#249 Adium 1.5.10.: Sipe plugin 1.18.1 can't login to Office 365

OBSOLETE_(1.18.x)
closed-invalid
nobody
None
Adium
5
2016-04-23
2014-05-20
njwinter
No

Sipe plugin 1.18.1 doesn't login to Office 365 using Adium 1.5.10.
This is new behavior from the Adium update; 1.5.9 works with 1.18.1.

System OS: Mac OS X 10.9.3

1 Attachments

Related

Bugs: #250
Bugs: #251
Bugs: #252
Bugs: #253
Bugs: #254
Bugs: #266

Discussion

  • Stefan Becker

    Stefan Becker - 2014-05-20
    • status: open --> closed-invalid
     
  • Stefan Becker

    Stefan Becker - 2014-05-20

    Your log shows that your Lync service is not accepting SSL connections with BEAST mitigation (CVE-2011-3389):

    10:18:02: (Libpurple: cdsa) receive failed (-9806): Undefined error: 0
    

    See also Adium Ticket #16650 and SIPE Bug #216.

    Your log does not show that SSL BEAST mitigation workaround in Adium CDSA module has been activated. This can either mean that you have not selected that feature in the SIPE account settings or that Adium folks have decided not to include/forgotten to include the SSL BEAST mitigation workaround in the CDSA plugin for 1.5.10. If it is the latter then please file a bug with Adium.

    Closing as INVALID.

     
    Last edit: Stefan Becker 2014-05-20
  • Michael Lamb

    Michael Lamb - 2014-05-21

    Please ensure that the "Disable BEAST mitigations" checkbox is checked on the "Options" tab of your Account preferences.

    Due to the BEAST mitigations that are now enabled in 10.9 and 10.8.5+, you need to disable them when connecting to some OCS/Lync servers.

     
  • Stefan Becker

    Stefan Becker - 2014-05-21

    SIPEAdiumPlugin maintainer has verified that SSL BEAST mitigation workaround is included in the Adium 1.5.10 release binary. So the only reason can be that for some unknown reason the SSL BEAST mitigation setting got lost from your account settings. Please re-enable it.

     
  • Stefan Becker

    Stefan Becker - 2014-05-22

    Adium 1.5.10 is broken. They reverted a change from Adium 1.5.7 that fixed SSL read errors for SIPE in certain situations. Now that problem is back again :-(

     
  • Stefan Becker

    Stefan Becker - 2014-05-23

    The Adium bug ticket for this issue is #16356.

     
  • Stefan Becker

    Stefan Becker - 2014-05-23

    FYI: Adium bug tracker has now a new ticket #16773

    I have an idea how this problem can be fixed in the Adium source code, but I'll need to verify it first.

     
  • Stefan Becker

    Stefan Becker - 2014-05-23

    Status update:

    The revert for Adium #16356 was actually correct. Unfortunately the original fix was hiding the real root cause. SSL for SIPE connections does actually work, but not for one of them: login.microsoft.com.

    It looks like that server has the same issue as is being discussed for Yahoo servers (Adium #16678 and Pidgin #16172): the Microsoft server does not send a TLS close_notify alert before closing the connection. Mac OS X CDSA considers this an error and aborts the SSL connection (error code 9806). Unfortunately it doesn't first deliver the already received data upwards, so SIPE doesn't get a chance to complete the response processing.

    I currently have no idea if it is possible to disable the close_notify check in CDSA.

     
  • Stefan Becker

    Stefan Becker - 2014-05-26

    While the submitted fix sounds logical, it fails to fix the problem :-( I've therefore updated my fix proposal. I have removed the requirement to set an option from the plugin.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks