← Back to team overview

desktop-packages team mailing list archive

[Bug 1381484] Re: Fails to connect to servers that disable SSLv3

 

** Summary changed:

- Fails to connect to irc.slack.com with an SSL error
+ Fails to connect to servers that disable SSLv3

** Description changed:

+ SRU REQUEST:
+ 
+ [Impact]
+ 
+ Xchat-Gnome (and xchat) for the use of SSLv3. Since the Poodle attack on
+ SSLv3, many servers are now disabling the use of SSLv3, making xchat-
+ gnome unsable to connect successfully.
+ 
+ [Test Case]
+ 
+ Install xchat-gnome and connect to an irc server that no longer offers
+ SSLv3.
+ 
+ [Regression Potential]
+ 
+ This update may possibly introduce compatibility issues with sites that
+ don't properly handle TLSv1.2 negotiations. While such sites existed in
+ the past, they aren't likely to be common at the present time.
+ Unfortunately, there is no ultimate solution that would be compatible
+ with both scenarios.
+ 
+ 
+ Original report:
+ 
  slack.com is a chat service with optional IRC integration.  Since today
  I can no longer connect to their IRC gateway using XChat-GNOME.  The
  error is:
  
  > * Nepavyko prisijungti. Klaida: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
  > Ar tai tikrai SSL šifravimą palaikantis serveris ir prievadas?
  
  which, translated from lt_LT, means
  
  > * Cannot connect.  Error: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
  > Does the server/port really support SSL?
  
  I think this is part of the fallout of CVE-2014-3566 (aka POODLE).
  XChat-GNOME is trying to use the insecure SSL protocol version 3, and
  Slack, reasonably enough, rejects that.
  
  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: xchat-gnome 1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12
  ProcVersionSignature: Ubuntu 3.13.0-37.64-generic 3.13.11.7
  Uname: Linux 3.13.0-37-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.5
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Wed Oct 15 14:50:57 2014
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2012-07-25 (811 days ago)
  InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
  SourcePackage: xchat-gnome
  UpgradeStatus: Upgraded to trusty on 2014-04-18 (180 days ago)

** Changed in: xchat-gnome (Ubuntu Precise)
       Status: Confirmed => In Progress

** Changed in: xchat-gnome (Ubuntu Trusty)
       Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xchat-gnome in Ubuntu.
https://bugs.launchpad.net/bugs/1381484

Title:
  Fails to connect to servers that disable SSLv3

Status in GNOME frontend to the popular xchat IRC client:
  Unknown
Status in “xchat” package in Ubuntu:
  Confirmed
Status in “xchat-gnome” package in Ubuntu:
  Confirmed
Status in “xchat” source package in Precise:
  Confirmed
Status in “xchat-gnome” source package in Precise:
  In Progress
Status in “xchat” source package in Trusty:
  Confirmed
Status in “xchat-gnome” source package in Trusty:
  In Progress
Status in “xchat” source package in Utopic:
  Confirmed
Status in “xchat-gnome” source package in Utopic:
  Confirmed

Bug description:
  SRU REQUEST:

  [Impact]

  Xchat-Gnome (and xchat) for the use of SSLv3. Since the Poodle attack
  on SSLv3, many servers are now disabling the use of SSLv3, making
  xchat-gnome unsable to connect successfully.

  [Test Case]

  Install xchat-gnome and connect to an irc server that no longer offers
  SSLv3.

  [Regression Potential]

  This update may possibly introduce compatibility issues with sites
  that don't properly handle TLSv1.2 negotiations. While such sites
  existed in the past, they aren't likely to be common at the present
  time. Unfortunately, there is no ultimate solution that would be
  compatible with both scenarios.

  
  Original report:

  slack.com is a chat service with optional IRC integration.  Since
  today I can no longer connect to their IRC gateway using XChat-GNOME.
  The error is:

  > * Nepavyko prisijungti. Klaida: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
  > Ar tai tikrai SSL šifravimą palaikantis serveris ir prievadas?

  which, translated from lt_LT, means

  > * Cannot connect.  Error: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
  > Does the server/port really support SSL?

  I think this is part of the fallout of CVE-2014-3566 (aka POODLE).
  XChat-GNOME is trying to use the insecure SSL protocol version 3, and
  Slack, reasonably enough, rejects that.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: xchat-gnome 1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12
  ProcVersionSignature: Ubuntu 3.13.0-37.64-generic 3.13.11.7
  Uname: Linux 3.13.0-37-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.5
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Wed Oct 15 14:50:57 2014
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2012-07-25 (811 days ago)
  InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
  SourcePackage: xchat-gnome
  UpgradeStatus: Upgraded to trusty on 2014-04-18 (180 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/xchat-gnome/+bug/1381484/+subscriptions


References