Newbie here! Cannot connect to my jabber server, except with one client (Jabbear) - Pidgin fails

I am very new to this, so please bear with my lack of knowledge!

I have installed ejabberd 2.1.5 on my Linux server (32 bit, from a binary). I set it up as prescribed on the guide and have an admin user. I can connect to the web management interface fine.

When I try to log in from a client I get a connection closed. This has happened with Pidgin on a Windows machine and a Linux machine, and also my Nokia N900 (its own messaging client).

I downloaded and installed Jabbear and as long as the secure authentication is set to off I can connect just fine. Both the admin account and a basic test one log in without problems and I have set statuses and added each "buddy" to the other account.

Running the server over SSH in LIVE mode, I get the following upon a successful connection:

=INFO REPORT==== 11-Aug-2010::03:36:40 ===
I(<0.352.0>:ejabberd_listener:232) : (#Port<0.458>) Accepted connection {{xxx,xxx,xxx,xxx},51919} -> {{yyy,yyy,yyy,yyy},5222}

=INFO REPORT==== 11-Aug-2010::03:36:41 ===
I(<0.394.0>:ejabberd_c2s:716) : ({socket_state,gen_tcp,#Port<0.458>,<0.393.0>}) 
    Accepted authentication for testing by ejabberd_auth_internal

=INFO REPORT==== 11-Aug-2010::03:36:41 ===
I(<0.394.0>:ejabberd_c2s:839) : ({socket_state,gen_tcp,#Port<0.458>,<0.393.0>}) 
    Opened session for testing@-------.com/jabbear1

When it fails, the following message is shown:

=ERROR REPORT==== 11-Aug-2010::03:30:37 ===
** State machine <0.373.0> terminating
** Last event in was {xmlstreamelement,
                         {xmlelement,"starttls",
                             [{"xmlns","urn:ietf:params:xml:ns:xmpp-tls"}],
                             []}}
** When State == wait_for_feature_request
**      Data  == {state,{socket_state,gen_tcp,#Port<0.435>,<0.372.0>},
                        ejabberd_socket,#Ref<0.0.0.9823>,false,"1258971306",
                        {sasl_state,"jabber","-------.com",[],
                                    #Fun,
                                    #Fun,
                                    #Fun,undefined,
                                    undefined},
                        c2s,c2s_shaper,false,true,false,false,
                        [verify_none,
                         {certfile,"/opt/ejabberd-2.1.5/conf/server.pem"}],
                        false,undefined,[],"--------.com",[],undefined,
                        {pres_t,0},
                        {pres_f,0},
                        {pres_a,0},
                        {pres_i,0},
                        undefined,undefined,undefined,false,
                        {userlist,none,[],false},
                        unknown,unknown,
                        {{86,30,140,52},51851},
                        []}
** Reason for termination =
** {{case_clause,{error,{open_error,-10}}},
    [{tls,tcp_to_tls,2},
     {ejabberd_socket,starttls,3},
     {ejabberd_c2s,wait_for_feature_request,2},
     {p1_fsm,handle_msg,10},
     {proc_lib,init_p,5}]}

There is also an error on startup:

Erlang (BEAM) emulator version 5.6.4 [source] [smp:4] [async-threads:0] [kernel-poll:true]

Eshell V5.6.4  (abort with ^G)
(ejabberd@localhost)1>
=ERROR REPORT==== 11-Aug-2010::03:24:38 ===
C(<0.41.0>:sha:49) : unable to load driver '/opt/ejabberd-2.1.5/lib/ejabberd-2.1.5/priv/linux-x86/lib/sha_drv.so': libssl.so.0.9.8: 
   cannot open shared object file: No such file or directory

=INFO REPORT==== 11-Aug-2010::03:24:38 ===
I(<0.41.0>:ejabberd_app:70) : ejabberd 2.1.5 is started in the node ejabberd@localhost

I'm a bit stumped to be honest! I have tried turning off secure authentication on Pidgin and my phone and it still fails. I get the exact same error message when I try to connect with Jabbear WITH secure authentication switched on so something there seems to be causing a hiccup and also Pidgin/N900 clients are perhaps not actually switching off secure authentication.

