This is a new issue as asked by @MattJ in #879.
Recent ejabberd and prosody servers cannot communicate together when using TLS. As far as I can tell, this is because there is no actual overlap between their TLS ciphersuites.
Output of my `prosodyctl about`:
Prosody 0.9.12
# Prosody directories
Data directory: /var/lib/prosody
Plugin directory: /usr/lib/prosody/modules/
Config directory: /etc/prosody
Source directory: /usr/lib/prosody
# Lua environment
Lua version: Lua 5.1
Lua module search paths:
/usr/lib/prosody/?.lua
/usr/local/share/lua/5.1/?.lua
/usr/local/share/lua/5.1/?/init.lua
/usr/local/lib/lua/5.1/?.lua
/usr/local/lib/lua/5.1/?/init.lua
/usr/share/lua/5.1/?.lua
/usr/share/lua/5.1/?/init.lua
Lua C module search paths:
/usr/lib/prosody/?.so
/usr/local/lib/lua/5.1/?.so
/usr/lib/x86_64-linux-gnu/lua/5.1/?.so
/usr/lib/lua/5.1/?.so
/usr/local/lib/lua/5.1/loadall.so
LuaRocks: Not installed
# Lua module versions
lfs: LuaFileSystem 1.6.3
lxp: LuaExpat 1.3.0
pposix: 0.3.6
socket: LuaSocket 3.0-rc1
ssl: 0.6
Output of cryptcheck ( https://tls.imirhil.fr/xmpp/ ) for the prosody server:
Protocols: TLSv1_2
Certificates: RSA 2048 bits
Diffie Hellman: ECC 384 bits
Good practices: PFS REQUIRED
Ciphersuites:
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
Output of cryptcheck ( https://tls.imirhil.fr/xmpp/ ) for the ejabberd server:
Protocols: TLSv1_2
Certificates: RSA 2048 bits
Diffie Hellman: ECC 256 bits
Good practices: PFS
Ciphersuites:
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-CHACHA20-POLY1305
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
As you can see, there is an overlap between the ciphersuites but they all use ECDHE and the curves for the Diffie Hellman do not overlap (P-256 vs. P-384).
IIRC prosody uses P-384. It could include more in its default list now and still assert it prefers P-384 by putting it first in the the curve list.
I've just tested again that changing the curve setting in prosody from secp384r1 (default iirc) to prime256v1 enables me to communicate again with an ejabberd server and changing it back breaks the communication again.
This is a new issue as asked by @MattJ in #879. Recent ejabberd and prosody servers cannot communicate together when using TLS. As far as I can tell, this is because there is no actual overlap between their TLS ciphersuites. Output of my `prosodyctl about`: Prosody 0.9.12 # Prosody directories Data directory: /var/lib/prosody Plugin directory: /usr/lib/prosody/modules/ Config directory: /etc/prosody Source directory: /usr/lib/prosody # Lua environment Lua version: Lua 5.1 Lua module search paths: /usr/lib/prosody/?.lua /usr/local/share/lua/5.1/?.lua /usr/local/share/lua/5.1/?/init.lua /usr/local/lib/lua/5.1/?.lua /usr/local/lib/lua/5.1/?/init.lua /usr/share/lua/5.1/?.lua /usr/share/lua/5.1/?/init.lua Lua C module search paths: /usr/lib/prosody/?.so /usr/local/lib/lua/5.1/?.so /usr/lib/x86_64-linux-gnu/lua/5.1/?.so /usr/lib/lua/5.1/?.so /usr/local/lib/lua/5.1/loadall.so LuaRocks: Not installed # Lua module versions lfs: LuaFileSystem 1.6.3 lxp: LuaExpat 1.3.0 pposix: 0.3.6 socket: LuaSocket 3.0-rc1 ssl: 0.6 Output of cryptcheck ( https://tls.imirhil.fr/xmpp/ ) for the prosody server: Protocols: TLSv1_2 Certificates: RSA 2048 bits Diffie Hellman: ECC 384 bits Good practices: PFS REQUIRED Ciphersuites: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 Output of cryptcheck ( https://tls.imirhil.fr/xmpp/ ) for the ejabberd server: Protocols: TLSv1_2 Certificates: RSA 2048 bits Diffie Hellman: ECC 256 bits Good practices: PFS Ciphersuites: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 As you can see, there is an overlap between the ciphersuites but they all use ECDHE and the curves for the Diffie Hellman do not overlap (P-256 vs. P-384). IIRC prosody uses P-384. It could include more in its default list now and still assert it prefers P-384 by putting it first in the the curve list. I've just tested again that changing the curve setting in prosody from secp384r1 (default iirc) to prime256v1 enables me to communicate again with an ejabberd server and changing it back breaks the communication again.
Fixed in https://hg.prosody.im/trunk/rev/92cddfe65003
Changes