Process-one
ejabberd
ejabberd@conference.process-one.net
Wednesday, February 7, 2018< ^ >
zinid has set the subject to: ejabberd discussions: https://docs.ejabberd.im
Room Configuration
Room Occupants

GMT+0
[00:04:17] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[00:14:18] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[00:16:58] vanitasvitae leaves the room: Rechner geht in den Ruhezustand
[00:19:08] cippaciong leaves the room: Connection failed: connection timed out
[00:19:48] <Student> have a question
mod_pres_counter
it works for all, can this be done for example - my domain users from my virtual host - this mod disabled, but for those who are not from my vhost - enabled, I mean my users can for example import their contacts, so this will be many stanzas, and this mode block this - importing contacts
[00:23:15] joekokker leaves the room: Replaced by new connection
[00:23:34] suzyo leaves the room
[00:24:50] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[00:48:38] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[01:13:08] pod leaves the room
[01:47:41] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[02:04:44] carlos leaves the room
[02:10:22] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[02:21:06] Licaon_Kter leaves the room: unknown reason
[02:26:11] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[02:26:46] alacer leaves the room: Stream closed by us: Replaced by new connection (conflict)
[02:26:58] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[02:43:48] Licaon_Kter leaves the room
[02:46:05] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[02:47:03] <uio> zinid: The error related to stream management I mentioned doesn't occur at each connect. I refreshed all the accounts and now I haven't seen it again
[02:47:29] <uio> But the "tls authentication failed" thing is still driving me nuts.
[02:48:52] <uio> It seems the server is accepting connections but tls negociation is stopping all together. Just captured a gamin xml stream
[02:48:55] <uio> Gajim log :
<!-- Out 2018/2/7 10:33:18 -->
<?xml version='1.0'?>
<stream:stream xmlns="jabber:client" to="server.com" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xml:lang="zh" >
<!-- In 2018/2/7 10:33:18 -->
<?xml version='1.0'?>
<stream:stream id='3381008617988085980' version='1.0' xml:lang='zh' xmlns:stream='http://etherx.jabber.org/streams' from='server.com' xmlns='jabber:client'>
<stream:features>
<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
<required/>
</starttls>
</stream:features>
<!-- Out 2018/2/7 10:33:18 -->
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<!-- In 2018/2/7 10:33:18 -->
<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
Ejabberd log
2018-02-07 10:40:30.317 [info] <0.360.0>@ejabberd_listener:accept:302 (<0.2004.0>) Accepted connection ::ffff:36.5.117.81:30994 -> ::ffff:111.111.111.111:5223
2018-02-07 10:40:40.545 [info] <0.360.0>@ejabberd_listener:accept:302 (<0.2005.0>) Accepted connection ::ffff:36.5.117.81:30997 -> ::ffff:111.111.111.111:5223
2018-02-07 10:40:50.780 [info] <0.360.0>@ejabberd_listener:accept:302 (<0.2006.0>) Accepted connection ::ffff:36.5.117.81:31003 -> ::ffff:111.111.111.111:5223
2018-02-07 10:41:01.057 [info] <0.360.0>@ejabberd_listener:accept:302 (<0.2007.0>) Accepted connection ::ffff:36.5.117.81:31007 -> ::ffff:111.111.111.111:5223
2018-02-07 10:41:11.294 [info] <0.360.0>@ejabberd_listener:accept:302 (<0.2008.0>) Accepted connection ::ffff:36.5.117.81:31015 -> ::ffff:111.111.111.111:5223
2018-02-07 10:41:25.694 [info] <0.359.0>@ejabberd_listener:accept:302 (<0.2009.0>) Accepted connection ::ffff:36.5.117.81:31023 -> ::ffff:111.111.111.111:5222
2018-02-07 10:41:25.725 [info] <0.359.0>@ejabberd_listener:accept:302 (<0.2010.0>) Accepted connection ::ffff:36.5.117.81:31026 -> ::ffff:111.111.111.111:5222
2018-02-07 10:41:26.578 [info] <0.360.0>@ejabberd_listener:accept:302 (<0.2011.0>) Accepted connection ::ffff:36.5.117.81:31029 -> ::ffff:111.111.111.111:5223
[02:50:46] <uio> Could this be related to Cipher settings on the server ? I notice that sometimes it connects successfuly from Conversations. The success rate is something like 1/7.
