca-path /etc/ssl/certs' option.

3. I am getting several messages, similar to lines shown below:

   "Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1829. Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 2740. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 2742. Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1668. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1669. Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1669. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1671. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1673. Use of uninitialized value in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1673. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1675. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1678. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 2620. Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 2740. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 2742. Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1440. Use of uninitialized value in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1443. Use of uninitialized value within %status in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1506. Use of uninitialized value in subtraction (-) at /usr/share/perl5/XML/Stream.pm line 1507. Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1669. Use of uninitialized value in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1673. Use of uninitialized value in hash element at /usr/share/perl5/Net/XMPP/Connection.pm line 433. Use of uninitialized value in hash element at /usr/share/perl5/Net/XMPP/Connection.pm line 440. Use of uninitialized value in hash element at /usr/share/perl5/Net/XMPP/Connection.pm line 433. Use of uninitialized value in string eq at /usr/bin/sendxmpp line 515. Error 'AuthSend': [?] Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1668. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1669. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1671. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1673. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1266. Use of uninitialized value in string eq at /usr/share/perl5/XML/Stream.pm line 1266. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1266. Use of uninitialized value in string eq at /usr/share/perl5/XML/Stream.pm line 1266. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1267. Use of uninitialized value in delete at /usr/share/perl5/XML/Stream.pm line 1267. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1268. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270. Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270. Use of uninitialized value $sid in delete at /usr/share/perl5/XML/Stream.pm line 1272."

   To solve:

   # apt-get install ca-certificates ---> Copy the root certificate from your CA to /usr/local/share/ca-certificates/. The file must use te suffix .crt, e.g. mycert.crt # update-ca-certificates ---> For more details: $ man update-ca-certificates

4. I am seeing an unknown behaviour.

   Add the '-v' option to your command line to try debug and find the problem.

   -- Joao Eriberto Mota Filho eriberto@debian.org Tue, 18 Jul 2017 10:38:30 -0300

[TRSx80]

If you are getting the "Error 'AuthSend': error: malformed-request[?]" that I previously mentioned here and created (see link above) an issue about, I finally figured it out, and you can find the (very simple) solution in my last post.

[thomas-mc-work]

Copy the root certificate from your CA to /usr/local/share/ca-certificates/.

My XMPP server uses a certificate by Letsencrypt. What exactly shall I copy then? I have that exact problem described in 3. on Debian 12.4.

[sirbrokealot]

Copy the root certificate from your CA to /usr/local/share/ca-certificates/.

My XMPP server uses a certificate by Letsencrypt. What exactly shall I copy then? I have that exact problem described in 3. on Debian 12.4.

I also have the issue with sendxmpp 1.24 on debian bookworm. Use of uninitialized value in string eq at /usr/bin/sendxmpp line 515. Error 'AuthSend': [?] I tried to figure out what certificate is required by my xmpp server openssl s_client -connect <yourserver>:5222 -starttls xmpp I figured that I needed a common one from letsencrypt which I downloaded curl -o ISRGRootX1.crt https://letsencrypt.org/certs/isrgrootx1.pem I moved this to the suggested dir. /usr/local/share/ca-certificates/ISRGRootX1.crt I did the update of the certs with sudo update-ca-certificates

And tried my xmpp sending with the -a,--tls-ca-path flag pointing to that crt file.

For me it's not helping I can only bypass and send with the -n,--no-tls-verify flag

Did you figure this out @thomas-mc-work ?

[thomas-mc-work]

Thanks for the instructions. But they didn't work for me either, and I'm still stuck in this situation. I also think this approach cannot help since this root certificate is already part of my system (/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt)

I ended up using an alternative: https://pypi.org/project/xmpppy/