alexeycher
Junior Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Цитата: Здравствуйте, в организации стоит Openfire 4.1.3 на Debian 8 jessie. К нему не подключаются мобильные клиенты, пробовал несколько (порты проброшены, из инета клиенты на PC подключаются), вот что пишет Xabber: http://imageshack.com/a/img923/7430/vMZPLa.png Есть ли возможность подружить Openfire и мобильники? | Поддерживаю - аналогичная фигня на свежеустановленном OpenFire 4.1.6 Попробовал с десяток разных мобильных XMPP-клиентов - подключиться удалось только двум: Jtalk Messenger и JtalkMod. у Xabber - ровно такая же ошибка. Upd: после проверки DNS (тут https://kingant.net/check_xmpp_dns/ )- выяснил что у меня недонастроена SRV запись для межсерверного обмена Донастроил. После этого заработали еще несколько мобильных клиентов (Sawim NE, IM+, Talkonaut) Но Xabber - все так же ругается. И файлы не передаются нигде Upd2: дебаг-лог на Xabber говорит о том, что ошибка связана с SSL, и это подтверждается тем, что если на OpenFire отключить шифрование напрочь - то Xabber цепляется быстро с разных аккаунтов и все выглядит ок. Но в чем именно проблема с установлением защищенного соединения - понять никак не могу... выдержка из лога - ниже, реальный JID в нем я заменил на testuser@mydomain ==================== 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ org.jivesoftware.smack.SmackException$NoResponseException: No response received within reply timeout. Timeout was 30000ms (~30s). While waiting for establishing TLS 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ org.jivesoftware.smack.SynchronizationPoint.checkForResponse(Unknown Source) 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ org.jivesoftware.smack.SynchronizationPoint.checkIfSuccessOrWait(Unknown Source) 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ org.jivesoftware.smack.SynchronizationPoint.checkIfSuccessOrWaitOrThrow(Unknown Source) 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ org.jivesoftware.smack.AbstractXMPPConnection.connect(Unknown Source) 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ com.xabber.android.data.connection.ConnectionThread.connectAndLogin(Unknown Source) 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ com.xabber.android.data.connection.ConnectionThread$1.run(Unknown Source) 2017-10-19_13-14-59 E/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ java.lang.Thread.run(Thread.java:818) 2017-10-19_13-14-59 D/ConnectionThread: testuser@mydomain/Xabber_ddd﹕ There was no successful connection, disabling account 2017-10-19_13-14-59 D/org.jivesoftware.smack.tcp.XMPPTCPConnection﹕ PacketWriter has been shut down 2017-10-19_13-14-59 D/org.jivesoftware.smack.tcp.XMPPTCPConnection﹕ PacketReader shutdown() 2017-10-19_13-14-59 D/org.jivesoftware.smack.tcp.XMPPTCPConnection﹕ PacketReader has been shut down 2017-10-19_13-14-59 W/org.jivesoftware.smack.AbstractXMPPConnection: Connection XMPPTCPConnection[not-authenticated] (2) closed with error 2017-10-19_13-14-59 W/org.jivesoftware.smack.AbstractXMPPConnection: javax.net.ssl.SSLProtocolException: Read error: ssl=0x7f72591b80: Failure in SSL library, usually a protocol error error:0c0890ba:ASN.1 encoding routines:asn1_check_tlen:WRONG_TAG (external/boringssl/src/crypto/asn1/tasn_dec.c:1313 0x7f863c60f8:0x00000000) error:0c09309d:ASN.1 encoding routines:asn1_template_ex_d2i:NESTED_ASN1_ERROR (external/boringssl/src/crypto/asn1/tasn_dec.c:572 0x7f7177ee00:0x00000001) error:0c09409d:ASN.1 encoding routines:asn1_template_noexp_d2i:NESTED_ASN1_ERROR (external/boringssl/src/crypto/asn1/tasn_dec.c:735 0x7f863c60f8:0x00000000) error:0c07909d:ASN.1 encoding routines:ASN1_item_ex_d2i:NESTED_ASN1_ERROR (external/boringssl/src/crypto/asn1/tasn_dec.c:343 0x7f71dec260:0x00000001) error:0c09409d:ASN.1 encoding routines:asn1_template_noexp_d2i:NESTED_ASN1_ERROR (external/boringssl/src/crypto/asn1/tasn_dec.c:711 0x7f863c60f8:0x00000000) at com.android.org.conscrypt.NativeCrypto.SSL_read(Native Method) at com.android.org.conscrypt.OpenSSLSocketImpl$SSLInputStream.read(OpenSSLSocketImpl.java:720) at java.io.InputStreamReader.read(InputStreamReader.java:233) at java.io.BufferedReader.read(BufferedReader.java:325) at org.jivesoftware.smack.util.ObservableReader.read(Unknown Source) at org.kxml2.io.KXmlParser.fillBuffer(KXmlParser.java:1515) at org.kxml2.io.KXmlParser.peekType(KXmlParser.java:992) at org.kxml2.io.KXmlParser.next(KXmlParser.java:349) at org.kxml2.io.KXmlParser.next(KXmlParser.java:313) at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(Unknown Source) at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(Unknown Source) at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(Unknown Source) at java.lang.Thread.run(Thread.java:818) ==================== и вот лог OpenFire в такие моменты, не точно в этот самый момент, видно по времени - но в один из аналогичных в процессе тестов (строку с именем домена так же заменил на mydomain) =========== 2017.10.19 13:50:02 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event SESSION_OPENED to session 119 Queue : [SESSION_OPENED, ] 2017.10.19 13:50:02 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_RECEIVED to session 119 Queue : [MESSAGE_RECEIVED, ] 2017.10.19 13:50:02 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 119 2017.10.19 13:50:02 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 119 Queue : [MESSAGE_SENT, ] 2017.10.19 13:50:02 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'ANONYMOUS' as it has been disabled by configuration. 