[02:51:35] alacer leaves the room: Stream closed by us: Replaced by new connection (conflict)
[02:53:30] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[03:06:07] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[03:07:14] mrDoctorWho leaves the room
[03:12:29] mrDoctorWho leaves the room
[03:19:45] Licaon_Kter leaves the room: Connection failed: ping_timeout
[03:20:50] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[03:31:21] mrDoctorWho leaves the room
[03:32:01] uio leaves the room
[03:36:16] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[03:56:13] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[04:16:22] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[04:35:07] mrDoctorWho leaves the room
[04:44:52] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[05:02:20] Man_Life leaves the room: Logged out
[05:04:39] pod leaves the room
[05:06:19] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[05:26:28] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[05:46:24] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[05:59:20] <zinid> uio: did you touch the cipher settings?
[06:02:42] pprrks leaves the room
[06:07:21] suzyo leaves the room
[06:10:36] Student leaves the room
[06:16:25] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[06:21:59] <uio> zinid: Nope. Still the defaults
[06:23:25] <zinid> uio, the log is strange: gajim is performing STARTTLS, while I see Direct-TLS port in the log
[06:23:49] <zinid> or do you use 5223 for STARTTLS?
[06:24:06] <zinid> show c2s listener configuration please
[06:25:02] ata2001 leaves the room: Disconnected: closed
[06:27:34] <uio> Let me get it ...
[06:31:01] ata2001 leaves the room: Disconnected: closed
[06:32:32] <uio> ###.  ===============
###'  LISTENING PORTS
##
## listen: The ports ejabberd will listen on, which service each is handled
## by and what options to start it with.
##
listen:
  -
    port: 5222
    ip: "::"
    module: ejabberd_c2s
    ##
    ## If TLS is compiled in and you installed a SSL
    ## certificate, uncomment this line:
    ##
    starttls: true
    ##
    ## To enforce TLS encryption for client connections,
    ## use this instead of the "starttls" option:
    ##
    starttls_required: true
    ##
    ## Stream compression
    ##
    zlib: true
    ##
    max_stanza_size: 65536
    shaper: c2s_shaper
    access: c2s
  -
    port: 5269
    ip: "::"
    module: ejabberd_s2s_in
  -
    port: 5280
    ip: "::"
    module: ejabberd_http
    request_handlers:
      "/ws": ejabberd_http_ws
      "/bosh": mod_bosh
      "/api": mod_http_api
    ##  "/pub/archive": mod_http_fileserver
    web_admin: true
    ## register: true
    captcha: true
  ##
  ## Direct-TLS for C2S (XEP-0368). A good practice is to forward
  ## traffic from port 443 to this port, possibly multiplexing it
  ## with HTTP using e.g. sslh [https://wiki.xmpp.org/web/Tech_pages/XEP-0368],
  ## so modern clients can bypass restrictive firewalls (in airports, hotels, etc.).
  ##
  -
    port: 5223
    ip: "::"
    module: ejabberd_c2s
    tls: true
  ##  max_stanza_size: 65536
  ##  shaper: c2s_shaper
  ##   access: c2s
  ##
  ## ejabberd_service: Interact with external components (transports, ...)
[06:33:02] <uio> Here it is , is this what you want to have a look at ?
[06:34:08] <zinid> the configuration looks fine, but you didn't show connections to port 5222 in your log
[06:34:11] <zinid> do you see them?
