Hello, everyone!
I need help with this error I'm getting in Prosody 0.11.2-1 in Debian
10. Prosody is hosted in a Raspberry Pi 4 at home, connected to my
WireGuard VPN hosted in my AWS EC2 VPS. XMPP ports are routed through my
EC2 using iptables. c2s connections seem to work fine, but I'm having
trouble with s2s connections. I did a lot of research, I even went
through the code (net/server_select.lua), and couldn't figure it out.
Here's the error when trying to send or receive a message (or pretty
much anything that involves c2s) between my server (
avalos.me) and
disroot.org:
Apr 16 02:09:52 s2soutaaaac027eba0 debug Beginning new connection
attempt to
disroot.org ([178.21.23.139]:5269)
Apr 16 02:09:52 s2soutaaaac027eba0 debug Connection attempt in progress...
Apr 16 02:09:52 s2soutaaaac027eba0 debug Sending[s2sout_unauthed]: <?xml
version='1.0'?>
Apr 16 02:09:52 s2soutaaaac027eba0 debug Sending[s2sout_unauthed]:
<stream:stream xmlns:db='jabber:server:dialback' version='1.0'
to='
disroot.org' from='
avalos.me' xml:lang='en'
xmlns:stream='
http://etherx.jabber.org/streams' xmlns='jabber:server'>
Apr 16 02:09:52 runnerNR26jJ9Q debug creating new coroutine
Apr 16 02:09:52 s2soutaaaac027eba0 debug Received[s2sout_unauthed]:
<features xmlns='
http://etherx.jabber.org/streams'>
Apr 16 02:09:52 avalos.me:tls debug Received features element
Apr 16 02:09:52 avalos.me:tls debug
disroot.org is offering TLS, taking
up the offer...
Apr 16 02:09:52 s2soutaaaac027eba0 debug Sending[s2sout_unauthed]:
<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Apr 16 02:09:52 s2soutaaaac027eba0 debug Received[s2sout_unauthed]:
<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Apr 16 02:09:52 avalos.me:tls debug Proceeding with TLS on s2sout...
Apr 16 02:09:52 socket debug server.lua: attempting to start tls on
tcp{client}: 0xaaaac0155ec8
Apr 16 02:09:52 socket debug server.lua: ssl handshake done
Apr 16 02:09:52 s2soutaaaac027eba0 debug Sending stream header...
Apr 16 02:09:52 s2soutaaaac027eba0 debug Sending[s2sout_unauthed]: <?xml
version='1.0'?>
Apr 16 02:09:52 s2soutaaaac027eba0 debug Sending[s2sout_unauthed]:
<stream:stream xmlns:db='jabber:server:dialback' version='1.0'
to='
disroot.org' from='
avalos.me' xml:lang='en'
xmlns:stream='
http://etherx.jabber.org/streams' xmlns='jabber:server'>
Apr 16 02:09:53 socket debug server.lua: client 178.21.23.139:clientport
read error: closed
Apr 16 02:09:53 s2soutaaaac027eba0 debug s2s connection attempt failed:
closed
Apr 16 02:09:53 s2soutaaaac027eba0 debug Out of IP addresses, trying
next SRV record (if any)
Apr 16 02:09:53 s2soutaaaac027eba0 info Failed in all attempts to
connect to
disroot.org
Apr 16 02:09:53 s2soutaaaac027eba0 debug No other records to try for
disroot.org - destroying
Apr 16 02:09:53 s2soutaaaac027eba0 debug Destroying outgoing session
avalos.me->
disroot.org: Connecting failed: closed
Apr 16 02:09:53 s2soutaaaac027eba0 info Sending error replies for 1
queued stanzas because of failed outgoing connection to
disroot.org
Apr 16 02:09:53 stanzarouter debug Received[s2sin]: <message
from='
ava...@disroot.org' to='
iv...@avalos.me/chatsecure20079' type='error'>
Apr 16 02:09:53 c2saaaac0162b00 debug Sending[c2s]: <message
from='
ava...@disroot.org' to='
iv...@avalos.me/chatsecure20079' type='error'>
Apr 16 02:09:53 s2soutaaaac027eba0 debug s2s disconnected: <nil>-><nil>
(closed)
Apr 16 02:09:53 socket debug server.lua: closed client handler and
removed socket from list
---
As you can see, it indeed establishes a TLS handshake both servers
communicate for a while, but then, after trying to send the stream
header over s2sout, the connection closes. When sending stuff, it says
(notice the `clientport` instead of the actual port):
client 178.21.23.139:clientport read error: closed
When trying to receive stuff, this is what I get (notice the VPN
server's IP instead of
disroot.org's IP, notice the port):
client
192.168.2.1:50064 read error: closed
It seems weird to me. I would appreciate some help.
:3
--
Iván Ávalos
Matrix: @avalos:
cybre.space
Website:
https://avalos.me/