Bug fix for Kopete & TLS Jabber servers

To: debian-qt-kde@lists.debian.org
Cc: 629123@bugs.debian.org, Jeffrey G Thomas <Jeffrey.Thomas@nerdery.com>
Subject: Bug fix for Kopete & TLS Jabber servers
From: Filip Brcic <brcha@gna.org>
Date: Thu, 16 Jun 2011 14:13:34 +0200
Message-id: <[🔎] 201106161413.36297.brcha@gna.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

It seams that kopete and qca-ossl don't play well with kde 4.6.*, so some 
people (including myself) cannot connect to a self-signed TLS jabber server 
(in my case elitesecurity.org).

I found a solution on https://bugs.archlinux.org/task/19175#comment66084 that 
seams to work (I've rebuilt qca-ossl on my computer and now I can connect). 
Here's what Steven Noonan, the guy that made this patch, said:

> Comment by Steven Noonan (neunon) - Saturday, 18 September 2010, 02:46
> GMT-4 Hello from afar. I thought I'd share a solution I discovered for
> this problem while trying to figure out what broke Psi on my Gentoo
> install.
> 
>  This bug report led me to the solution:
>  https://support.process-one.net/browse/EJAB-877
>  
>  See the attached patch for qca-ossl. Reading through EJAB-877, it looked
>  like adding SSL_OP_NO_TICKET to the SSL context would resolve the issue,
>  but for whatever reason, this didn't work for me. I'm not sure why. For
>  the heck of it, I then tried changing the SSL method from
>  SSLv23_server_method() to SSLv3_server_method(), which seems to have
>  fixed the problem. I'm able to connect to SSLv3 servers as well as TLSv1
>  servers. I don't know what the OpenSSL-internal difference is between
>  SSLv23_server_method() and SSLv3_server_method(), besides the obvious
>  fact that one permits SSLv2, SSLv3, and TLSv1, while the other permits
>  only SSLv3 and TLSv1. Perhaps this has something to do with SSLv2 being
>  thrown out of OpenSSL 1.x? Anyway. See if the above fixes the issue for
>  you folks. It's a starting point, anyway.

Using his qca-ossl-fix.patch (actually I modified it since quilt didn't apply it 
well, so I applied it by hand) I rebuilt qca2-plugin-ossl and now it works 
like it should (and like it did before 4.6 kde upgrade).

The package can be found on mentors.debian.net:
- - URL: http://mentors.debian.net/debian/pool/main/q/qca2-plugin-ossl
- - Source repository: deb-src http://mentors.debian.net/debian unstable main 
contrib non-free
- - dget http://mentors.debian.net/debian/pool/main/q/qca2-plugin-ossl/qca2-
plugin-ossl_2.0.0~beta3-1.1.dsc

I would be glad if someone uploaded this package for me (or integrated it into 
alioth git repository where the package is actually kept).

Kind regards
 Filip Brcic

- -- 
Filip Brcic <brcha@gna.org>
WWWeb: http://brcha.com
Jabber  : brcha@kdetalk.net 
GPG 0x2537C379
Fingerprint: 287D 5F24 50AA A36C 977F AC9A F1FD C7EB 2537 C379
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJN+fNvAAoJEPH9x+slN8N5kxoQAJJCRS67RxYHAMa4BHErA3sg
1VMaRDcfr3s18ZaUUeTYOI/BVyQvTjp37VGCu3V6DOn0RTYekPLBOiul8a0NHu7g
FG1w9O/Dwwra9qqnZqvWr7pWeGgp4RquUrlpvogUasesvJGMm4Lvma3oU8/FXshi
6BMI6cVwqMijtsMMaQ+vYeW4Hrj58GeACErWQLsXsL8mX912PHEoq1e4/G/mYlQA
nMFlBYJwYGBLUjIY6G7qxu8Npre1x3lkap0SjX7Rgw/B68yYsqVxFpLboOUQODk4
9HcJ11MeaGNXLTF3qOSnME6oQc0Gv7bHgY3nZIVielafNzj0wzAX0stYMqH9Etu9
AURnsXLpL68Dyl0pxLSrAxmuzjzVhm2DqgOKbS7QcXNAFGmTA7DbBYhxub5/3N4E
WYZSmpOvY6lqbGb1RODMX/F8h0RAfzK4fuGLFcHaTdRq/YcuR7K01gCvPIokEkvW
aajblZC+AIL0+B+VUjKYA6CCKeH//UHtfRsZjnhqEpLW0N8tjXmoWjxD0uNNvQTe
4eDe70+o1O3tV2QBkowHgRtI4PXtCi8qIyjYDmXTtVCq0CSmy04ZdqQlqD+F+EMb
072kGIAjPp6HXIKCc/sHFppGVK+NlpuKmdeVe50/9zUgjXZTK8GsGjyZedquhFTm
T5BIH/8MrUYc2OBmfEco
=w2UW
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Bug#630617: klipper: Klipper icon not appearing in system tray
Next by Date: Bug#582568: usertag debian-edu
Previous by thread: Bug#630617: Acknowledgement (klipper: Klipper icon not appearing in system tray)
Next by thread: Bug#582568: usertag debian-edu
Index(es):
- Date
- Thread