[06:34:18] <zinid> $ grep 5222 ejabberd.log
[06:34:27] hlad leaves the room
[06:36:35] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[06:36:36] <uio> tion ::ffff:139.59.80.85:58754 -> ::ffff:47.90.44.7:5222
2018-02-07 14:25:03.062 [info] <0.372.0>@ejabberd_listener:accept:302 (<0.672.0>) Accepted connection ::ffff:36.5.117.81:31566 -> ::ffff:47.90.44.7:5222
2018-02-07 14:25:20.750 [info] <0.372.0>@ejabberd_listener:accept:302 (<0.674.0>) Accepted connection ::ffff:139.59.80.85:58756 -> ::ffff:47.90.44.7:5222
...
[06:36:48] <zinid> and that's it? no warnings, nothing?
[06:37:32] <uio> But I had disabled encryption to rule out the problem. It is connecting fine without encryption. Let me enable it and come back to you after a few trials.
[06:38:07] <uio> I mean TLS
[06:41:07] <zinid> yes, enable please
[06:41:45] <zinid> your TLS works just fine, I checked your server :P
[06:41:55] <zinid> both direct-tls and starttls
[06:43:31] pod leaves the room: Replaced by new connection
[06:43:42] <zinid> uio, you can try yourself:
[06:43:51] <zinid> $ openssl s_client -connect s****.im:5222 -starttls xmpp
[06:48:04] <Student> zinid: No client certificate CA names sent шт щгезге шы ше щл?
[06:48:54] <zinid> Student, what?
[06:49:21] <Student> I check with openssl s_client -connect mydomain:5222 -starttls xmpp
[06:49:31] <uio> openssl s_client -connect server.com:5222 -starttls xmpp
CONNECTED(00000003)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/CN=server.com
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAzoOzH2se9hYGkrscxBbp6VKMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAyMDYwNTA5MTlaFw0x
ODA1MDcwNTA5MTlaMBQxEjAQBgNVBAMTCXNhbGFtYS5pbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMqP0xqMKj3VEu0KZiUoMzpEh9LcCmApG+jd9aaY
AdOI9xQTHYz4Vdjx519K2mae8WGWbaLSnl6KKhRl98c2khUbtgKmxgZvVtnXWv8Y
NdOSVjVCFM0Ye3Paza8crpvDe6zh+C12pSaKP8XmNsY9ZHRvB3uSGs6+uE1GLMln
vi/HTu4HqEAFAHaF3O9E20h3/XzCl37AF97IbtT0zKBpr0NjvsSmSt0ZDfS3zCpE
HPyFXlDSoOSWe4w+1PsdXN2w7LLOBLdPYxiq6mokcYngnn8SPkYJcodppCSIRPgN
LEWXeNvUrheWJiENdzzvurfkF/Xe9KoNw4mvB/Hynkd+WUcCAwEAAaOCAhgwggIU
MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU+r0PPVLTpAULo/cU5YBVq+Vm6bowHwYD
VR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4G
CCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8G
CCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAj
BgNVHREEHDAagglzYWxhbWEuaW2CDXd3dy5zYWxhbWEuaW0wgf4GA1UdIASB9jCB
8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRw
Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENl
cnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFy
dGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRl
IFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0
b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAGRiL+AASLDcChtslddY1LA49X0DBo1tF
UoyncQIVH1GmsVU3nujoYRxLkPOeyRAJtfo4tmDy0Cnc1Ajwf64sFxIp1rnZ3rES
L62CTH8oCdwxbp2+s5HL2o5KsUmeMEvUrO/LRkRdhHCxLDuaI16m/tKxNh0q+W5E
ZqKuHGtNFMk3UKJfQBv5/LZXX5gF2NUyr+UVYYC+i6DfzMOD85x2/OBm9OomKsds
nOI4te2YMVoHqF4AfRJfKSIjxODtz07+soBOmjA091J9RT6MYwlH1VSt223g121g
q0XfvHM0xIbThagpAdPdXrzW2QPSzquFP4PapE8xtTfdqg0nij/zOA==
-----END CERTIFICATE-----
subject=/CN=server.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
---
SSL handshake has read 3320 bytes and written 598 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID:
    Session-ID-ctx:
    Master-Key: 67064589BF74B2E27967E3D1B2F8539B3816B66C2A5F542AA6461D9D8B8CEE483959FD1E51EF86E6C10B0BD67F7EC9ED
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1517986052
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---
read:errno=0
[06:49:38] <uio> Getting this with your command
[06:50:02] <uio> What does " Verify return code: 20 (unable to get local issuer certificate)" mean ? Could this be the problem?