2017.10.19 13:50:02 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'SCRAM-SHA-1' as the AuthFactory that's in used does not support password retrieval nor SCRAM. 2017.10.19 13:50:02 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'GSSAPI' as the 'sasl.gssapi.config' property has not been defined. 2017.10.19 13:50:02 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'CRAM-MD5' as the AuthFactory that's in used does not support password retrieval. 2017.10.19 13:50:02 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'DIGEST-MD5' as the AuthFactory that's in used does not support password retrieval. 2017.10.19 13:50:02 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'JIVE-SHAREDSECRET' as it has been disabled by configuration. 2017.10.19 13:50:02 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 119 Queue : [MESSAGE_SENT, , MESSAGE_SENT, ] 2017.10.19 13:50:02 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_RECEIVED to session 119 Queue : [MESSAGE_RECEIVED, ] 2017.10.19 13:50:02 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 119 2017.10.19 13:50:02 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Constructed trust manager. Number of trusted issuers: 173, accepts self-signed: false, checks validity: true 2017.10.19 13:50:02 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Constructed trust manager. Number of trusted issuers: 173, accepts self-signed: false, checks validity: true 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslFilter - Adding the SSL Filter tls to the chain 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](no sslEngine) Initializing the SSL Handler 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](no sslEngine) SSL Handler Initialization done. 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...) : Starting the first handshake 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_UNWRAP state 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Writing Message : WriteRequest: HeapBuffer[pos=0 lim=50 cap=64: 3C 70 72 6F 63 65 65 64 20 78 6D 6C 6E 73 3D 22...] 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Message received : HeapBuffer[pos=0 lim=198 cap=1024: 16 03 01 00 C1 01 00 00 BD 03 03 BD F7 BE B1 3C...] 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) Processing the received message 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_UNWRAP state 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_TASK state 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_WRAP state 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Writing Message : WriteRequest: HeapBuffer[pos=0 lim=16389 cap=16921: 16 03 03 40 00 02 00 00 4D 03 03 59 E8 83 5A 30...] 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_WRAP state 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Writing Message : WriteRequest: HeapBuffer[pos=0 lim=4004 cap=4230: 16 03 03 0F 9F 30 26 06 03 55 04 03 0C 1F 45 2D...] 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_UNWRAP state 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_UNWRAP state 2017.10.19 13:50:02 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Processing the SSL Data 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Message received : HeapBuffer[pos=0 lim=138 cap=1024: 16 03 03 00 07 0B 00 00 03 00 00 00 16 03 03 00...] 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) Processing the received message 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_UNWRAP state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_TASK state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_UNWRAP state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_TASK state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_UNWRAP state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_WRAP state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Writing Message : WriteRequest: HeapBuffer[pos=0 lim=6 cap=8: 14 03 03 00 01 01] 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the NEED_WRAP state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslFilter - Session Server[119](ssl...): Writing Message : WriteRequest: HeapBuffer[pos=0 lim=45 cap=66: 16 03 03 00 28 00 00 00 00 00 00 00 00 84 49 4D...] 