Re: mcabber: TLS does not work, libmouth update crashes

Wed, 03 Jan 2024 00:09:05 -0800 

>       ** (process:70988): WARNING **: 00:42:51.509:    error:1404E0BF:SSL 
> routines:ST_BEFORE_CONNECT:no protocols available

This usually means a hardcoded tls version, in this case TLSv1.0.

> '/set tls = 1' (default) makes no difference.
> 
> Updating outdated(/unmaintained/dead) loudmouth to 1.5.4 and rebuilding
> mcabber only causes various different *-after-free errors, this is my
> minimal reproducer
> 
>       $ mcabber
>       /set jid = foo
>       /set password = bar
>       /connect

This doesn't crash here with the below. "Failed to open: Failed to resolve 
server".

> Do these two ports actually work still in a modern TLS world?

With loudmouth as it is, no. With the below, no idea. Not particularly
interested to invest time to find out.

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/loudmouth/Makefile,v
diff -u -p -r1.31 Makefile
--- Makefile    27 Sep 2023 14:18:17 -0000      1.31
+++ Makefile    3 Jan 2024 07:52:01 -0000
@@ -2,7 +2,7 @@ COMMENT=                lightweight Jabber client libr
 
 V=                     1.4.3
 DISTNAME=              loudmouth-$V
-REVISION=              8
+REVISION=              9
 SHARED_LIBS += loudmouth-1          3.0      # .1.0
 CATEGORIES=            net devel
 
Index: patches/patch-loudmouth_lm-ssl-openssl_c
===================================================================
RCS file: /cvs/ports/net/loudmouth/patches/patch-loudmouth_lm-ssl-openssl_c,v
diff -u -p -r1.2 patch-loudmouth_lm-ssl-openssl_c
--- patches/patch-loudmouth_lm-ssl-openssl_c    11 Mar 2022 19:46:18 -0000      
1.2
+++ patches/patch-loudmouth_lm-ssl-openssl_c    3 Jan 2024 07:47:39 -0000
@@ -1,5 +1,18 @@
---- loudmouth/lm-ssl-openssl.c.orig    Mon Jan 19 11:50:51 2009
-+++ loudmouth/lm-ssl-openssl.c Mon Jan 19 11:51:45 2009
+Index: loudmouth/lm-ssl-openssl.c
+--- loudmouth/lm-ssl-openssl.c.orig
++++ loudmouth/lm-ssl-openssl.c
+@@ -295,9 +295,9 @@ _lm_ssl_initialize (LmSSL *ssl) 
+               initialized = TRUE;
+       }
+ 
+-      ssl->ssl_method = TLSv1_client_method();
++      ssl->ssl_method = TLS_client_method();
+       if (ssl->ssl_method == NULL) {
+-              g_warning ("TLSv1_client_method() == NULL");
++              g_warning ("TLS_client_method() == NULL");
+               abort();
+       }
+       ssl->ssl_ctx = SSL_CTX_new(ssl->ssl_method);
 @@ -305,6 +305,14 @@ _lm_ssl_initialize (LmSSL *ssl) 
                g_warning ("SSL_CTX_new() == NULL");
                abort();

Reply via email to