[06:50:02] <zinid> uio, so TLS connection is working
[06:50:22] <zinid> uio, no, that will be a problem for s2s connections
[06:50:36] <zinid> what OS?
[06:53:33] <uio> Distributor ID: Ubuntu
Description:    Ubuntu 14.04.5 LTS
Release:        14.04
Codename:       trusty
[06:53:54] <zinid> Student, that's normal to see this string
[06:54:04] <Student> ok
[06:54:06] <Student> thanks
[06:54:28] <Student> have some questions about ciphers
[06:54:31] <zinid> Student, that just means that openssl command doesn't send any certificates (you can change that of course, but it will be ignored by the server anyway)
[06:55:06] <zinid> uio, do you have CA certificates installed?
[06:55:16] <zinid> uio, they should be in /etc/openssl/certs
[06:55:32] pod leaves the room
[06:56:01] <Student> in my config : ciphers: "HIGH:!ECDHE-RSA-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!DES-CBC3-SHA:!3DES:!aNULL:!SSLv2:@STRENGTH"
but I saw other examples like this  :'CIPHERS': "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES256-GCM-SHA384:CAMELLIA256-SHA:AES256-SHA256:AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-SEED-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:AES128-GCM-SHA256:SEED-SHA:CAMELLIA128-SHA:AES128-SHA256:AES128-SHA:IDEA-CBC-SHA"
  
[06:56:08] SaltyBones leaves the room
[06:56:35] <uio> >uio, do you have CA certificates installed?
[06:57:01] <uio> No they are not there. Let me look at how to install them
[06:57:19] <zinid> uio, `apt install ca-certificates` or something like that
[06:59:28] <uio> Reading state information... Done
ca-certificates is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 5 not upgraded.
They must be in a different location. They are already installed
[06:59:40] <zinid> and this Ubuntu sounds acient as hell
[06:59:54] <uio> Hahahah
[06:59:56] <zinid> uio, find the location then ;)
[07:05:28] christoph leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:06:20] ata2001 leaves the room: Disconnected: closed
[07:07:40] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:08:58] <uio> Seems like they are in $/etc/ssl# ls
certs  openssl.cnf  private
[07:09:09] <uio> are these the expected files inside ?
[07:13:18] <zinid> ah
[07:13:18] <zinid> yes
[07:13:41] <zinid> not sure why openssl doesn't see them
[07:14:30] <uio> Is there a way to force ejabberd to look into this  location ?
[07:15:14] <zinid> uio, yes, find ca bundle in /etc/ssl/certs and point its location in `ca_file` option
[07:15:28] <zinid> I don't know how it's called in Ubuntu
[07:15:48] <zinid> in my Debian it's ca-certificates.crt
[07:19:18] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:20:39] rom1dep leaves the room: Stream closed by us: Replaced by new connection (conflict)
[07:21:00] <uio> Mine is also called ca-certificates.crt
[07:21:11] <uio> certfiles:
   - "/etc/letsencrypt/live/example.org/*.pem"
## If your system provides only a single CA file (CentOS/FreeBSD):
ca_file: "/etc/ssl/certs/ca-certicicates.crt"
[07:21:19] <uio> So this should do the trick right ?
