-
-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] Chat bot unable to authenticate when External XMPP clients allowed to connect #268
Comments
Hi, Have you still some customization in your prosody.cfg file? Can you copy/paste the full content of the diagnostic tool result? In the meantime, if the bot still tries to connect, you can disable the feature by checking "Disable the advanced channel configuration and the chatbot" in the setting page. |
Another question: have you checked the setting "Use system Prosody"? If so, can you try uncheck it? |
I can confirm the same issue on my server, but with different settings. I do not have "Enable connection to room using external XMPP accounts" enabled, nor is "Enable client to server connections". I am fairly certain that I'm using the built-in Prosody (though the Diagnostic readout does confuse me with one element reading "Builtin Prosody and ConverseJS: KO". See Diagnostic output below). Regardless of above, with Chat Bot enabled and set up, it never appears in my chatroom. Parsing prosody.log turns up the same error as OP:
My server info is as follows:
Also, here is the contents of my Diagnostic output:
|
v20.3.1 |
Maybe related to Ubuntu. (i think i already had a user that had issue generating certificates on ubuntu) |
Could you check your Peertube's log: is there any log beginning with |
You can also check if these files exists:
If not, you can try to generate them using (and respond "y" to all questions): sudo -u peertube /var/www/peertube/storage/plugins/data/peertube-plugin-livechat/prosodyAppImage/squashfs-root/AppRun prosodyctl \
--config /var/www/peertube/storage/plugins/data/peertube-plugin-livechat/prosody/prosody.cfg.lua \
cert generate peertube.anon-kenkai.com If this display any error, let me now. |
No instances of "Spawned command cert" in PeerTube logs when I looked. Neither the .crt nor the .key file were present in the .../prosody/data/ directory. Here's the output from the command:
I assume OpenSSL error log might have more details, I'll try to find where those are. |
Yes. I'm suprised that there are not printed in the console. |
@ChanoSan , is |
I have all dependencies installed. OpenSSL is quite definitely installed on the server. |
You can try this: cd /tmp && sudo -u peertube openssl req -new -x509 -newkey rsa:2048 -nodes -keyout test.key -days 365 -sha256 -out test.crt -utf8 -subj /CN=peertube.anon-kenkai.com This should create 2 certificates files: /tmp/test.key and /tmp/test.crt If this works, i will update the plugin to use it when prosodyctl fails. |
I can confirm this worked:
Both "test.key" and "test.crt" are in the /tmp folder |
Ok good news. mv /tmp/test.key /var/www/peertube/storage/plugins/data/peertube-plugin-livechat/prosody/data/peertube.anon-kenkai.com.key
mv /tmp/test.crt /var/www/peertube/storage/plugins/data/peertube-plugin-livechat/prosody/data/peertube.anon-kenkai.com.crt Then restart Peertube. |
Confirmed for fixed. Moving the files as directed and restarting peertube resulted in expected behavior. Peertube chat plugin diagnostic confirms certs are okay. Errors no longer appearing in PeerTube logs, and the bot is present in the chatroom. Thanks very much, and hopefully OP can benefit from the fix when updated. |
Good news. I will release a v8.0.2, and wait for @dannekrose to confirm it fixes the original issue. |
Fix done. Plugin v8.0.2 released. If you don't want to wait this version to be indexed by Peertube, you can do this: sudo -u peertube psql peertube_prod
Then go in the admin web interface, to update the plugin. @dannekrose , if this does not fix your issue, you can reopen the issue. Thanks @ChanoSan for the debugging, it helped a lot. |
@dannekrose , can you confirm it fixes your issues? |
Thank you for the fix! Yes, it did, but I had to disable the externally generated certs that I was using and instead clear the "certs" path from the settings. After I cleared those, it works as expected even with external clients! Thank you so much! |
Describe the bug
Looking at the prosody logs after installing 8.0.0 and I see the following entries repeating.
Sep 26 20:18:16 c2s561d6ee4f7d0 warn All SASL mechanisms provided by authentication module 'peertubelivechat_bot' are forbidden on insecure connections (PLAIN)
Sep 26 20:18:16 c2s561d6ee4f7d0 info Client disconnected: no shared cipher
Sep 26 20:18:17 c2s561d6ee39310 info Client connected
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The bot would be able to authenticate and show up in the rooms
Screenshots
Logs only.
Server (please complete the following information):
Plugin diagnostic:
If this is a server setup issue, please go to the plugin settings, click on «launch diagnostic», and copy/paste the result.
Desktop (please complete the following information):
Additional context
I tested by disabling external XMPP client access and can verify that the chatbot authenticates and shows up correctly.
However, for my instance, we use external connections to do moderation and a few other features (stickers via Movim to show up in the Live Stream overlays).
The text was updated successfully, but these errors were encountered: