[OTR-users] OTR suddenly not connecting

Bits gsnqa6734n at snkmail.com
Fri Jun 27 17:10:54 EDT 2014 

OTR stopped being able to connect over ICQ connections for me again
yesterday.
I've tried the "OTR start private conversation" option many, many times
over many hours and it never seems to connect.

Pidgin v2.10.9, OTR v4.0.0

Here's the output from "pidgin -d" (with the ICQ # of the recipient
replaced with "xxxx")

-----
(16:52:03) util: Writing file prefs.xml to directory
C:\Users\xxxx\AppData\Roaming\.purple
(16:52:03) util: Writing file
C:\Users\xxxx\AppData\Roaming\.purple\prefs.xml
(16:52:15) oscar: Sending IM, charset=0x0000, length=292
(16:52:15) oscar: rate change (param ID 0x0001): curavg = 5276, maxavg =
6000, alert at 2000, clear warning at 2500, limit at 1500, disconnect at
800,
 delta is 42966, dropping is 0 (window size = 80)
(16:52:15) oscar: Sent message to xxxx.
(16:52:35) oscar: Sending IM, charset=0x0000, length=292
(16:52:35) oscar: rate change (param ID 0x0001): curavg = 6000, maxavg =
6000, alert at 2000, clear warning at 2500, limit at 1500, disconnect at
800,
 delta is 63244, dropping is 0 (window size = 80)
(16:52:35) oscar: Sent message to xxxx.
-----

I tried a Wireshark packet capture and got some strange results.
Wireshark says the protocol is "SSL", but the data doesn't look encrypted
to me.
Here's the output, with my ICQ# replaced with "888888" and the recipient's
replaced with "999999".
What is the number "003112075"?  Somehow it looks like an ID# that should
refer to me, but I don't have that in my records.
And why does it say "OTRv23"? Is that the protocol version while 4.0 is
the plugin version?

-----
*..0.T.........00312075....888888...1........(....<HTML><BODY>?OTRv23?
<b>888888</b> has requested an <a
href="http://otr.cypherpunks.ca/">Off-the-Record private conversation</a>.
 However, you do not have a plugin to support that.
See <a href="http://otr.cypherpunks.ca/">http://otr.cypherpunks.ca/</a>
for more information.</BODY></HTML>....*..T.....
................0.............P...............
....p...p..T.......P...................p...p..V................................."............|.......h....... at ...@..V.......
....|.......h....... at ...@..V..*..U.I.........00312075....999999...$56803284-fe3e-11e3-bc61-6431504adae8.
.....*..1..
-----

PS: Sadly, I'll be away from a keyboard for about 10 days.

--Bits

"Ian Goldberg ian-at-cypherpunks.ca |otr/Example Allow|"
<o6tl2bav6t at sneakemail.com> writes:
>On Wed, Oct 30, 2013 at 10:09:03PM -0400, Bits wrote:
>> I just gave Wireshark a go - getting inside this stream's going to be a
>> pain - all Wireshark's showing me is that everything's happening inside
>> SSL/TLS. I suppose that means to get meaningful messages Pidgin needs to
>> be run through some kinda of decrypting HTTPS proxy server, MitM style.
>> 
>> Not really sure how to do that; the proxy would need to gen certs on the
>> fly and sign them with a key Pidgin can be made to trust. Is there an
>> easier way?
>In your pidgin Accounts list, you can set your ICQ account to not use
>TLS.
>- Ian
>_______________________________________________
>OTR-users mailing list
>OTR-users at lists.cypherpunks.ca


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20140627/10849ee2/attachment.html>

More information about the OTR-users mailing list