[07:21:40] <zinid> yes, but looks like you have a space in front of ca_file
[07:22:20] <uio> Ah
[07:22:42] <uio> Let me try.will remove the space
[07:34:01] rom1dep leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:35:47] <uio> Server restarted with this new configuration but problem persists. Shouldn't LetsEncrypt be listed in the CAs in there ? I find Verisign and COMODO pem files in there but nome for LetEncrypt. Could this be the problem ?
[07:36:33] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:38:05] <zinid> LE is signed by DST Root CA X3
[07:38:09] <zinid> check if it presents
[07:38:16] <zinid> also, what problem?
[07:38:18] <zinid> in openssl?
[07:38:34] <zinid> I think you can safely ignore openssl output now, because you configured ejabberd already
[07:38:59] <zinid> also, make sure if you have "Accepted inbound s2s EXTERNAL" in your log, if you have, then CA is configured correctly in ejabberd
[07:39:40] <zinid> If you see a lot of failures, then something doesn't work
[07:41:46] <uio> > also, what problem?
I get TLS authentication failed when I try to connect to the server
[07:41:58] <zinid> that's client problem ;)
[07:42:08] <zinid> the stuff we just did was for s2s :D
[07:42:14] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:42:18] <uio> DST Root CA X3 is listed
[07:42:24] <zinid> then you're fine
[07:42:28] <zinid> s2s will work
[07:42:49] zuglufttier leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:42:59] <zinid> however, I really don't know what problem with clients you have
[07:43:13] <zinid> you can create an account for me and I can check
[07:43:56] <uio> >that's client problem ;)
Will keep looking
[07:46:17] <uio> Just sent account privately.
[07:51:50] <uio> Thanks for your help zinid.
[07:53:21] <zinid> uio, you're welcome
[07:56:35] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[07:58:44] mimi89999 leaves the room
[07:59:38] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[08:00:34] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[08:02:32] <zinid> Student, just don't touch the cipher suit, the defaults from 18.01 are fine in most situations
[08:03:19] <zinid> uio, also, do you see any warnings in ejabberd.log?
[08:03:59] <Student> in default config ciphers are not presented
[08:04:45] <Student> only there ## define_macro:
##   'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH"
##   'TLS_OPTIONS':
##     - "no_sslv3"
##     - "cipher_server_preference"
[08:04:54] <Student> I mean value
[08:06:53] <zinid> why do you want to touch them?
[08:07:02] <zinid> you know nothing about ciphers, what's the point?
[08:07:04] <zinid> to do what?
[08:07:29] <zinid> this cipher crap is for hardcore cryptobitches
[08:08:10] joekokker leaves the room
[08:11:08] <Student> I understand you my current value I take from old config, while migrate to new server
[08:15:52] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[08:16:36] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[08:25:12] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[08:38:39] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[08:42:10] ileh leaves the room
[08:58:05] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[08:59:06] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[08:59:51] hlad leaves the room
[09:02:54] ThUnD3r|Gr33n leaves the room: Connection failed: connection closed
[09:03:53] ileh leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[09:05:05] ThUnD3r|Gr33n leaves the room: Connection failed: connection closed
[09:05:48] suzyo leaves the room
[09:07:39] ThUnD3r|Gr33n leaves the room: Connection failed: connection closed
[09:08:15] ata2001 leaves the room
[09:09:37] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[09:10:01] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[09:15:37] ThUnD3r|Gr33n leaves the room: Connection failed: connection closed
[09:21:51] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[09:22:23] ThUnD3r|Gr33n leaves the room: Connection failed: connection closed
[09:22:53] jannic leaves the room: Replaced by new connection
[09:24:42] ThUnD3r|Gr33n leaves the room: Connection failed: connection closed
[09:25:10] mimi89999 leaves the room
[09:27:41] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[09:35:51] Licaon_Kter leaves the room: Connection failed: ping_timeout
[09:36:27] jeremy leaves the room
[09:45:58] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[10:06:58] Licaon_Kter leaves the room: Connection failed: connection closed
[10:13:18] christoph leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[10:15:56] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[10:22:20] zuglufttier leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[10:26:17] suzyo leaves the room
[10:28:10] Akasch leaves the room: Rechner geht in den Ruhezustand
[10:28:44] christoph leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[10:36:03] Akasch leaves the room: Replaced by new connection
[10:44:49] SaltyBones leaves the room: Machine going to sleep
[10:45:49] vanitasvitae leaves the room
[10:51:35] jeremy leaves the room: Stream closed by us: Replaced by new connection (conflict)
[10:53:08] jeremy leaves the room: Stream closed by us: Replaced by new connection (conflict)
[10:56:46] Licaon_Kter leaves the room: Connection failed: ping_timeout
[11:06:07] cromain leaves the room
[11:08:49] cromain leaves the room
[11:11:30] ileh leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[11:12:31] <uio> >uio, also, do you see any warnings in ejabberd.log?
