#170 Cannot connect after commit 7730a29d8817d5e285c52cef39e54c21

Denis Doria

SIPE works fine until the patch 7730a29d8817d5e285c52cef39e54c21ec3aab9b; if I use the previous patch 0758cd0a3650c6f429c6383781bfa0d185ee4707 I'm able to connect without problems:

thuck@thuck~/p/siplcs (7730a29...|BISECTING)> git bisect bad
7730a29d8817d5e285c52cef39e54c21ec3aab9b is the first bad commit
commit 7730a29d8817d5e285c52cef39e54c21ec3aab9b
Author: Stefan Becker <stefan.becker@nokia.com>
Date: Sun Apr 11 00:38:59 2010 +0300

core cleanup: refactor sipe_login()

The core functionality is now split into two functions: one to allocate the
data structure and one to connect to the server.

:040000 040000 0c5759897358f480d2d7916978b36c55373a0870 7e8e32b40de246277b58ec5fd701bfccf4f4eb6c M src

For all compilations I'm using this line:

./git-build.sh --enable-ocs2005-message-hack --with-vv --enable-telepathy=no --enable-purple=yes --prefix=/usr --enable-quality-check=no; sudo make install; pidgin --debug


  • Denis Doria

    Denis Doria - 2012-05-17

    Log with failed connection

  • Stefan Becker

    Stefan Becker - 2012-05-17
    • status: open --> closed-duplicate
  • Stefan Becker

    Stefan Becker - 2012-05-17
    • status: closed-duplicate --> open
  • Stefan Becker

    Stefan Becker - 2012-05-17

    You are kidding, right? pidgin-sipe 1.13.1 is the only supported release, not 1.11.0. Can you reproduce this with 1.13.1?

    The log shows that you have configured SIPE to use NTLM authentication. It requests a NTLM challenge from the server, but instead of answering the server sends the same response as after the initial REGISTER. So I'm assuming that your server (or your account) is not configured/authorized to use NTLM.

    The authentication schemes offered by the server includes TLS-DSK, which means this must be a Lync installation. You should try 1.13.1 and choose TLS-DSK as authentication scheme.

    You should also check if you need to set the User-Agent. The FAQ on the wiki has a collection of User Agent strings so that you can fake a M$ client to the server.


  • Stefan Becker

    Stefan Becker - 2012-05-17
    • status: open --> closed-invalid
  • Denis Doria

    Denis Doria - 2012-05-17

    Hi stefanb2,

    I'm using the commits:
    0758cd0a3650c6f429c6383781bfa0d185ee4707 - that works
    7730a29d8817d5e285c52cef39e54c21ec3aab9b - that doesn't work

    Just to explain to you when the connection stopped to work, not to ask support for this version.

    I tested the version from the git repository, and it fails for ntlm and for the tls-dsk; and as I said it does not fail with the commit 0758cd0.

    If you check the commit 7730a29d8 you can see that this is related with the sipe_login(), and a very big chunk of code was included on it.

    Just to be clear I'm not changing anything between the tests only that commit, not the server, not the configuration, not the pidgin version, nothing at all.

    I don't think this is invalid, but this is your project, and you can ignore any ticket that you want.


  • Denis Doria

    Denis Doria - 2012-05-17
    • status: closed-invalid --> open-invalid
  • Stefan Becker

    Stefan Becker - 2012-05-18

    The problem is that I can't act on this bug report, because it contains invalid information:

    - the commit is from 2 years back, and has been in several releases. It has been working for everybody else and it it just happens not to work for you? Hihgly unlikely.

    - the commit is a refactor commit and doesn't touch any of the areas that show up in your log

    - your installation is Lync, but still you compile with --enable-ocs2005-message-hack.

    - your installation is Lync, but you refuse to reproduce it with the latest version, which for most Lync installations is a mandatory requirement.

    I admit that the log shows something strange, but i need to see that same log from the latest code before I can do something about it.

  • Denis Doria

    Denis Doria - 2012-05-18

    In the last version i have the problem with libnss, that you are working in other ticket.

