Freenode SSL reconnection issues

RESOLVED WORKSFORME

Status

Chat Core
IRC
RESOLVED WORKSFORME
5 years ago
4 years ago

People

(Reporter: clokep, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [regression])

(Reporter)

Description

5 years ago
*** Original post on bio 1292 at 2012-02-27 16:09:00 UTC ***

Currently reconnecting to Freenode with SSL will not work without changing the port for JS-IRC. It's unknown whether this is a bug in Instantbird or the Freenode servers being difficult.

aleth mentioned on IRC seeing similar behavior with libpurple.

Currently we have it set to not use SSL by default.
(Reporter)

Updated

5 years ago
Whiteboard: [1.2-blocking]

Comment 1

5 years ago
*** Original post on bio 1292 at 2012-02-27 21:27:58 UTC ***

(In reply to comment #0)
> aleth mentioned on IRC seeing similar behavior with libpurple.

Only on port 6697, never on port 7000. Could be a problem on the other end.

Updated

5 years ago
Whiteboard: [1.2-blocking]
*** Original post on bio 1292 at 2012-04-26 21:11:46 UTC ***

(In reply to comment #0)

> aleth mentioned on IRC seeing similar behavior with libpurple.

I don't remember seeing that with libpurple, so I think it's a regression. (But I agree we shouldn't block 1.2 on it, as there's no actionable plan to move forward.)
Whiteboard: [regression]

Comment 3

5 years ago
*** Original post on bio 1292 at 2012-05-15 09:43:45 UTC ***

11:36:55 AM - FeuerFli1: after hibernation or a lost network connection all accounts reconnect but IRC on the freenode Server (irc.freenode.net Port 6697 SSL) not. It cycles tries to connect repeatedly but always gets "Error: Lost connection with server". If I restart IB it connects instantly.
*** Original post on bio 1292 at 2012-05-15 09:49:53 UTC ***

Changing Port to 7000 works for me, maybe we should add it to the FAQ.
*** Original post on bio 1292 at 2012-05-15 09:58:15 UTC ***

ChatZilla uses the port 7000 for freenode over SSL: http://hg.mozilla.org/chatzilla/annotate/a8646d30fd33/xul/content/networks.js#l43

Comment 6

5 years ago
*** Original post on bio 1292 at 2012-05-15 10:00:28 UTC ***

11:52:47 AM - flo: which steps have you used to try to reproduce?
11:55:25 AM - FeuerFliege: Reproduce the error: IRC account: irc.freenode.net Port 6697
11:55:26 AM - FeuerFliege: SSL is connected → Deactivate the LAN connection → activate the LAN connection → ever other account reconnects, but not the freenode one. This happens everytime.
11:56:10 AM - FeuerFliege: I have tried it with the account settings change to irc.freenode.net Port 7000 SSL and it did reconnect like the other accounts

Comment 7

5 years ago
*** Original post on bio 1292 at 2012-05-15 10:34:51 UTC ***

If bug 954861 (bio 1426) was fixed to include a dropdown of popular servers, we could simply use 7000 for freenode as a workaround for this bug.
(Reporter)

Comment 8

5 years ago
*** Original post on bio 1292 at 2012-05-24 13:49:57 UTC ***

So it looks like this is http://developer.pidgin.im/ticket/11568 (the real cause is apparently with IRC servers though: http://trac.oftc.net/projects/oftc-hybrid/ticket/113).

To summarize, the server is trying to reuse credentials from a previous connection instead of starting a new SSL handshake.

From http://developer.pidgin.im/ticket/11568#comment:13/;
> I have verified that this behaviour is indeed due to a bug in the server
> software called ircd-hybrid (and also its fork oftc-hybrid) which didn't call
> SSL_CTX_set_session_id_context() which in order made the handshake fail. 

So...irc-hybrid is like the basis for A LOT of ircds out there, see: http://en.wikipedia.org/wiki/Comparison_of_Internet_Relay_Chat_daemons

I'd suggest we try to find a way around this on the client side, I'm not sure how much those servers take upstream patches, etc. etc. (Note that moznet runs Unreal, which is NOT based on irc-hybrid).
(Reporter)

Comment 9

5 years ago
*** Original post on bio 1292 at 2013-05-17 10:30:42 UTC ***

Setting security.enable_tls_session_tickets to false fixes this. (It defaults to true.)
(Reporter)

Comment 10

4 years ago
I'm no longer seeing this issue on on Freenode. Can someone else try to reproduce this as well? If we can't reproduce, I'd like to enable SSL by default again for IRC.
(Reporter)

Comment 11

4 years ago
Also, FWIW, bug 917049 removed security.enable_tls_session_tickets.

Comment 12

4 years ago
I can also no longer reproduce this.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WORKSFORME

Updated

4 years ago
Target Milestone: --- → 1.6
You need to log in before you can comment on or make changes to this bug.