Loading...

XML

Word

Printable

Type: Incident report
Resolution: Won't fix
Priority: Major
Fix Version/s: None
Affects Version/s: 2.2.4
Component/s: Server (S)
Labels:
- jabber
- ssl
- tls
- xmpp
Environment:
Debian 7.5 Wheezy AMD x86_64. Zabbix 2.2.4, Prosody IM

Hello Dear Community Team. Does Zabbix internal jabber client support encrypted c2s connections? I have experience unable to send notifications issue with the server where encryption is enabled.

Zabbix Log showing the following:

  5207:20140627:044942.081 Starting Zabbix Server. Zabbix 2.2.4 (revision 46772).
  5207:20140627:044942.081 ****** Enabled features ******
  5207:20140627:044942.081 SNMP monitoring:           YES
  5207:20140627:044942.081 IPMI monitoring:           YES
  5207:20140627:044942.081 WEB monitoring:            YES
  5207:20140627:044942.081 VMware monitoring:         YES
  5207:20140627:044942.081 Jabber notifications:      YES
  5207:20140627:044942.081 Ez Texting notifications:  YES
  5207:20140627:044942.081 ODBC:                      YES
  5207:20140627:044942.081 SSH2 support:              YES
  5207:20140627:044942.081 IPv6 support:              YES
  5207:20140627:044942.081 ******************************

  5241:20140627:131924.994 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131925.158 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131925.351 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131925.510 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131925.685 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131955.745 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131955.790 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131955.823 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131955.857 JABBER: [[email protected]] tls handshake failed
  5241:20140627:131955.890 JABBER: [[email protected]] tls handshake failed
  5241:20140627:132025.925 JABBER: [[email protected]] tls handshake failed
  5241:20140627:132025.973 JABBER: [[email protected]] tls handshake failed
  5241:20140627:132026.001 JABBER: [[email protected]] tls handshake failed
  5241:20140627:132026.032 JABBER: [[email protected]] tls handshake failed
  5241:20140627:132026.060 JABBER: [[email protected]] tls handshake failed

From server side I see the following:

Jun 27 22:19:24 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55722 to 5222
Jun 27 22:19:24 c2s1723bc0      info    Client connected
Jun 27 22:19:24 c2s1723bc0      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:24 c2s1723bc0      debug   Sent reply <stream:stream> to client
Jun 27 22:19:24 c2s1723bc0      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:24 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:24 c2s1723bc0      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:24 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x1649fb8
Jun 27 22:19:24 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:24 c2s1723bc0      info    Client disconnected: ssl handshake failed
Jun 27 22:19:24 c2s1723bc0      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:24 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:25 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55724 to 5222
Jun 27 22:19:25 c2s17f5400      info    Client connected
Jun 27 22:19:25 c2s17f5400      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:25 c2s17f5400      debug   Sent reply <stream:stream> to client
Jun 27 22:19:25 c2s17f5400      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:25 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:25 c2s17f5400      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:25 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x17f2b38
Jun 27 22:19:25 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:25 c2s17f5400      info    Client disconnected: ssl handshake failed
Jun 27 22:19:25 c2s17f5400      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:25 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:25 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55726 to 5222
Jun 27 22:19:25 c2s189e300      info    Client connected
Jun 27 22:19:25 c2s189e300      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:25 c2s189e300      debug   Sent reply <stream:stream> to client
Jun 27 22:19:25 c2s189e300      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:25 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:25 c2s189e300      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:25 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x1694668
Jun 27 22:19:25 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:25 c2s189e300      info    Client disconnected: ssl handshake failed
Jun 27 22:19:25 c2s189e300      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:25 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:25 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55728 to 5222
Jun 27 22:19:25 c2s1810f50      info    Client connected
Jun 27 22:19:25 c2s1810f50      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:25 c2s1810f50      debug   Sent reply <stream:stream> to client
Jun 27 22:19:25 c2s1810f50      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:25 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:25 c2s1810f50      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:25 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x180b9d8
Jun 27 22:19:25 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:25 c2s1810f50      info    Client disconnected: ssl handshake failed
Jun 27 22:19:25 c2s1810f50      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:25 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:25 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55730 to 5222
Jun 27 22:19:25 c2s1807870      info    Client connected
Jun 27 22:19:25 c2s1807870      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:25 c2s1807870      debug   Sent reply <stream:stream> to client
Jun 27 22:19:25 c2s1807870      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:25 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:25 c2s1807870      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:25 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x18050a8
Jun 27 22:19:25 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:25 c2s1807870      info    Client disconnected: ssl handshake failed
Jun 27 22:19:25 c2s1807870      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:25 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:33 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:19:55 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55737 to 5222
Jun 27 22:19:55 c2s17543c0      info    Client connected
Jun 27 22:19:55 c2s17543c0      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:55 c2s17543c0      debug   Sent reply <stream:stream> to client
Jun 27 22:19:55 c2s17543c0      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:55 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:55 c2s17543c0      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:55 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x173dfb8
Jun 27 22:19:55 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:55 c2s17543c0      info    Client disconnected: ssl handshake failed
Jun 27 22:19:55 c2s17543c0      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:55 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:55 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55738 to 5222
Jun 27 22:19:55 c2s17109b0      info    Client connected
Jun 27 22:19:55 c2s17109b0      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:55 c2s17109b0      debug   Sent reply <stream:stream> to client
Jun 27 22:19:55 c2s17109b0      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:55 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:55 c2s17109b0      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:55 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x1861678
Jun 27 22:19:55 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:55 c2s17109b0      info    Client disconnected: ssl handshake failed
Jun 27 22:19:55 c2s17109b0      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:55 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:55 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55739 to 5222
Jun 27 22:19:55 c2s174f700      info    Client connected
Jun 27 22:19:55 c2s174f700      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:55 c2s174f700      debug   Sent reply <stream:stream> to client
Jun 27 22:19:55 c2s174f700      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:55 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:55 c2s174f700      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:55 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x1757808
Jun 27 22:19:55 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:55 c2s174f700      info    Client disconnected: ssl handshake failed
Jun 27 22:19:55 c2s174f700      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:55 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:55 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55740 to 5222
Jun 27 22:19:55 c2s17b4770      info    Client connected
Jun 27 22:19:55 c2s17b4770      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:55 c2s17b4770      debug   Sent reply <stream:stream> to client
