[OTR-users] OTR suddenly not connecting

Bits gsnqa6734n at snkmail.com
Wed Oct 30 22:09:03 EDT 2013 

"Ian Goldberg ian-at-cypherpunks.ca |otr/Example Allow|"
<o6tl2bav6t at sneakemail.com> writes:
>On Tue, Oct 29, 2013 at 10:45:51PM -0400, Bits wrote:
>> I changed my Pidgin settings to only connect to one ICQ account, then
>> exited it and started it again with "pidgin -d > out.txt".
>> 
>> The initial connecting bit is about 370 lines.
>> After that I took note of the log contents and tried "OTR: Start private
>> conversation" and it added these lines to the log:
>> 
>> -----
>> (22:34:29) oscar: Sending IM, charset=0x0000, length=290
>> (22:34:29) oscar: rate change (param ID 0x0001): curavg = 6000, maxavg =
>> 6000, alert at 2000, clear warning at 2500, limit at 1500, disconnect at
>> 800, delta is 569460, dropping is 0 (window size = 80)
>> (22:34:29) oscar: Sent message to 123456789.
>> -----
>> 
>> Then I sent over a message including only a single question mark and got
>> basically these very similar lines (note the msg is much shorter -
>> apparently 59 bites just to send my one-character message):
>> 
>> -----
>> (22:38:33) oscar: Sending IM, charset=0x0000, length=59
>> (22:38:33) oscar: rate change (param ID 0x0001): curavg = 6000, maxavg =
>> 6000, alert at 2000, clear warning at 2500, limit at 1500, disconnect at
>> 800, delta is 813740, dropping is 0 (window size = 80)
>> (22:38:33) oscar: Sent message to 123456789.
>> -----
>> 
>> While I was typing up this email I notice a couple more lines getting
>> added to the log:
>> 
>> -----
>> (22:40:17) oscar: Scheduling destruction of FLAP connection 022C1BC0 of
>> type 0x0010
>> (22:40:17) oscar: Destroying FLAP connection 022C1BC0
>> (22:40:17) oscar: Destroying oscar connection (022C1BC0) of type
>0x0010. 
>> Disconnect reason is 4
>> (22:40:17) oscar: Disconnected. Code is 0x0000 and msg is Remote host
>> closed connection.
>> -----
>> 
>> Note that my private conversation has yet to start up, even after
>multiple
>> clickings on "Start private conversation" and multiple simple messages
>to
>> try to get it started.
>> 
>> Thanks for looking into this!
>Can you see what actual messages are getting sent and received, say with
>wireshark?
>Thanks,
>- Ian


I just gave Wireshark a go - getting inside this stream's going to be a
pain - all Wireshark's showing me is that everything's happening inside
SSL/TLS.  I suppose that means to get meaningful messages Pidgin needs to
be run through some kinda of decrypting HTTPS proxy server, MitM style.

Not really sure how to do that; the proxy would need to gen certs on the
fly and sign them with a key Pidgin can be made to trust.  Is there an
easier way?

--Bits

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20131030/300f14b8/attachment.html>

More information about the OTR-users mailing list