Index | Thread | Search

From:
Theo Buehler <tb@theobuehler.org>
Subject:
Re: mcabber: TLS does not work, libmouth update crashes
To:
ports@openbsd.org, Markus Hennecke <markus-hennecke@markus-hennecke.de>
Date:
Wed, 3 Jan 2024 09:08:33 +0100

Download raw body.

Thread 
> 	** (process:70988): WARNING **: 00:42:51.509:    error:1404E0BF:SSL routines:ST_BEFORE_CONNECT:no protocols available

This usually means a hardcoded tls version, in this case TLSv1.0.

> '/set tls = 1' (default) makes no difference.
> 
> Updating outdated(/unmaintained/dead) loudmouth to 1.5.4 and rebuilding
> mcabber only causes various different *-after-free errors, this is my
> minimal reproducer
> 
> 	$ mcabber
> 	/set jid = foo
> 	/set password = bar
> 	/connect

This doesn't crash here with the below. "Failed to open: Failed to resolve server".

> Do these two ports actually work still in a modern TLS world?

With loudmouth as it is, no. With the below, no idea. Not particularly
interested to invest time to find out.

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/loudmouth/Makefile,v
diff -u -p -r1.31 Makefile
--- Makefile	27 Sep 2023 14:18:17 -0000	1.31
+++ Makefile	3 Jan 2024 07:52:01 -0000
@@ -2,7 +2,7 @@ COMMENT=		lightweight Jabber client libr
 
 V=			1.4.3
 DISTNAME=       	loudmouth-$V
-REVISION=		8
+REVISION=		9
 SHARED_LIBS +=	loudmouth-1          3.0      # .1.0
 CATEGORIES=		net devel
 
Index: patches/patch-loudmouth_lm-ssl-openssl_c
===================================================================
RCS file: /cvs/ports/net/loudmouth/patches/patch-loudmouth_lm-ssl-openssl_c,v
diff -u -p -r1.2 patch-loudmouth_lm-ssl-openssl_c
--- patches/patch-loudmouth_lm-ssl-openssl_c	11 Mar 2022 19:46:18 -0000	1.2
+++ patches/patch-loudmouth_lm-ssl-openssl_c	3 Jan 2024 07:47:39 -0000
@@ -1,5 +1,18 @@
---- loudmouth/lm-ssl-openssl.c.orig	Mon Jan 19 11:50:51 2009
-+++ loudmouth/lm-ssl-openssl.c	Mon Jan 19 11:51:45 2009
+Index: loudmouth/lm-ssl-openssl.c
+--- loudmouth/lm-ssl-openssl.c.orig
++++ loudmouth/lm-ssl-openssl.c
+@@ -295,9 +295,9 @@ _lm_ssl_initialize (LmSSL *ssl) 
+ 		initialized = TRUE;
+ 	}
+ 
+-	ssl->ssl_method = TLSv1_client_method();
++	ssl->ssl_method = TLS_client_method();
+ 	if (ssl->ssl_method == NULL) {
+-		g_warning ("TLSv1_client_method() == NULL");
++		g_warning ("TLS_client_method() == NULL");
+ 		abort();
+ 	}
+ 	ssl->ssl_ctx = SSL_CTX_new(ssl->ssl_method);
 @@ -305,6 +305,14 @@ _lm_ssl_initialize (LmSSL *ssl) 
  		g_warning ("SSL_CTX_new() == NULL");
  		abort();