Not logged in. · Lost password · Register
Forum: MatriX RSS
Authentication failed because the remote party has closed the transport stream.
Avatar
Whathaven #1
Member since Feb 2015 · 5 posts
Group memberships: Members
Show profile · Link to this post
Subject: IOException at Matrix.Net.ClientSocket.DoStartSecurityLayer
Using Matrix 1.6.0.6 for .NET 4.0

I'm able to connect to the server with the Psi Xmpp client.
Not sure what is causing the server(remote party?) to close the stream, but my guess was that some of the settings were wrong.

I did try to mirror the Psi settings as much as possible. I assumed "Use Legacy SSL" was the "OldStyleSsl". There was something that popped up the first time I connected to the server with Psi. It said there was an invalid certificate and I chose to ignore the invalid certificate. I tried registering an "OnValidateCertificate" event but it doesn't get called.
Trying the sample MiniClient and adding in the extra settings, it raises just an error event when trying to log in.

In the past I've been able to connect to the server with the same settings I'm using now, so I suspect it could be something on my computer blocking it or interfering. I'll write back if I find the problem.

Beneath is the code I used to set up the test connection along with some debug logging.

Thanks for helping.

  1. public static void Run(string[] args)
  2. {
  3.     TextWriterTraceListener traceListener = new TextWriterTraceListener("trace.log")
  4.     {
  5.         IndentSize = 4
  6.     };
  7.     Trace.AutoFlush = true;
  8.     Trace.Listeners.Add(traceListener);
  9.  
  10.     XmppClient xmppClient = new XmppClient(_jidSender)
  11.     {
  12.         Password = _senderPassword,
  13.         ClientCertificate = null, //Server has a bad certificate, I wanted to ignore it
  14.         ResolveSrvRecords = false, //Set because the Hostname is not the XmppDomain
  15.         Hostname = _hostname, //Has multiple servers
  16.         Port = _port, //Hosted on non-default port
  17.         OldStyleSsl = true //Uses the Old SSL
  18.     };
  19.  
  20.     //This just logs what events occur
  21.     DebugJabberClient.Debug(xmppClient, "event.log");
  22.  
  23.     xmppClient.OnError += (sender, e) => {
  24.         Trace.TraceError("ERROR[" + e.Exception.ToString() + "]");
  25.     };
  26.  
  27.     xmppClient.OnReceiveXml += (sender, e) =>
  28.     {
  29.         Trace.TraceInformation("RECEIVE[" + e.Text + "]");
  30.     };
  31.  
  32.     xmppClient.OnSendXml += (sender, e) =>
  33.     {
  34.         Trace.TraceInformation("SEND[" + e.Text + "]");
  35.     };
  36.  
  37.     xmppClient.OnRosterEnd += (sender, e) =>
  38.     {
  39.         Trace.TraceInformation("RosterEnd[]");
  40.         xmppClient.Send(new Message {
  41.             To = _jidReciever,
  42.             Type = Matrix.Xmpp.MessageType.chat,
  43.             Body = "Hello World"
  44.         });
  45.     };
  46.  
  47.     xmppClient.Open();
  48.     Console.WriteLine("Press Enter to Exit...");
  49.     Console.ReadLine();
  50.     xmppClient.Close();
  51. }

trace.log
<redacted>.vshost.exe Error: 0 : ERROR[System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
   at Matrix.Net.ClientSocket.DoStartSecurityLayer(SslProtocols protocol)]

event.log
2015-02-07_09:48:20>OnError
This post was edited on 2015-02-07, 10:56 by Alex.
Avatar
Alex #2
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Quote by Whathaven:
I'm able to connect to the server with the Psi Xmpp client.
Not sure what is causing the server(remote party?) to close the stream, but my guess was that some of the settings were wrong.

can you post the details of your server, then we can check.

Quote by Whathaven:
I did try to mirror the Psi settings as much as possible. I assumed "Use Legacy SSL" was the "OldStyleSsl". There was something that popped up the first time I connected to the server with Psi. It said there was an invalid certificate and I chose to ignore the invalid certificate. I tried registering an "OnValidateCertificate" event but it doesn't get called.

yes LegacySsl is OldStyle Ssl. But this should not be used anymore. Tls (StartTls) is what you should use.
In the MiniClient you can see howto accept an invalidate certificate.
See also:
https://gitlab.com/matrix-xmpp/samples/blob/master/csharp/…

e.AcceptCertificate = true; and then just return does it.

The stacktrace sias only that the server closed the connection. Ni idea why, but I think its the OldStyleSsl which is wrong and cannot work on default port 5222.

Alex
Avatar
Whathaven #3
Member since Feb 2015 · 5 posts
Group memberships: Members
Show profile · Link to this post
Quote by Alex:
Quote by Whathaven:
I'm able to connect to the server with the Psi Xmpp client.
Not sure what is causing the server(remote party?) to close the stream, but my guess was that some of the settings were wrong.

can you post the details of your server, then we can check.

I can't post the server hostname and XmppDomain.
The server runs on port 5223.
Accounts on the servers have the same XmppDomain but depending on the location are assigned to different server each having different hostnames.

Here's a connection log from Psi of a successful login and then disconnect.

  1. <!-- Sent -->
  2. <?xml version="1.0"?>
  3.  
  4.  
  5. <stream:stream xmlns:stream="http://etherx.jabber.org/streams" version="1.0" xmlns="jabber:client" to="<Removed XmppDomain>" xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace">
  6.  
  7. <!-- Received -->
  8. <?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='3196554734' from='<Removed XmppDomain>' version='1.0'>
  9.  
  10.  
  11. <stream:features>
  12. <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
  13. <mechanism>PLAIN</mechanism>
  14. <mechanism>XOAUTH2</mechanism>
  15. </mechanisms>
  16. </stream:features>
  17.  
  18. <!-- Sent -->
  19. <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN"><!-- Redacted Password --></auth>
  20.  
  21. <!-- Received -->
  22. <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>
  23.  
  24. <!-- Sent -->
  25. <?xml version="1.0"?>
  26.  
  27.  
  28. <stream:stream xmlns:stream="http://etherx.jabber.org/streams" version="1.0" xmlns="jabber:client" to="<Removed XmppDomain>" xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace">
  29.  
  30. <!-- Received -->
  31. <?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='4249622003' from='<Removed XmppDomain>' version='1.0'>
  32.  
  33.  
  34. <stream:features>
  35. <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/>
  36. <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>
  37. </stream:features>
  38.  
  39. <!-- Sent -->
  40. <iq type="set" id="bind_1">
  41. <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind">
  42. <resource><Removed Resource></resource>
  43. </bind>
  44. </iq>
  45.  
  46. <!-- Received -->
  47. <iq xmlns="jabber:client" type="result" id="bind_1">
  48. <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind">
  49. <jid><!-- Removed Username -->@<!-- Removed XmppDomain -->/<!-- Removed Resource --></jid>
  50. </bind>
  51. </iq>
  52.  
  53. <!-- Sent -->
  54. <iq type="set" id="aab8a">
  55. <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>
  56. </iq>
  57.  
  58. <!-- Received -->
  59. <iq type="result" id="aab8a">
  60. <session xmlns="urn:ietf:params:xml:ns:xmpp-session">
  61. <ts>2015-02-07 13:11:17</ts>
  62. </session>
  63. </iq>
  64.  
  65. <!-- Sent -->
  66. <iq type="get" id="aab9a">
  67. <query xmlns="jabber:iq:roster"/>
  68. </iq>
  69.  
  70. <!-- Received -->
  71. <iq from="<Removed Username>@<Removed XmppDomain>" type="result" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aab9a">
  72. <query xmlns="jabber:iq:roster">
  73. <item subscription="both" name="<Removed Contact 1>" jid="<Removed Contact 1>@<Removed XmppDomain>">
  74. <group priority="0">Test</group>
  75. </item>
  76. <item subscription="both" name="<Removed Contact 2>" jid="<Removed Contact 2>@<Removed XmppDomain>">
  77. <group>Test</group>
  78. </item>
  79. </query>
  80. </iq>
  81.  
  82. <!-- Sent -->
  83. <presence>
  84. <show>chat</show>
  85. <priority>0</priority>
  86. <c xmlns="http://jabber.org/protocol/caps" node="http://psi-im.org/caps" ver="caps-b75d8d2b25" ext="ca cs ep-notify-2 html"/>
  87. </presence>
  88.  
  89.  
  90. <iq type="get" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aabba">
  91. <query xmlns="http://jabber.org/protocol/disco#info" node="http://psi-im.org/caps#ca"/>
  92. </iq>
  93.  
  94.  
  95. <iq type="get" id="aabca">
  96. <query xmlns="jabber:iq:private">
  97. <storage xmlns="storage:bookmarks"/>
  98. </query>
  99. </iq>
  100.  
  101.  
  102. <iq type="get" to="<Removed Username>@<Removed XmppDomain>" id="aabda">
  103. <vCard xmlns="vcard-temp"/>
  104. </iq>
  105.  
  106.  
  107. <iq type="get" to="<Removed XmppDomain>" id="aabea">
  108. <query xmlns="http://jabber.org/protocol/disco#info"/>
  109. </iq>
  110.  
  111. <!-- Received -->
  112. <presence from="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>">
  113. <show>chat</show>
  114. <priority>0</priority>
  115. <c xmlns="http://jabber.org/protocol/caps" node="http://psi-im.org/caps" ver="caps-b75d8d2b25" ext="ca cs ep-notify-2 html"/>
  116. </presence>
  117.  
  118.  
  119. <iq from="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" type="get" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aabba">
  120. <query xmlns="http://jabber.org/protocol/disco#info" node="http://psi-im.org/caps#ca"/>
  121. </iq>
  122.  
  123. <!-- Sent -->
  124. <iq type="result" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aabba">
  125. <query xmlns="http://jabber.org/protocol/disco#info" node="http://psi-im.org/caps#ca">
  126. <identity category="client" type="pc" name="Psi"/>
  127. <feature var="urn:xmpp:jingle:1"/>
  128. <feature var="urn:xmpp:jingle:transports:ice-udp:1"/>
  129. <feature var="urn:xmpp:jingle:apps:rtp:1"/>
  130. <feature var="urn:xmpp:jingle:apps:rtp:audio"/>
  131. </query>
  132. </iq>
  133.  
  134. <!-- Received -->
  135. <iq from="<Removed Username>@<Removed XmppDomain>" type="error" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aabca">
  136. <query xmlns="jabber:iq:private">
  137. <storage xmlns="storage:bookmarks"/>
  138. </query>
  139. <error type="cancel" code="503">
  140. <service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
  141. </error>
  142. </iq>
  143.  
  144.  
  145. <iq from="<Removed Username>@<Removed XmppDomain>" type="error" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aabda">
  146. <vCard xmlns="vcard-temp"/>
  147. <error type="cancel" code="503">
  148. <service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
  149. </error>
  150. </iq>
  151.  
  152. <!-- Sent -->
  153. <iq type="get" to="<Removed Username>@<Removed XmppDomain>" id="aabfa">
  154. <vCard xmlns="vcard-temp"/>
  155. </iq>
  156.  
  157. <!-- Received -->
  158. <iq from="<Removed XmppDomain>" type="error" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aabea">
  159. <query xmlns="http://jabber.org/protocol/disco#info"/>
  160. <error type="cancel" code="501">
  161. <feature-not-implemented xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
  162. </error>
  163. </iq>
  164.  
  165.  
  166. <iq from="<Removed Username>@<Removed XmppDomain>" type="error" to="<Removed Username>@<Removed XmppDomain>/<Removed Resource>" id="aabfa">
  167. <vCard xmlns="vcard-temp"/>
  168. <error type="cancel" code="503">
  169. <service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
  170. </error>
  171. </iq>
  172.  
  173. <!-- Sent -->
  174. <presence type="unavailable">
  175. <status>Logged out</status>
  176. </presence>

