#951 ejabberd connectivity issues with TLS

Reporter Adrien
Owner Zash
Stars ★★★ (4)  
  • Status-Fixed
  • Type-Defect
  • Milestone-0.10
  • Priority-Medium
  1. Adrien on

    This is a new issue as asked by @MattJ in #879. Recent ejabberd and prosody servers cannot communicate together when using TLS. As far as I can tell, this is because there is no actual overlap between their TLS ciphersuites. Output of my `prosodyctl about`: Prosody 0.9.12 # Prosody directories Data directory: /var/lib/prosody Plugin directory: /usr/lib/prosody/modules/ Config directory: /etc/prosody Source directory: /usr/lib/prosody # Lua environment Lua version: Lua 5.1 Lua module search paths: /usr/lib/prosody/?.lua /usr/local/share/lua/5.1/?.lua /usr/local/share/lua/5.1/?/init.lua /usr/local/lib/lua/5.1/?.lua /usr/local/lib/lua/5.1/?/init.lua /usr/share/lua/5.1/?.lua /usr/share/lua/5.1/?/init.lua Lua C module search paths: /usr/lib/prosody/?.so /usr/local/lib/lua/5.1/?.so /usr/lib/x86_64-linux-gnu/lua/5.1/?.so /usr/lib/lua/5.1/?.so /usr/local/lib/lua/5.1/loadall.so LuaRocks: Not installed # Lua module versions lfs: LuaFileSystem 1.6.3 lxp: LuaExpat 1.3.0 pposix: 0.3.6 socket: LuaSocket 3.0-rc1 ssl: 0.6 Output of cryptcheck ( https://tls.imirhil.fr/xmpp/ ) for the prosody server: Protocols: TLSv1_2 Certificates: RSA 2048 bits Diffie Hellman: ECC 384 bits Good practices: PFS REQUIRED Ciphersuites: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 Output of cryptcheck ( https://tls.imirhil.fr/xmpp/ ) for the ejabberd server: Protocols: TLSv1_2 Certificates: RSA 2048 bits Diffie Hellman: ECC 256 bits Good practices: PFS Ciphersuites: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 As you can see, there is an overlap between the ciphersuites but they all use ECDHE and the curves for the Diffie Hellman do not overlap (P-256 vs. P-384). IIRC prosody uses P-384. It could include more in its default list now and still assert it prefers P-384 by putting it first in the the curve list. I've just tested again that changing the curve setting in prosody from secp384r1 (default iirc) to prime256v1 enables me to communicate again with an ejabberd server and changing it back breaks the communication again.

  2. Zash on

    Fixed in https://hg.prosody.im/trunk/rev/92cddfe65003

    • owner Zash
    • tags Milestone-0.10 Status-Fixed

New comment