[11:13:08] <uio> No warnings now. Just normal stuff.
[11:15:48] <uio> Getting unsolliscitated s2s connection requests
[11:15:48] <zinid> uio: 👍
[11:15:53] <uio> 2018-02-07 19:13:20.173 [info] <0.1321.0>@ejabberd_c2s:handle_auth_failure:442 (tls|<0.1321.0>) Failed c2s PLAIN authentication for short332@server.com from ::ffff:142.4.211.161: Invalid username or password
2018-02-07 19:13:22.511 [info] <0.365.0>@ejabberd_listener:accept:302 (<0.1322.0>) Accepted connection ::ffff:95.183.48.58:40439 -> ::ffff:111.111.111.111:5269
2018-02-07 19:13:22.767 [info] <0.1322.0>@ejabberd_s2s_in:handle_auth_failure:204 (tcp|<0.1322.0>) Failed inbound s2s dialback authentication sj.ms -> server.com (::ffff:95.183.48.58): Verification failed: Access denied by service policy (forbidden)
2018-02-07 19:13:28.658 [info] <0.363.0>@ejabberd_listener:accept:302 (<0.1323.0>) Accepted connection ::ffff:89.234.157.254:37117 -> ::ffff:111.111.111.111:5222
[11:16:12] Marzanna leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[11:16:21] <uio> Should take some time and blacklist all those ;-)
[11:21:14] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[11:30:55] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[11:38:17] hlad leaves the room
[11:39:12] christoph leaves the room
[11:46:45] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[11:47:25] suzyo leaves the room
[11:49:34] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[12:02:47] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[12:03:24] zinid leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[12:05:06] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[12:05:57] <Holger> zinid: By the way, one advantage I see in sticking to current XMPP core (as opposed to going for a global DB / replicating FSM) is that it works for those IoT use cases.
[12:06:31] <Holger> The Matrix people keep trying to seel their stuff for IoT.  I think stefandxm had a quick look and said it's insane.  They have zero need for any archiving.
[12:06:42] <Holger> s/seel/sell/
[12:07:20] rom1dep leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[12:11:36] Man_Life leaves the room: Logged out
[12:14:36] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[12:22:30] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[12:26:06] <Holger> zinid: https://github.com/processone/xmpp/blob/b5ddff6/specs/xmpp_codec.spec#L3086
[12:26:39] <Holger> zinid: As the 'default' attribute isn't 'required', it will be decoded to 'undefined' if the client didn't specify it, right?
[12:27:13] <Holger> Which would explain why I have a user with archive_prefs def = undefined in the DB.