Quote by Alex:
Quote by Whathaven:
I did try to mirror the Psi settings as much as possible. I assumed "Use Legacy SSL" was the "OldStyleSsl". There was something that popped up the first time I connected to the server with Psi. It said there was an invalid certificate and I chose to ignore the invalid certificate. I tried registering an "OnValidateCertificate" event but it doesn't get called.

yes LegacySsl is OldStyle Ssl. But this should not be used anymore. Tls (StartTls) is what you should use.
In the MiniClient you can see howto accept an invalidate certificate.
See also:
https://gitlab.com/matrix-xmpp/samples/blob/master/csharp/…

e.AcceptCertificate = true; and then just return does it.

The stacktrace sias only that the server closed the connection. Ni idea why, but I think its the OldStyleSsl which is wrong and cannot work on default port 5222.

Alex

I was aware of the OnValidateCertificate, but it is not called. Only the OnError event is called.
Most of the server's clients only support Legacy SSL, I tried connecting with Psi without Legacy SSL but it doesn't work.
The server is listening on port 5223.

Thanks for taking the time to help me with this problem.

Quote by Whathaven:
In the past I've been able to connect to the server with the same settings I'm using now, so I suspect it could be something on my computer blocking it or interfering. I'll write back if I find the problem.

I've tried uninstalling my firewall and disabling the Windows firewall but this had no effect on the problem.

Edit:
For clarification, I modified the MiniClient to accept a port and checkbox for OldStyleSSL and have the OnError event specify the error.
On trying to connect it results in the same single event, OnError with the same error.
This post was edited 3 times, last on 2015-02-07, 15:25 by Alex.
Avatar
Alex #4
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
I don't see you setting the XmppDomain in your code. This maybe a problem, The XmppDomain is required.

Without having access to this server for debugging there is not much I can do for you. The exception is inside the .NET framework when its trying to init the SSL connection.

Alex
Avatar
Whathaven #5
Member since Feb 2015 · 5 posts
Group memberships: Members
Show profile · Link to this post
Quote by Alex:
I don't see you setting the XmppDomain in your code. This maybe a problem, The XmppDomain is required.

Without having access to this server for debugging there is not much I can do for you. The exception is inside the .NET framework when its trying to init the SSL connection.

Alex

Ooops, I assumed the XmppDomain as part of the Jid object when passed to the constructor of XmppClient.
I suspected that the error wasn't part of Matrix since it originated from the .NET framework SslStream.
I'll try testing on another computer first.
Avatar
Alex #6
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
the XMPP domain could be the problem. because that needs to be passed to .NET for SSL certificate validation which will be a null value in your case then.
Avatar
Whathaven #7
Member since Feb 2015 · 5 posts
Group memberships: Members
Show profile · Link to this post
Quote by Alex:
the XMPP domain could be the problem. because that needs to be passed to .NET for SSL certificate validation which will be a null value in your case then.

I'm using this constructor for the XmppClient
  1. public XmppClient(Jid jid) : this()
  2. {
  3.     this.Username = jid.User;
  4.     this.XmppDomain = jid.Server;
  5. }

I tested manually setting the XmppDomain but the error still occurs.
May I PM you the server details?
This post was edited on 2015-02-07, 17:12 by Alex.
Avatar
Alex #8
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Quote by Whathaven:
May I PM you the server details?

yes
Avatar
Whathaven #9
Member since Feb 2015 · 5 posts
Group memberships: Members
Show profile · Link to this post
Quote by Alex:
Quote by Whathaven:
May I PM you the server details?

yes

I couldn't find the PM feature so I just used the email form instead.
Avatar
Alex #10
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
I have no problems at all to connect to this server with MatriX form my machine.
I send you my connection setup code by PM.

Alex
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Forum: MatriX RSS