I'm using openfire 3.10.3, compiled from source, on a linux host. I've attempted to setup server2server as best as I can and believe it should be working. I've read a few posts on the internet indicating errors with s2s support in openfire...
I'm testing it against two accounts on two public xmpp servers: one is working (sort of) and the other isn't at all. I have a domain and the domain resolves to my server IP, I added two SRV records (even though in theory this isn't needed) and enabled debug mode. I also disabled dialback by setting xmpp.server.dialback.enabled to false, when attempting to send a message to the server that fails, my debug log shows (testing against riseup.net):
2015.12.29 01:17:50 org.jivesoftware.openfire.session.LocalOutgoingServerSession - LocalOutgoingServerSession: OS - Trying to connect to riseup.net:5269(DNS lookup: xmpp.riseup.net:5269) 2015.12.29 01:17:51 org.jivesoftware.openfire.session.LocalOutgoingServerSession - LocalOutgoingServerSession: OS - Plain connection to riseup.net:5269 successful 2015.12.29 01:17:51 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Indicating we want TLS to riseup.net 2015.12.29 01:17:51 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Negotiating TLS... 2015.12.29 01:17:52 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - TLS negotiation was successful. 2015.12.29 01:17:52 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Offering dialback functionality: true 2015.12.29 01:17:52 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Offering EXTERNAL SASL: false 2015.12.29 01:17:52 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Skipping server dialback attempt as it has been disabled by local configuration. 2015.12.29 01:17:52 org.apache.mina.filter.ssl.SslFilter - Session Server[2](SSL): Writing Message : WriteRequest: HeapBuffer[pos=0 lim=223 cap=4096: 3C 6D 65 73 73 61 67 65 20 69 64 3D 22 70 75 72...] 2015.12.29 01:17:52 org.jivesoftware.openfire.server.OutgoingSessionPromise - OutgoingSessionPromise: Error sending packet to remote server:<message type="chat" id="purpledc64497a" to="***@riseup.net" from="***@domain/17c404b8"> <active xmlns="http://jabber.org/protocol/chatstates"/> <body>**</body></message> java.lang.Exception: Failed to create connection to remote server at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPacket(OutgoingSessionPromise.java:275) at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(OutgoingSessionPromise.java:239) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:744) 2015.12.29 01:17:52 org.apache.mina.filter.executor.OrderedThreadPoolExecutor - Adding event MESSAGE_SENT to session 2 Queue : [MESSAGE_SENT, ]
I'm not sure why it shows 'offering dialback functionality: true' (line 6) then says it skips it because it's not supported, surely it shouldn't be offering dialback support? The data sent to the riseup user never arrives anyhow.
For another connection, I'm testing against alpha-labs.net, this shows my account as being online but is giving me a '404: remote server not found' error? The connection and dialback text appears correct for this connection attempt:
2015.12.29 01:17:50 org.jivesoftware.openfire.session.LocalOutgoingServerSession - LocalOutgoingServerSession: OS - Trying to connect to alpha-labs.net:5269(DNS lookup: jarvis.alpha-labs.net:5269) 2015.12.29 01:17:50 org.jivesoftware.openfire.session.LocalOutgoingServerSession - LocalOutgoingServerSession: OS - Plain connection to alpha-labs.net:5269 successful 2015.12.29 01:17:50 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Indicating we want TLS to alpha-labs.net 2015.12.29 01:17:50 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Negotiating TLS... 2015.12.29 01:17:51 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - TLS negotiation was successful. 2015.12.29 01:17:51 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Offering dialback functionality: false 2015.12.29 01:17:51 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Offering EXTERNAL SASL: false 2015.12.29 01:17:51 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Skipping server dialback attempt as it has been disabled by local configuration.
So is this showing that s2s support is broken, or is it more likely to be a configuration error on my end?
If I enable dialback support, the connections behave differently:
2015.12.29 01:44:20 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Indicating we want TLS to alpha-labs.net 2015.12.29 01:44:20 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Negotiating TLS... 2015.12.29 01:44:20 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - TLS negotiation was successful. 2015.12.29 01:44:20 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Offering dialback functionality: false 2015.12.29 01:44:20 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Offering EXTERNAL SASL: false 2015.12.29 01:44:20 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Trying to connecting using dialback over TLS. 2015.12.29 01:44:20 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: OS - Sent dialback key to host: alpha-labs.net id: b91ef163 from domain: domain 2015.12.29 01:44:20 org.jivesoftware.openfire.net.BlockingAcceptingMode - Connect Socket[addr=/46.229.47.139,port=43480,localport=5269] 2015.12.29 01:44:20 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: AS - Verifying key for host: alpha-labs.net id: b91ef163 2015.12.29 01:44:20 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: AS - Key was: VALID for host: alpha-labs.net id: b91ef163 2015.12.29 01:44:20 org.jivesoftware.openfire.net.BlockingReadingMode - Logging off domain/e70088b1 on org.jivesoftware.openfire.net.SocketConnection@3fe8abc1 socket: Socket[addr=/46.229.47.139,port=43480,localport=5269] session: org.jivesoftware.openfire.session.Lo$ 2015.12.29 01:44:20 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: OS - Validation GRANTED from: alpha-labs.net id: b91ef163 for domain: domain 2015.12.29 01:44:20 org.jivesoftware.openfire.session.LocalOutgoingServerSession['alpha-labs.net'] - Dialback over TLS was successful. 2015.12.29 01:44:20 org.jivesoftware.openfire.net.BlockingAcceptingMode - Connect Socket[addr=/46.229.47.139,port=43481,localport=5269]
and
2015.12.29 01:45:12 org.jivesoftware.openfire.session.LocalOutgoingServerSession - LocalOutgoingServerSession: OS - Plain connection to riseup.net:5269 successful 2015.12.29 01:45:12 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Indicating we want TLS to riseup.net 2015.12.29 01:45:12 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Negotiating TLS... 2015.12.29 01:45:13 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - TLS negotiation was successful. 2015.12.29 01:45:13 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Offering dialback functionality: true 2015.12.29 01:45:13 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Offering EXTERNAL SASL: false 2015.12.29 01:45:13 org.jivesoftware.openfire.session.LocalOutgoingServerSession['riseup.net'] - Trying to connecting using dialback over TLS. 2015.12.29 01:45:13 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: OS - Sent dialback key to host: riseup.net id: id_removed from domain: domain 2015.12.29 01:45:13 org.jivesoftware.openfire.net.BlockingAcceptingMode - Connect Socket[addr=/198.252.153.234,port=46925,localport=5269] 2015.12.29 01:45:14 org.jivesoftware.openfire.net.BlockingReadingMode - Logging off domain/a9543d9 on org.jivesoftware.openfire.net.SocketConnection@15934a01 socket: Socket[addr=/198.252.153.234,port=46925,localport=5269] session: org.jivesoftware.openfire.session.L$ 2015.12.29 01:48:42 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: OS - Time out waiting for answer in validation from: riseup.net id: id_removed for domain: domain