[12:28:26] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[12:31:33] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[12:38:03] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[12:38:42] suzyo leaves the room
[12:47:12] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[12:56:30] prefiks leaves the room: Replaced by new connection
[12:58:11] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[13:01:40] rom1dep leaves the room
[13:01:40] hlad leaves the room
[13:01:53] rom1dep leaves the room
[13:02:59] suzyo leaves the room
[13:05:01] alacer leaves the room: Stream closed by us: Replaced by new connection (conflict)
[13:11:50] cromain leaves the room
[13:14:10] Licaon_Kter leaves the room: Connection failed: connection closed
[13:15:45] <zinid> Holger: yes
[13:17:05] <zinid> Holger: if the device is stateless then no archiving is required indeed
[13:19:36] suzyo leaves the room
[13:23:19] suzyo leaves the room
[13:24:26] suzyo leaves the room: Disconnected: Replaced by new connection
[13:26:02] bowlofeggs leaves the room
[13:28:44] suzyo leaves the room
[13:29:27] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[13:30:56] frainz leaves the room
[13:33:24] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[13:44:01] suzyo leaves the room
[13:44:26] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[13:48:19] suzyo leaves the room: Disconnected: Replaced by new connection
[13:50:45] suzyo leaves the room
[13:56:13] suzyo leaves the room
[13:56:23] <zinid> Holger: yeah, there is weird shit with `default` attribute, I guess if an attribute is not required it must have default value
[13:56:25] ileh leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[13:57:44] <Holger> Not sure.  Maybe the code (mod_mam.erl) should handle this.
[13:58:26] <Holger> Also maybe this specific attribute should really be required in 0313 ...
[14:00:43] <zinid> Holger: I think we cannot make it required without bumping namespace, so seems like mod_mam should handle that correctly
[14:01:18] <Holger> Yeah.  So it should probably get the default from the configuration.
[14:01:30] <Holger> So mod_mam is the right place to handle this, not 'xmpp'.
[14:03:45] <zinid> Holger: ok
[14:04:26] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[14:16:47] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[14:35:48] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[14:43:22] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[14:44:54] Licaon_Kter leaves the room: Connection failed: connection closed
[14:45:00] suzyo leaves the room
[14:45:42] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[14:46:48] suzyo leaves the room
[14:50:39] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[14:50:39] jere leaves the room: Disconnected: Replaced by new connection
[14:53:07] zinid leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[15:03:03] suzyo leaves the room: Disconnected: Replaced by new connection
[15:03:15] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[15:03:52] SaltyBones leaves the room: Connection failed: connection closed
[15:11:34] marc leaves the room: Stream closed by us: Replaced by new connection (conflict)
[15:11:48] suzyo leaves the room
[15:13:25] christoph leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[15:21:33] hlad leaves the room
[15:28:39] suzyo leaves the room: Disconnected: Replaced by new connection
[15:33:39] suzyo leaves the room: Disconnected: Replaced by new connection
[15:40:43] suzyo leaves the room: Disconnected: Replaced by new connection
[15:43:38] Marzanna leaves the room
[15:45:31] Licaon_Kter leaves the room: unknown reason
[15:45:31] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[15:48:20] suzyo leaves the room
[15:49:27] suzyo leaves the room: Disconnected: Replaced by new connection
[15:51:09] geakins leaves the room
[15:51:41] suzyo leaves the room: Disconnected: Replaced by new connection
[15:56:11] suzyo leaves the room: Disconnected: Replaced by new connection
[15:57:27] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[16:00:29] suzyo leaves the room
[16:05:20] suzyo leaves the room: Disconnected: Replaced by new connection
[16:13:29] zuglufttier leaves the room
[16:21:55] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[16:24:14] zuglufttier leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[16:25:58] ata2001 leaves the room
[16:28:00] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[16:28:52] jere leaves the room
[16:33:43] cippaciong leaves the room: Stream closed by us: Replaced by new connection (conflict)
[16:36:42] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[16:43:10] Licaon_Kter leaves the room: Connection failed: ping_timeout
[16:44:46] suzyo leaves the room
[16:48:40] Man_Life leaves the room
[16:51:57] cromain leaves the room
[16:59:35] marc leaves the room: unknown reason
[17:03:54] erik leaves the room: Stream closed by us: Replaced by new connection (conflict)
[17:14:03] hlad leaves the room
[17:14:08] rom1dep leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[17:14:13] SaltyBones leaves the room: unknown reason
[17:42:35] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[17:50:12] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[18:00:20] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[18:05:04] Licaon_Kter leaves the room: Connection failed: connection closed
[18:09:15] frainz leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[18:20:18] Licaon_Kter leaves the room: unknown reason
[18:25:33] hlad leaves the room
[18:27:20] joekokker leaves the room
[18:32:49] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[18:40:46] prefiks leaves the room
[18:51:51] hlad leaves the room
[18:54:31] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[19:07:22] rom1dep leaves the room: Stream closed by us: Replaced by new connection (conflict)
[19:07:59] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[19:10:59] Man_Life leaves the room
[19:11:31] <zinid> Holger, Travis is passing now, yay!
