Groupwise Messenger - Empathy / telepthy-haze

Bug #417432 reported by Chris Crisafulli on 2009-08-22
40
This bug affects 8 people
Affects Status Importance Assigned to Milestone
Telepathy Haze
Confirmed
Medium
telepathy-haze (Ubuntu)
Low
Unassigned

Bug Description

Ubuntu Juanty 9.04
Empathy:
  Installed: 2.27.5-0ubuntu1~ppa9.04+1
telepathy-haze:
  Installed: 0.3.1-1~ppa9.04+1

Reported This Bug Upstream.

Expected Behavior: Once you open empathy. Go to Accounts and create a Groupwise
Messenger Account, After you close the create accounts, you should be connected to
Groupwise Messenger Server or prompted to accept the server certificate, and after accepting
it use the account without any required further actions on the Users Part.

 What Actually Occurs: The Groupwise Messenger account is created, but does not
open/connect. If you go back to the accounts area you will see that the
Groupwise Messenger account icon indicator is flashing, which alerts that there
is an issue with the account not connecting properly.

Discovered Workaround: cp
~/.purple/certificates/x509/tls_peers/<gwmessenger_servername>
/tmp/haze-<random_generated_per_session>/certificates/x509/tls_peers

It seems as though when a new empathy session is started, a new
/tmp/-haze-<random_generated_per_session>/certificates/x509/tls_peers is
created.

The groupwise session certificate needs to by copied from the
~/.purple/certificates/x509/tls_peers directory to the /tmp/haze- directory
generated with the connection.

This has occurred in both default empathy as well as the Daily PPA version (2.27.5 on the machine I reported to bugzilla from), in Jaunty. Will test and report back with Karmic on Monday.

summary: Groupwise Messenger will not connect without manually copying server
- certificate
+ certificate - Empathy
Changed in empathy:
status: Unknown → New

Created an attachment (id=28888)
This is the version info Ubuntu I'm running, and package versioning info

Expected Behavior: Once you open empathy. Go to Accounts and create a Groupwise
Messenger Account. After closing the created account, you should be connected to
Groupwise Messenger Server without any required further actions on the Users
Part.

What Actually Occurs: The Groupwise Messenger account is created, but does not
open/connect. If you go back to the accounts area you will see that the
Groupwise Messenger account icon indicator is flashing, which alerts that there
is an issue with the account not connecting properly.

Discovered Workaround: cp
~/.purple/certificates/x509/tls_peers/<gwmessenger_servername>
/tmp/haze-<random_generated_per_session>/certificates/x509/tls_peers

It seems as though when a new empathy session is started, a new
/tmp/-haze-<random_generated_per_session>/certificates/x509/tls_peers is
created.

The groupwise session certificate needs to by copied from the
~/.purple/certificates/x509/tls_peers directory to the /tmp/haze- directory
generated with the connection.

The Current version I am using is from the Ubuntu Daily PPA 2.27.5, but this
has occurred in all of the earlier versions that I have tried. This is not
limited to the packaged versions from Ubuntu as this occurs in OpenSuse 11 and
Fedora too, at least in a virtual environment.

Please let me know if this isn't clear enough or more information is needed.

Thanks for your all of your time and effort with Empathy!

Chris Crisafulli

Changed bug to FreeDesktoop for telepathy-haze, after it was resolved Gnomes bugzilla http://bugzilla.gnome.org/show_bug.cgi?id=592627

Changed in empathy:
status: New → Unknown
affects: empathy (Ubuntu) → telepathy-haze (Ubuntu)
summary: - Groupwise Messenger will not connect without manually copying server
- certificate - Empathy
+ Groupwise Messenger - Empathy / telepthy-haze
description: updated
Changed in empathy:
status: Unknown → Confirmed

I am experiencing this as well...it is pretty annoying, running ubuntu 9.10 x64. Empathy version 2.28.1.1-0ubuntu1, telepathy-haze version 0.3.2-1

Is this related to bug 17907?

Knitebane (knitebane) wrote :

Note that if the certificate is expired even copying it over won't work.

Steven Harms (sharms) wrote :

I can confirm this on Lucid RC

Adam Seitz (aseitz) wrote :

I can as well - This bug has been around a while and I just created my account on here for the sole purpose of confirmation.

Same issue with the latest empathy (2.30.1) in OpenSUSE 11.3. Is there any chance at all that this issue can be fixed? If the real fix is to simply copy the certificate to the correct path as described in the bug report, that's only a couple of lines of code including error checking. Could that not just be added?

Just some further info:

If I try to connect using Pidgin, I get presented with a prompt about receiving an untrusted certificate. I have the option to accept it or reject it. I'm told what needs to be done is to update empathy/haze to present a similar dialog when it tries to access the groupwise server.

As discussed on IRC, the correct solution is not to copy certificates around wildly; it's to implement the API discussed on bug 29018.

*** Bug 19018 has been marked as a duplicate of this bug. ***

Changed in empathy:
importance: Unknown → Medium
Christopher Boyer (wvuboyer) wrote :

Same bug still exists in 2.32.0-0ubuntu2, the maverick installed version. copying the cert from .purple to /tmp/haze... worked as stated.

Changed in empathy:
importance: Medium → Unknown
Changed in empathy:
importance: Unknown → Medium
Ron Lusk (luskwater) wrote :

Same bug still exists in 2.33.2, the natty alpha 3 installed version.
Copying the certificate has not seemed to help here...

Same bug exists for the SIPE protocol (Office Communicator). Debug logging indicates a message should be shown to the user (allowing a choice to accept the certificate), though none is shown. Mentioned workaround does not seem to work. Pidgin does the right thing by asking the user.

*** Bug 18271 has been marked as a duplicate of this bug. ***

Created attachment 47806
ugly workaround

I've stripped Will Thompson "work in progress" patch for certs, which only tries to copy certs from ~/.local/share/telepathy-haze/certificates/ to haze session directory and it "works" as expected.

This is clearly a workaround until certificate API are implemented in haze

any work around on this ?

affects: empathy → telepathy-haze
Changed in telepathy-haze (Ubuntu):
status: New → Triaged
importance: Undecided → Low

Created attachment 89647
0.8-cert-workaround.patch

cert workaround patch reworked for telepathy-haze-0.8.0

Any updates here?

(In reply to comment #10)
> Any updates here?

Not until/unless...

(In reply to comment #4)
> As discussed on IRC, the correct solution is not to copy certificates around
> wildly; it's to implement the API discussed on bug 29018.

... someone does that, and puts the result here for review.

(I don't currently have time to implement that, and am not volunteering.)

For those who facing this issue, you don't have to copy the certificates every time you login.

Just copy the certificates from `~/.purple/certificates/x509/tls_peers/<servername>` to `/etc/ssl/certs/<servername>.pem`, and kill the telepathy-haze process using `pkill telepathy-haze`.

Disable and re-enable your account, and you'll login successfully.

Hi, guys first of all, I am not a C programmer, so I changed the source a little bit, to telepathy-haze won't use /tmp/haze-xxxx/ directory to handle the certificates anymore, so instead off use the home directory ~/.haze/

Download the source code 0.8.0
Apply de patch on main.c

The procedure is copy once all certificates to ~/.haze/certificates/x509/tls_peers/

and start the telepathy...

I hope this help..

PS: Sorry about my english...

Created attachment 118909
certificate.workaround.patch

telepathy-haze 0.8.0 path certificates

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.