README file from Debian (read it to solve problems with cryptography!)

[eribertomota]

Hi,

Today I uploaded the sendxmpp 1.24 to Debian. I wrote a little README.Debian file to explain about some issues and solutions. I decided open a this issue to put here the content of the README file. I think that it can help some people and maybe it could be a source to improve the README file released with sendxmpp. Feel free to use it.

I hope this help.

Regards,

Eriberto

---

sendxmpp for Debian

Since 2.14 version, sendxmpp is using a new config file format. The file name
must be ~/.sendxmpprc with 400 permission. See below an example of the new
format:

username: john
jserver: jabber.example.com
port: 5222
password: my-very-nice-pass2

There are some tips for sendxmpp 2.14, when using cryptography (I believe these
tips will work for 2.13 version too). The following topics will require a
special attention.

1. When using sendxmpp, I get:

"Could not connect to 'jabber.example.com' on port 5222: The server requires
us to use TLS, but you did not specify that TLS was an option."

To solve this problem, use -t option.

2. When sending a message, the following error is shown:

"Invalid or unreadable path specified for ssl_ca_path. at
/usr/share/perl5/XML/Stream.pm line 641."

Use '-a /etc/ssl/certs/' or '--tls-ca-path /etc/ssl/certs' option.

3. I am getting several messages, similar to lines shown below:

"Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1829.
Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 2740.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 2742.
Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1668.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1669.
Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1669.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1671.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1673.
Use of uninitialized value in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1673.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1675.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1678.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 2620.
Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 2740.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 2742.
Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1440.
Use of uninitialized value in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1443.
Use of uninitialized value within %status in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1506.
Use of uninitialized value in subtraction (-) at /usr/share/perl5/XML/Stream.pm line 1507.
Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1669.
Use of uninitialized value in numeric eq (==) at /usr/share/perl5/XML/Stream.pm line 1673.
Use of uninitialized value in hash element at /usr/share/perl5/Net/XMPP/Connection.pm line 433.
Use of uninitialized value in hash element at /usr/share/perl5/Net/XMPP/Connection.pm line 440.
Use of uninitialized value in hash element at /usr/share/perl5/Net/XMPP/Connection.pm line 433.
Use of uninitialized value in string eq at /usr/bin/sendxmpp line 515.
Error 'AuthSend': [?]
Use of uninitialized value $sid in concatenation (.) or string at /usr/share/perl5/XML/Stream.pm line 1668.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1669.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1671.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1673.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1266.
Use of uninitialized value in string eq at /usr/share/perl5/XML/Stream.pm line 1266.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1266.
Use of uninitialized value in string eq at /usr/share/perl5/XML/Stream.pm line 1266.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1267.
Use of uninitialized value in delete at /usr/share/perl5/XML/Stream.pm line 1267.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1268.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270.
Use of uninitialized value $sid in hash element at /usr/share/perl5/XML/Stream.pm line 1270.
Use of uninitialized value $sid in delete at /usr/share/perl5/XML/Stream.pm line 1272."

To solve:

# apt-get install ca-certificates
---> Copy the root certificate from your CA to /usr/local/share/ca-certificates/.
The file must use te suffix .crt, e.g. mycert.crt
# update-ca-certificates
---> For more details: $ man update-ca-certificates

4. I am seeing an unknown behaviour.

Add the '-v' option to your command line to try debug and find the problem.

-- Joao Eriberto Mota Filho eriberto@debian.org Tue, 18 Jul 2017 10:38:30 -0300

[TRSx80]

If you are getting the "Error 'AuthSend': error: malformed-request[?]" that I previously mentioned here and created (see link above) an issue about, I finally figured it out, and you can find the (very simple) solution in my last post.

[thomas-mc-work]

Copy the root certificate from your CA to /usr/local/share/ca-certificates/.

My XMPP server uses a certificate by Letsencrypt. What exactly shall I copy then? I have that exact problem described in 3. on Debian 12.4.

[sirbrokealot]

Copy the root certificate from your CA to /usr/local/share/ca-certificates/.

My XMPP server uses a certificate by Letsencrypt. What exactly shall I copy then? I have that exact problem described in 3. on Debian 12.4.

I also have the issue with sendxmpp 1.24 on debian bookworm.
Use of uninitialized value in string eq at /usr/bin/sendxmpp line 515. Error 'AuthSend': [?]
I tried to figure out what certificate is required by my xmpp server
openssl s_client -connect <yourserver>:5222 -starttls xmpp
I figured that I needed a common one from letsencrypt which I downloaded
curl -o ISRGRootX1.crt https://letsencrypt.org/certs/isrgrootx1.pem
I moved this to the suggested dir.
/usr/local/share/ca-certificates/ISRGRootX1.crt
I did the update of the certs with
sudo update-ca-certificates

And tried my xmpp sending with the -a,--tls-ca-path flag pointing to that crt file.

For me it's not helping I can only bypass and send with the -n,--no-tls-verify flag

Did you figure this out @thomas-mc-work ?

[thomas-mc-work]

Thanks for the instructions. But they didn't work for me either, and I'm still stuck in this situation. I also think this approach cannot help since this root certificate is already part of my system (/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt)

I ended up using an alternative: https://pypi.org/project/xmpppy/