[19:13:45] <Holger> Very cool!
[19:16:41] suzyo leaves the room
[19:20:45] rom1dep leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[19:45:37] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[19:53:41] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[19:56:42] zinid leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[20:01:03] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[20:03:22] zinid leaves the room: SIGHUP received
[20:03:44] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[20:12:29] christoph leaves the room
[20:14:05] Man_Life leaves the room
[20:14:20] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[20:14:30] SaltyBones leaves the room
[20:15:53] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[20:18:43] hlad leaves the room
[20:19:06] Akasch leaves the room: Rechner geht in den Ruhezustand
[20:27:19] alacer leaves the room: Stream closed by us: Replaced by new connection (conflict)
[20:29:21] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[20:33:18] Licaon_Kter leaves the room: Connection failed: ping_timeout
[20:33:32] alacer leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[20:37:51] pprrks leaves the room
[20:46:52] rom1dep leaves the room: Stream closed by us: Replaced by new connection (conflict)
[21:04:16] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[21:06:05] frainz leaves the room: Stream closed by us: Replaced by new connection (conflict)
[21:10:52] debalance leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[21:11:26] Marzanna leaves the room
[21:15:07] pod leaves the room
[21:15:41] hlad leaves the room
[21:19:27] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[21:26:16] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[21:33:20] srgcdev leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[21:35:50] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[21:46:00] Licaon_Kter leaves the room: Connection failed: ping_timeout
[21:51:17] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[21:55:45] marc leaves the room: unknown reason
[21:56:55] frainz leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[21:58:08] erik leaves the room: Stream closed by us: Replaced by new connection (conflict)
[21:58:35] rom1dep leaves the room
[22:00:22] rom1dep leaves the room: Stream closed by us: system-shutdown
[22:00:22] rom1dep leaves the room: Stream closed by us: system-shutdown
[22:00:22] rom1dep leaves the room: Stream closed by us: system-shutdown
[22:00:22] rom1dep leaves the room: Stream closed by us: system-shutdown
[22:03:18] rom1dep leaves the room
[22:09:57] ileh leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[22:20:51] srgcdev leaves the room
[22:26:54] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[22:37:08] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[22:45:35] marc leaves the room: unknown reason
[22:50:09] SaltyBones leaves the room: Stream closed by us: Replaced by new connection (conflict)
[22:51:00] Akasch leaves the room
[23:08:00] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[23:12:52] zuglufttier leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
[23:36:28] Akasch leaves the room: Rechner geht in den Ruhezustand
[23:38:02] jeremy leaves the room: Stream closed by us: Replaced by new connection (conflict)
[23:43:59] SouL leaves the room
[23:49:16] sezuan leaves the room
[23:51:40] cippaciong leaves the room
[23:52:06] christoph leaves the room: Stream closed by us: Replaced by new connection (conflict)
[23:58:09] jeremy leaves the room: Stream closed by us: Timed out waiting for stream resumption (connection-timeout)
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!