From: Matěj C. <mc...@re...> - 2009-11-04 15:03:40
|
Dne 13.10.2009 19:21, ex...@tw... napsal(a): > There are some known interoperability issues between OpenSSL and the SSL > libraries used by some Java XMPP services. If this is the problem, you > can work around it by setting the OP_NO_TICKET (0x00004000) option in > the client. If this doesn't fix the problem, then I don't have any > other guesses as to what might be wrong. Currently I have this patch against the master branch of gajim (thanks partially to Dave Kirkland for this), but I haven't seen any noticeable difference ... gajim still hangs in "Initiating handshake..." diff --git a/src/common/xmpp/tls_nb.py b/src/common/xmpp/tls_nb.py index 5ed1072..fc6b496 100644 --- a/src/common/xmpp/tls_nb.py +++ b/src/common/xmpp/tls_nb.py @@ -334,6 +334,10 @@ class NonBlockingTLS(PlugIn): begin = -1 i += 1 + def info_callback(conn, where, ret): + print >>sys.stderr, "[SSL info] %x = %d" % (where, + ret)#,`conn.state_string()` + def _startSSL_pyOpenSSL(self): log.debug("_startSSL_pyOpenSSL called") tcpsock = self._owner @@ -359,6 +363,8 @@ class NonBlockingTLS(PlugIn): tcpsock._sslObj = OpenSSL.SSL.Connection(tcpsock._sslContext, tcpsock._sock) tcpsock._sslObj.set_connect_state() # set to client mode + tcpsock._sslContext.set_options(OpenSSL.SSL.OP_NO_TICKET) + tcpsock._sslContext.set_info_callback( info_callback ) wrapper = PyOpenSSLWrapper(tcpsock._sslObj) tcpsock._recv = wrapper.recv tcpsock._send = wrapper.send Any ideas what should I do? Thanks for the replies so far, Matěj Cepl -- http://www.ceplovi.cz/matej/, Jabber: mcepl<at>ceplovi.cz GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC Faithful love is what people look for in a person; ... -- Proverbs 19:22 (NJB) |