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](ssl...) processing the FINISHED state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](SSL) is now secured 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](SSL) processing the FINISHED state 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](SSL) is now secured 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslFilter - Session Server[119](SSL): Processing the SSL Data 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslFilter - Session Server[119](SSL): Message received : HeapBuffer[pos=0 lim=206 cap=512: 17 03 03 00 C9 00 00 00 00 00 00 00 01 08 54 C6...] 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslHandler - Session Server[119](SSL) Processing the received message 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslFilter - Session Server[119](SSL): Processing the SSL Data 2017.10.19 13:50:03 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_RECEIVED to session 119 Queue : [MESSAGE_RECEIVED, ] 2017.10.19 13:50:03 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 119 2017.10.19 13:50:03 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'ANONYMOUS' as it has been disabled by configuration. 2017.10.19 13:50:03 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'SCRAM-SHA-1' as the AuthFactory that's in used does not support password retrieval nor SCRAM. 2017.10.19 13:50:03 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'GSSAPI' as the 'sasl.gssapi.config' property has not been defined. 2017.10.19 13:50:03 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'CRAM-MD5' as the AuthFactory that's in used does not support password retrieval. 2017.10.19 13:50:03 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'DIGEST-MD5' as the AuthFactory that's in used does not support password retrieval. 2017.10.19 13:50:03 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support 'JIVE-SHAREDSECRET' as it has been disabled by configuration. 2017.10.19 13:50:03 org.jivesoftware.openfire.nio.NIOConnection - Peer does not offer certificates in session: org.jivesoftware.openfire.session.LocalClientSession@45c8b6f0 status: 1 address: mydomain/aog4yghpuy id: aog4yghpuy presence: <presence type="unavailable"/> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source) at org.jivesoftware.openfire.nio.NIOConnection.getPeerCertificates(NIOConnection.java:201) at org.jivesoftware.openfire.net.SASLAuthentication.getSASLMechanismsElement(SASLAuthentication.java:206) at org.jivesoftware.openfire.net.SASLAuthentication.getSASLMechanisms(SASLAuthentication.java:182) at org.jivesoftware.openfire.net.StanzaHandler.tlsNegotiated(StanzaHandler.java:439) at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:137) at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandler.java:181) at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:407) at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:236) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:74) at org.apache.mina.core.session.IoEvent.run(IoEvent.java:63) at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTask(OrderedThreadPoolExecutor.java:769) at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTasks(OrderedThreadPoolExecutor.java:761) at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.run(OrderedThreadPoolExecutor.java:703) at java.lang.Thread.run(Unknown Source) 2017.10.19 13:50:03 org.apache.mina.filter.ssl.SslFilter - Session Server[119](SSL): Writing Message : WriteRequest: HeapBuffer[pos=0 lim=415 cap=512: 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 27 31...] 2017.10.19 13:50:03 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 119 Queue : [MESSAGE_SENT, ] 2017.10.19 13:50:32 org.apache.mina.filter.ssl.SslFilter - Session Server[119](SSL): Message received : HeapBuffer[pos=0 lim=31 cap=512: 15 03 03 00 1A 00 00 00 00 00 00 00 02 7E A7 73...] 2017.10.19 13:50:32 org.apache.mina.filter.ssl.SslHandler - Session Server[119](SSL) Processing the received message 2017.10.19 13:50:32 org.apache.mina.filter.ssl.SslFilter - Session Server[119](SSL): Processing the SSL Data 2017.10.19 13:50:32 org.apache.mina.filter.ssl.SslFilter - Session Server[119]: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=31 cap=33: 15 03 03 00 1A 00 00 00 00 00 00 00 02 3C B9 DB...] 2017.10.19 13:50:32 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event EXCEPTION_CAUGHT to session 119 Queue : [EXCEPTION_CAUGHT, ] 2017.10.19 13:50:32 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event SESSION_CLOSED to session 119 Queue : [EXCEPTION_CAUGHT, , SESSION_CLOSED, ] ============================================= | Всего записей: 82 | Зарегистр. 18-04-2006 | Отправлено: 14:12 18-10-2017 | Исправлено: alexeycher, 14:00 19-10-2017 |
|