    I cannot use any version of sipe after version 1.9.x, it fails since it, but as our company will start to use voice and video, and i don't want to use a windows machine only for this, i started to dig why it stopped to work, and i found this commit.
    I really understand that you need to focus on the last version, and this is old code, so no problem for me.
    Also I understand that you think that is strange that this only doesn't work for me ,but I use debian, and stable package is the 1.9.x, not even close to 1.13.4,. So considering the amount of people that did like me and rollback from version 1.11 to 1.9 because it stopped to work and so far didn't report it, and considering that debian will release soon a new version probably with sipe 1.11 and there is no rollback for old versions, maybe this will affect a larger user base.
    Also it fails for several people that works with me, maybe something in the server, but it's strange since the server works with the commit before the refactor.
    Anyway I'm going to follow the other ticket (libnss), and use the version 1.9 until i can use the last one, thanks.

  • Stefan Becker

    Stefan Becker - 2012-05-18


    This is a MICROSOFT BUG and nothing can be done in the pidgin-sipe code. You either have to keep a) NSS < 3.13.x, b) disable the NSS security fix with environment variable (see FAQ) or c) compile Pidgin with GnuTLS.

  • Stefan Becker

    Stefan Becker - 2012-05-18

    Please run 1.13.1 and include the log file to this bug report. I don't want to waste on my time on a ghost, because to be honest, I can't trust your git bisect result (if the root cause is outside pidgin-sipe code, git bisect'ing can't deliver a reliable result).

    As your installation is Lync, you will have to disable the NSS security fix if you have NSS 3.13.x installed. I also HIGHLY recommend to set User Agent to a M$ Lync client value from the FAQ.

    And I have not the foggiest idea what "sipe after version 1.9.x, it fails since it,
    but as our company will start to use voice and video," has to do with your problem. If you disable V&V during compilation, then SIPE account will not offer or react to V&V options.

    If you want get this fixed, please do as I ask.

  • Denis Doria

    Denis Doria - 2012-05-18

    I don't have any intention to open a ticket related with the nss, I'm just reading the thread.
    From my side there is no problem if you do not trust my bisect.

    Tested with the last version that I have, let me know if you have a newer one: 9ea4d0e78f914eef37a9c345867202beb2bdd776.
    Changing configuration to:

    User agent: UCCAPI/4.0.7577.314 OC/4.0.7577.314

    And compiling like this:
    thuck@thuck~/p/siplcs (fixer)> set NSS_SSL_CBC_RANDOM_IV 0
    thuck@thuck~/p/siplcs (fixer)> ./git-build.sh --with-vv --enable-telepathy=no --enable-purple=yes --prefix=/usr --enable-quality-check=no; sudo make install; pidgin --debug

    Make it work; but I still with problems in the version 1.11.2. (what I think you don't really care since this is a old version)

    What I meant by saying that pidgin-sipe fails for me after version 1.9.x is that today in debian's repository we have only two versions of sipe:
    Package: pidgin-sipe
    Version: 1.11.2-1.2

    Package: pidgin-sipe
    Version: 1.9.0-1.1

    And i tested version 1.11.2 and it doesn't work, although version 1.9.0 works, I did the bisect to figure out if this was a debian package problem or a problem in the sipe version, and as I said debian will release a new version soon, and the package 1.11 probably will be the default one, so I hope this is something specific from my environment.


  • Stefan Becker

    Stefan Becker - 2012-05-18
    • status: open-invalid --> closed-invalid
  • Stefan Becker

    Stefan Becker - 2012-05-18

    Well, SIPE project isn't responsible for Debian.

    If you need to stick with Debian then you'll either have to take up package ownership for Debian, so that the package for Debian will be kept up-to-date, or you'll have to use alternative sources for the pidgin-sipe package, e.g.


    Support for Debian 7.0 unfortunately will only be available once it has been released. Maybe Debian has then left the stone age and V&V features can finally be enabled on that platform.

    One note about NSS_SSL_CBC_RANDOM_IV: this needs to be set when you execute Pidgin, not when compiling pidgin-sipe.

    As 1.13.1 works for you I'm closing down this bug for good.


Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks