Openfire 4.1.1 and Android Conversations didn't work

Hello,

we use Openfire 4.1.1 with Ubuntu 16.04 and Oracle 8 Base (also tested with openjdk8 and with internal Users or LDAP).

Users with Conversations can’t connect, all other clients (Chatsecure - IOS, Jitsi / Pidgin … - Windows) can connect.

I have no idea what the reason is, after a downgrade to 4.04 - Conversations works.

2017.02.14 14:08:18 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_RECEIVED event for session 208
2017.02.14 14:08:18 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 208
2017.02.14 14:08:18 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘ANONYMOUS’ as it has been disabled by configuration.
2017.02.14 14:08:18 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘SCRAM-SHA-1’ as the AuthFactory that’s in used does not support password retrieval nor SCRAM.
2017.02.14 14:08:18 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘GSSAPI’ as the ‘sasl.gssapi.config’ property has not been defined.
2017.02.14 14:08:18 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘CRAM-MD5’ as the AuthFactory that’s in used does not support password retrieval.
2017.02.14 14:08:18 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘DIGEST-MD5’ as the AuthFactory that’s in used does not support password retrieval.
2017.02.14 14:08:18 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘JIVE-SHAREDSECRET’ as it has been disabled by configuration.
2017.02.14 14:08:18 org.apache.mina.filter.ssl.SslFilter - Session Server208: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=502 cap=512: 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 27 31…]
2017.02.14 14:08:18 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_RECEIVED has been fired for session 208
2017.02.14 14:08:18 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 208
Queue : [MESSAGE_SENT, ]

2017.02.14 14:08:18 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_SENT event for session 208
2017.02.14 14:08:18 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_SENT has been fired for session 208
2017.02.14 14:08:18 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event EXCEPTION_CAUGHT to session 208
Queue : [EXCEPTION_CAUGHT, ]

2017.02.14 14:08:18 org.apache.mina.core.filterchain.IoFilterEvent - Firing a EXCEPTION_CAUGHT event for session 208
2017.02.14 14:08:18 org.apache.mina.filter.ssl.SslFilter - Session Server208: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=145 cap=256: 3C 73 74 72 65 61 6D 3A 65 72 72 6F 72 20 78 6D…]
2017.02.14 14:08:18 org.apache.mina.filter.ssl.SslFilter - Session Server[208]: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=31 cap=33: 15 03 03 00 1A 00 00 00 00 00 00 00 03 4C C3 64…]
2017.02.14 14:08:18 org.apache.mina.core.filterchain.IoFilterEvent - Event EXCEPTION_CAUGHT has been fired for session 208
2017.02.14 14:08:18 org.apache.mina.filter.ssl.SslHandler - Unexpected exception from SSLEngine.closeInbound().
javax.net.ssl.SSLException: Inbound closed before receiving peer’s close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
at org.apache.mina.filter.ssl.SslHandler.destroy(SslHandler.java:204)
at org.apache.mina.filter.ssl.SslFilter.sessionClosed(SslFilter.java:439)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextSessionClosed(Def aultIoFilterChain.java:382)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$900(DefaultIoFilte rChain.java:47)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.sessionClosed (DefaultIoFilterChain.java:750)
at org.apache.mina.core.filterchain.IoFilterAdapter.sessionClosed(IoFilterAdapter. java:88)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextSessionClosed(Def aultIoFilterChain.java:382)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireSessionClosed(Default IoFilterChain.java:375)
at org.apache.mina.core.service.IoServiceListenerSupport.fireSessionDestroyed(IoSe rviceListenerSupport.java:244)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.removeNow(AbstractPolli ngIoProcessor.java:600)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.removeSessions(Abstract PollingIoProcessor.java:560)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$800(AbstractPoll ingIoProcessor.java:67)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractP ollingIoProcessor.java:1132)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
2017.02.14 14:08:18 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event SESSION_CLOSED to session 208
Queue : [SESSION_CLOSED, ]

Works for me with my local 4.1.1 server and with Openfire on igniterealtime.org (which is usually running latest code build, which should be almost as 4.1.1 now).

I have the same problem, but sometimes it works(about 3 times a week)

Any tips for it?

No Changes with 4.1.2.

2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_RECEIVED event for session 13
2017.02.20 10:31:16 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 13
2017.02.20 10:31:16 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘ANONYMOUS’ as it has been disabled by configuration.
2017.02.20 10:31:16 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘SCRAM-SHA-1’ as the AuthFactory that’s in used does not support password retrieval nor SCRAM.
2017.02.20 10:31:16 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘GSSAPI’ as the ‘sasl.gssapi.config’ property has not been defined.
2017.02.20 10:31:16 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘CRAM-MD5’ as the AuthFactory that’s in used does not support password retrieval.
2017.02.20 10:31:16 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘DIGEST-MD5’ as the AuthFactory that’s in used does not support password retrieval.
2017.02.20 10:31:16 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘JIVE-SHAREDSECRET’ as it has been disabled by configuration.
2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_RECEIVED has been fired for session 13
2017.02.20 10:31:16 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 13
Queue : [MESSAGE_SENT, ]

2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_SENT event for session 13
2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_SENT has been fired for session 13
2017.02.20 10:31:16 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 13
Queue : [MESSAGE_SENT, ]

2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_SENT event for session 13
2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_SENT has been fired for session 13
2017.02.20 10:31:16 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_RECEIVED to session 13
Queue : [MESSAGE_RECEIVED, ]

2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_RECEIVED event for session 13
2017.02.20 10:31:16 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 13
2017.02.20 10:31:16 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Constructed trust manager. Number of trusted issuers: 173, accepts self-signed: false, checks validity: true
2017.02.20 10:31:16 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Constructed trust manager. Number of trusted issuers: 173, accepts self-signed: false, checks validity: true
2017.02.20 10:31:16 org.apache.mina.filter.ssl.SslFilter - Adding the SSL Filter tls to the chain
2017.02.20 10:31:16 org.apache.mina.filter.ssl.SslHandler - Session Server[13](no sslEngine) Initializing the SSL Handler
2017.02.20 10:31:16 org.apache.mina.filter.ssl.SslHandler - Session Server[13](no sslEngine) SSL Handler Initialization done.
2017.02.20 10:31:16 org.apache.mina.filter.ssl.SslFilter - Session Server13 : Starting the first handshake
2017.02.20 10:31:16 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_UNWRAP state
2017.02.20 10:31:16 org.apache.mina.filter.ssl.SslFilter - Session Server13: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=50 cap=64: 3C 70 72 6F 63 65 65 64 20 78 6D 6C 6E 73 3D 22…]
2017.02.20 10:31:16 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_RECEIVED has been fired for session 13
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Message received : HeapBuffer[pos=0 lim=152 cap=1024: 16 03 01 00 93 01 00 00 8F 03 03 86 31 57 9D 1E…]
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 Processing the received message
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_UNWRAP state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_TASK state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_WRAP state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=1243 cap=2115: 16 03 03 04 D6 02 00 00 4D 03 03 58 AA B7 65 DE…]
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_UNWRAP state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Processing the SSL Data
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Message received : HeapBuffer[pos=0 lim=126 cap=512: 16 03 03 00 46 10 00 00 42 41 04 36 61 AB D5 49…]
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 Processing the received message
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_UNWRAP state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_TASK state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_UNWRAP state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_WRAP state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=6 cap=8: 14 03 03 00 01 01]
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the NEED_WRAP state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=45 cap=66: 16 03 03 00 28 00 00 00 00 00 00 00 00 F0 14 62…]
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the FINISHED state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 is now secured
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 processing the FINISHED state
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 is now secured
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Processing the SSL Data
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Message received : HeapBuffer[pos=0 lim=165 cap=512: 17 03 03 00 A0 00 00 00 00 00 00 00 01 05 49 E1…]
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Session Server13 Processing the received message
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Processing the SSL Data
2017.02.20 10:31:17 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_RECEIVED to session 13
Queue : [MESSAGE_RECEIVED, ]

2017.02.20 10:31:17 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_RECEIVED event for session 13
2017.02.20 10:31:17 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 13
2017.02.20 10:31:17 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘ANONYMOUS’ as it has been disabled by configuration.
2017.02.20 10:31:17 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘SCRAM-SHA-1’ as the AuthFactory that’s in used does not support password retrieval nor SCRAM.
2017.02.20 10:31:17 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘GSSAPI’ as the ‘sasl.gssapi.config’ property has not been defined.
2017.02.20 10:31:17 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘CRAM-MD5’ as the AuthFactory that’s in used does not support password retrieval.
2017.02.20 10:31:17 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘DIGEST-MD5’ as the AuthFactory that’s in used does not support password retrieval.
2017.02.20 10:31:17 org.jivesoftware.openfire.net.SASLAuthentication - Cannot support ‘JIVE-SHAREDSECRET’ as it has been disabled by configuration.
2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslFilter - Session Server13: Writing Message : WriteRequest: HeapBuffer[pos=0 lim=502 cap=512: 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 27 31…]
2017.02.20 10:31:17 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_RECEIVED has been fired for session 13
2017.02.20 10:31:17 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 13
Queue : [MESSAGE_SENT, ]

2017.02.20 10:31:17 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_SENT event for session 13
2017.02.20 10:31:17 org.apache.mina.core.filterchain.IoFilterEvent - Event MESSAGE_SENT has been fired for session 13
2017.02.20 10:31:17 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event EXCEPTION_CAUGHT to session 13
Queue : [EXCEPTION_CAUGHT, ]

2017.02.20 10:31:17 org.apache.mina.filter.ssl.SslHandler - Unexpected exception from SSLEngine.closeInbound().
javax.net.ssl.SSLException: Inbound closed before receiving peer’s close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
at org.apache.mina.filter.ssl.SslHandler.destroy(SslHandler.java:204)
at org.apache.mina.filter.ssl.SslFilter.sessionClosed(SslFilter.java:439)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextSessionClosed(Def aultIoFilterChain.java:382)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$900(DefaultIoFilte rChain.java:47)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.sessionClosed (DefaultIoFilterChain.java:750)
at org.apache.mina.core.filterchain.IoFilterAdapter.sessionClosed(IoFilterAdapter. java:88)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextSessionClosed(Def aultIoFilterChain.java:382)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireSessionClosed(Default IoFilterChain.java:375)
at org.apache.mina.core.service.IoServiceListenerSupport.fireSessionDestroyed(IoSe rviceListenerSupport.java:244)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.removeNow(AbstractPolli ngIoProcessor.java:600)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.removeSessions(Abstract PollingIoProcessor.java:560)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$800(AbstractPoll ingIoProcessor.java:67)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractP ollingIoProcessor.java:1132)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
2017.02.20 10:31:17 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event SESSION_CLOSED to session 13
Queue : [EXCEPTION_CAUGHT, , SESSION_CLOSED, ]

Puzzling. As you’re using an external user store (that does not support plain-text password retrieval) the authentication mechanism that are used are limited (that’s what you see in the logs: many SASL mechanisms are unavailable). The thing that puzzles me most is that this is not different in earlier versions of Openfire.

Exactly what error message do you get in Conversations?

also tested with openjdk8 and with internal Users

I didn’t found a log in conversations, there is no option for debugging, maybe someone can help to found the logfiles.

Debugging Conversations is well outside of my area of expertise. Their project page does list some tooling though. Have a look at GitHub - siacs/Conversations: Conversations is an open source XMPP/Jabber client for the Android platform

I have the same/similar issue.

Login with Conversations works with OpenFire 4.1.1 but not 4.1.2.

For now I’m back at 4.1.1

In my case neither Xabber nor Conversations were able to connect to Openfire 4.1.3 / 4.1.2 / 4.1.1

However, I’m able to use them both with Openfire 4.0.4

The interesting part is that Beem is able to connect to 4.1.3, even if the last release is from 2013.

Also, settings sasl.mechs to PLAIN didn’t help.

Still does not work with 4.2.1.

Strangely conversations.im does not work but its clone KandruIM can connect.

Just FYI, I installed SSL keys and all XMPP software on play market now works with openfire properly (I have also set DNS records)…