[14:50:02]
<tbart> Hi!
I somehow can't get OMEMO to work (again). Apart from changing the ssl paragraph to the global scope as written earlier, I haven't changed anything.
Whenever I try to send the first OMEMO message, clients say they are querying for keys but never finish.
Metronome's debug log says the following:
[14:50:14]
<tbart> Sep 25 16:46:00 c2s5598f8c94640debug Handled incoming stanzas: 21
Sep 25 16:46:00 c2s5598f8c94640debug Received[c2s]: <iq xml:lang='en' to='user@my.jabber.host' id='4d81aee2-1216-4119-a9b1-6e750dc36707' type='get'>
Sep 25 16:46:00 my.jabber.host:pep debug Delaying broadcasts as user@my.jabber.host service is being booted...
Sep 25 16:46:00 c2s5598f8c94640debug Received[c2s]: <r xmlns='urn:xmpp:sm:3'>
Sep 25 16:46:00 c2s5598f8c94640debug Received ack request for 21
Sep 25 16:46:00 c2s5598f8c94640debug Received[c2s]: <a h='22' xmlns='urn:xmpp:sm:3'>
[14:50:44]
<tbart> The service is running since days, not really booting..
[14:59:35]
<tbart> Config:
modules_enabled = {
"roster"; -- Allow users to have a roster. Recommended.
"saslauth"; -- Authentication for clients. Recommended if you want to log in.
"tls"; -- Add support for secure TLS on c2s/s2s connections
"disco"; -- Service discovery
"private"; -- Private XML storage (for room bookmarks, etc.)
"vcard"; -- Allow users to set vCards
"pep"; -- Allows setting of mood, tune, etc.
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
"bidi"; -- Enables Bidirectional Server-to-Server Streams.
"version"; -- Replies to server version requests
"uptime"; -- Report how long server has been running
"time"; -- Let others know the time here on this server
"ping"; -- Replies to XMPP pings with pongs
"register"; -- Allow users to register on this server using a client and change passwords
"stream_management"; -- Allows clients and servers to use Stream Management
"stanza_optimizations"; -- Allows clients to use Client State Indication and SIFT
"message_carbons"; -- Allows clients to enable carbon copies of messages
"mam"; -- Enable server-side message archives using Message Archive Management
"push"; -- Enable Push Notifications via PubSub using XEP-0357
"lastactivity"; -- Enables clients to know the last presence status of an user
"adhoc_cm"; -- Allow to set client certificates to login through SASL External via adhoc
"admin_adhoc"; -- administration adhoc commands
"bookmarks"; -- XEP-0048 Bookmarks synchronization between PEP and Private Storage
"privacy"; -- Implements XEP-0016 Privacy Lists and XEP-0191 Blocking Command
"sec_labels"; -- Allows to use a simplified version XEP-0258 Security Labels and related ACDFs.
"admin_telnet"; -- administration console, telnet to port 5582
"bosh"; -- Enable support for BOSH clients, aka "XMPP over Bidirectional Streams over Synchronous HTTP"
"websocket"; -- Enable support for WebSocket clients, aka "XMPP over WebSockets"
};
log = {
{ levels = { min = "error" }, to = "file", filename = "/var/log/metronome/metronome.err" },
{ levels = { min = "info" }, to = "file", filename = "/var/log/metronome/metronome.log" },
{ levels = { min = "debug" }, to = "file", filename = "/var/log/metronome/metronome_debug.log" }
};
pidfile = "/var/run/metronome/metronome.pid";
daemonize = false
allow_registration = false;
ssl = {
key = "/etc/metronome/certs/upload.my.jabber.host_privkey.pem";
certificate = "/etc/metronome/certs/upload.my.jabber.host_fullchain.pem";
}
http_ports = { }
https_ports = { 5280 }
disco_items = {
{ "upload.my.jabber.host", "file sharing service" },
}
VirtualHost "my.jabber.host"
ssl = {
key = "/etc/metronome/certs/my.jabber.host_privkey.pem";
certificate = "/etc/metronome/certs/my.jabber.host_fullchain.pem";
}
enabled = true -- This will disable the host, preserving the config, but denying connections
Component "conference.my.jabber.host" "muc"
modules_enabled = { "pastebin", "muc_limits", "muc_log", "muc_log_http" }
muc_log_http_config = { url_base = "logs" }
muc_event_rate = 0.7
muc_burst_factor = 13
restrict_room_creation = "local"
admins = { "admin@my.jabber.host" }
ssl = {
key = "/etc/metronome/certs/conference.my.jabber.host_privkey.pem";
certificate = "/etc/metronome/certs/conference.my.jabber.host_fullchain.pem";
}
Component "upload.my.jabber.host" "http_upload"
http_file_quota = 120*1024*1024 -- File quota per user
http_file_expire_after = 86400 -- Time to expire files
http_file_size_limit = 10000000
[15:48:29]
<Maranda> PEP services get loaded on demand
[15:48:55]
<Maranda> Reset/retrust keys and retry
[16:09:45]
<tbart> On client side?
Just added a new user, same problem. No keys there to delete/trust yet, the client can't seem to retrieve the keys.
[16:50:18]
<tbart> It also happens if I try to get OMEMO keys from this very JID I'm using here (that works with OMEMO). The debug log says it routes the request to jabber.at and gets an ack as well, does not look too bad.
[16:56:56]
<tbart> I also get strange DNS queries in the debug log for <user>, does not seem right, don't know if this is related..
Sep 25 18:52:45 adns debug Reply for _xmpps-server._tcp.user. (thread: 0x560c2fd84cb0)
Sep 25 18:52:45 mod_s2sdebug Finalising SRV record lookup for user...
Sep 25 18:52:45 adns debug Records for _xmpp-server._tcp.user. not in cache, sending query (thread: 0x560c2fca69b0)...
Sep 25 18:52:45 adns debug Sending DNS query to 1.0.0.1
Sep 25 18:52:45 socket debug new connection established. id: 560c2fd808d0
[17:30:12]
<Maranda> > <tbart> On client side?
> Just added a new user, same problem. No keys there to delete/trust yet, the client can't seem to retrieve the keys.
No on server side
[17:30:37]
<Maranda> That's all normal logs
[17:30:54]
<Maranda> Nothing wrong there as I said, reset keys