Your message dated Sat, 7 Oct 2017 15:37:18 +0200
with message-id <7090c370-0e98-8e4d-3960-4413974b7...@debian.org>
and subject line Re: prosody: incompatible lua-sec version as dependency of
prosody in stable
has caused the Debian Bug report #876654,
regarding prosody: incompatible lua-sec version as dependency of prosody in
stable
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
876654: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876654
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: prosody
Version: 0.9.12-2
Severity: grave
Justification: renders package unusable
Dear Maintainer,
I've installed prosody on a nearly new installed debian strech system.
After installation I noticed s2s connections issues with some of my
jabber/xmpp contacts as the server was't able to connect to their
servers. It reported for example:
Out of connection options, can't connect to jabber.ccc-mannheim.de
Debug log could be found here:
https://paste.ffrn.de/?9702bb47d8bebc03#RSO1WEP787I9p1n0+U0WsFqizvxMprPCl2n4QjggOSw=
On the remote server we could see in the logs that my prosody
instance couldn't handle any of the ssl ciphers the remote server offers
although the openssl version is supporting this ciphers and I can
establish a working connection directly with openssl.
It seems that this bug occures becaus the package lua5.1-sec that is a
dependency of prosody resolves to the lua-sec package with version 0.6-3
in debian stretch. But lua-sec with version 0.6 isn't supported by
prosody 0.9.x. See: https://prosody.im/doc/depends
It seems this issue makes prosody mostly unusable for encrypted
connections.
-- System Information:
Debian Release: 9.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages prosody depends on:
ii adduser 3.115
ii libc6 2.24-11+deb9u1
ii libidn11 1.33-1
ii libssl1.1 1.1.0f-3
ii lsb-base 9.20161125
ii lua-expat [lua5.1-expat] 1.3.0-4
ii lua-filesystem [lua5.1-filesystem] 1.6.3-1
ii lua-sec [lua5.1-sec] 0.6-3
ii lua-socket [lua5.1-socket] 3.0~rc1+git+ac3201d-3
ii lua5.1 5.1.5-8.1+b2
ii ssl-cert 1.0.39
Versions of packages prosody recommends:
ii lua-event [lua5.1-event] 0.4.3-2
Versions of packages prosody suggests:
pn lua-dbi-mysql <none>
pn lua-dbi-postgresql <none>
pn lua-dbi-sqlite3 <none>
pn lua-zlib <none>
-- Configuration Files:
/etc/prosody/conf.avail/example.com.cfg.lua
/etc/prosody/conf.avail/localhost.cfg.lua
/etc/prosody/prosody.cfg.lua
pgpJmz6ZXUo7w.pgp
Description: Digitale Signatur von OpenPGP
--- End Message ---
--- Begin Message ---
Hi Leah,
On 06.10.2017 22:36, Leah Oswald wrote:
> Hey Felix,
>
> thanks for your reply.
>
> On Fri, 6 Oct 2017 22:11:15 +0200 Felix Geyer <fge...@debian.org> wrote:
>> I don't think this analysis is correct.
>
> I've checked your suggestions and it seems to solve the problem to set
> the curve manually to prime256v1. The current default therefor ins't
> that great but no issue to discuss here. So I think we could close
> this report.
>
> Thanks and kind regards,
Thanks for checking, closing the bug accordingly.
Felix
--- End Message ---