I'd be really grateful if anyone could help - I'm sure this is something silly I've not realised, as I said I'm quite new to this and whilst I can SSH in and set this up in a shell, I am not really very experienced with *nix either.

Thanks! :)

Sorted

Thanks to Jonas and deryni on the XMPP chat for your help,

the build was pointing to an older version of SSL libraries and so I've bodged this with two symlinks and it is working just fine now.

:D

Same problem

Hi, I'm having the same problem. I do see sha_drv.so in the ejabber lib directory.

How did you make this correction exactly?

I'm running Centos 5.2 with OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008.

Thanks for any tips.

Me, too

Hi,

i am having the same problem, too.
It would be nice if anyone, could provide help for this.
Where do i have to place the symlinks?

Thanks in advance.

Can someone help out with

Can someone help out with this please. It would be great if the original poster would post his solution in detail.
I'm also having the same error (open_error,-10) and the .so files are where they should be.

Fixed by adding symbolic links to libssl and libcrypto

I was having this issue also with ejabberd 2.1.6 -- fresh install using binary installer on an Amazon Linux micro-instance I set up for testing.
Seems like ejabberd 2.1.6 wants to link to SSL v 0.9.8 and what comes installed on Amazon Linux is 1.0.0.a.

My problem was annoying because ejabberd would start up OK, but it would not allow any connections - and it didn't crash on startup as previous versions appear to have been doing.

When running in interactive mode (ejabberdctl live) I saw an error about being unable to load the driver tls_drv.so, but otherwise started up fine. However, I could not connect from Adium or any client I tried. When I tried to connect, there was an error in the log about parsing the XML for TLS (encryption), so I went back to the original start up error and tried to see if the libssl version was the issue.

To see the dependencies I used ldd:

ldd /opt/ejabberd-2.1.6/lib/ejabberd-2.1.6/priv/linux-x86/lib/tls_drv.so

        linux-gate.so.1 =>  (0x006c7000)
libssl.so.0.9.8 => not found
libcrypto.so.0.9.8 => not found
libc.so.6 => /lib/i686/nosegneg/libc.so.6 (0x00110000)
/lib/ld-linux.so.2 (0x0062f000)

So we can see that it can't find "libssl.so.0.9.8" or libcrypto.so.0.9.8

On my machine libssl and libcrypto are located in /usr/lib

So what I did was create symbolic links from those missing filenames to the version of the libraries that I do have

sudo ln -s libssl.so.1.0.0a libssl.so.0.9.8
sudo ln -s libcrypto.so libcrypto.so.0.9.8

So now ldd gives

host lib]$ ldd tls_drv.so
       ./tls_drv.so: /usr/lib/libcrypto.so.0.9.8: no version information available (required by ./tls_drv.so)
       ./tls_drv.so: /usr/lib/libssl.so.0.9.8: no version information available (required by ./tls_drv.so)
linux-gate.so.1 =>  (0x00dbc000)
libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x00c89000)
libcrypto.so.0.9.8 => /usr/lib/libcrypto.so.0.9.8 (0x00110000)
libc.so.6 => /lib/i686/nosegneg/libc.so.6 (0x00409000)
libgssapi_krb5.so.2 => /lib/libgssapi_krb5.so.2 (0x00399000)
libkrb5.so.3 => /lib/libkrb5.so.3 (0x0027d000)
libcom_err.so.2 => /lib/libcom_err.so.2 (0x00b10000)
libk5crypto.so.3 => /lib/libk5crypto.so.3 (0x00edf000)
libresolv.so.2 => /lib/libresolv.so.2 (0x0033b000)
libdl.so.2 => /lib/libdl.so.2 (0x00354000)
libz.so.1 => /lib/libz.so.1 (0x00359000)
/lib/ld-linux.so.2 (0x0062f000)
libkrb5support.so.0 => /lib/libkrb5support.so.0 (0x00f95000)
libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x00c43000)
libpthread.so.0 => /lib/i686/nosegneg/libpthread.so.0 (0x005c8000)
libselinux.so.1 => /lib/libselinux.so.1 (0x0036c000)

Which is all good (mostly, except the version number warning, but it doesn't seem to matter.)

Then, when I restart the server, all is good and I can connect.

Syndicate content