Jun 27 22:19:55 c2s17b4770      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:55 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:55 c2s17b4770      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:55 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x1760f18
Jun 27 22:19:55 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:55 c2s17b4770      info    Client disconnected: ssl handshake failed
Jun 27 22:19:55 c2s17b4770      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:55 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:55 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55741 to 5222
Jun 27 22:19:55 c2s17b9df0      info    Client connected
Jun 27 22:19:55 c2s17b9df0      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:19:55 c2s17b9df0      debug   Sent reply <stream:stream> to client
Jun 27 22:19:55 c2s17b9df0      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:19:55 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:19:55 c2s17b9df0      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:19:55 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x184d8e8
Jun 27 22:19:55 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:19:55 c2s17b9df0      info    Client disconnected: ssl handshake failed
Jun 27 22:19:55 c2s17b9df0      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:19:55 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:19:57 c2s16812d0      debug   Received[c2s]: <iq id='purplee5cc0d1' type='get'>
Jun 27 22:20:03 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:20:25 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55747 to 5222
Jun 27 22:20:25 c2s17c3610      info    Client connected
Jun 27 22:20:25 c2s17c3610      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:20:25 c2s17c3610      debug   Sent reply <stream:stream> to client
Jun 27 22:20:25 c2s17c3610      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:20:25 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:20:25 c2s17c3610      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:20:25 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x17c0f28
Jun 27 22:20:25 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:20:25 c2s17c3610      info    Client disconnected: ssl handshake failed
Jun 27 22:20:25 c2s17c3610      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:20:25 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:20:25 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55748 to 5222
Jun 27 22:20:25 c2s17cb150      info    Client connected
Jun 27 22:20:25 c2s17cb150      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:20:25 c2s17cb150      debug   Sent reply <stream:stream> to client
Jun 27 22:20:25 c2s17cb150      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:20:25 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:20:25 c2s17cb150      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:20:25 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x17c8488
Jun 27 22:20:25 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:20:25 c2s17cb150      info    Client disconnected: ssl handshake failed
Jun 27 22:20:25 c2s17cb150      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:20:25 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:20:25 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55749 to 5222
Jun 27 22:20:26 c2s17d1a60      info    Client connected
Jun 27 22:20:26 c2s17d1a60      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:20:26 c2s17d1a60      debug   Sent reply <stream:stream> to client
Jun 27 22:20:26 c2s17d1a60      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:20:26 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:20:26 c2s17d1a60      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:20:26 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x1703a08
Jun 27 22:20:26 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:20:26 c2s17d1a60      info    Client disconnected: ssl handshake failed
Jun 27 22:20:26 c2s17d1a60      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:20:26 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:20:26 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55750 to 5222
Jun 27 22:20:26 c2s1777c20      info    Client connected
Jun 27 22:20:26 c2s1777c20      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:20:26 c2s1777c20      debug   Sent reply <stream:stream> to client
Jun 27 22:20:26 c2s1777c20      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:20:26 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:20:26 c2s1777c20      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:20:26 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x18ae198
Jun 27 22:20:26 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:20:26 c2s1777c20      info    Client disconnected: ssl handshake failed
Jun 27 22:20:26 c2s1777c20      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:20:26 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:20:26 socket  debug   server.lua: accepted new client connection from 1.2.3.13:55751 to 5222
Jun 27 22:20:26 c2s1775ae0      info    Client connected
Jun 27 22:20:26 c2s1775ae0      debug   Client sent opening <stream:stream> to domain.com
Jun 27 22:20:26 c2s1775ae0      debug   Sent reply <stream:stream> to client
Jun 27 22:20:26 c2s1775ae0      debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jun 27 22:20:26 socket  debug   server.lua: we need to do tls, but delaying until send buffer empty
Jun 27 22:20:26 c2s1775ae0      debug   TLS negotiation started for c2s_unauthed...
Jun 27 22:20:26 socket  debug   server.lua: attempting to start tls on tcp{client}: 0x1772468
Jun 27 22:20:26 socket  debug   server.lua: ssl handshake error: no shared cipher
Jun 27 22:20:26 c2s1775ae0      info    Client disconnected: ssl handshake failed
Jun 27 22:20:26 c2s1775ae0      debug   Destroying session for (unknown) ((unknown)@domain.com): ssl handshake failed
Jun 27 22:20:26 socket  debug   server.lua: closed client handler and removed socket from list
Jun 27 22:20:33 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:20:57 c2s16812d0      debug   Received[c2s]: <iq id='purplee5cc0d2' type='get'>
Jun 27 22:21:03 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:21:33 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:21:57 c2s16812d0      debug   Received[c2s]: <iq id='purplee5cc0d3' type='get'>
Jun 27 22:22:03 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:22:33 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:22:57 c2s16812d0      debug   Received[c2s]: <iq id='purplee5cc0d4' type='get'>
Jun 27 22:23:03 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>
Jun 27 22:23:33 c2s181cc00      debug   Received[c2s]: <iq id='ping' type='get'>

Assignee:: Unassigned

Reporter:: Aivis Purvinsh

Votes:: 2 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2014 Jun 27 20:43

Updated:: 2017 May 30 18:12

Resolved:: 2015 Oct 28 09:22

Details

Description

Attachments

Activity

People

Dates