savoirfairelinux issueshttps://git.jami.net/groups/savoirfairelinux/-/issues2022-06-23T19:18:53Zhttps://git.jami.net/savoirfairelinux/jami-project/-/issues/1440jami clients won't connect to jams2022-06-23T19:18:53Zsom bugsjami clients won't connect to jamsHi!
I'm trying to setup my "local" only messaging using jams and jami clients.
Want to selfhost everything, so installed jams inside rootless container using podman, setup nginx reverse proxy, made self-signed CA and certificates for tl...Hi!
I'm trying to setup my "local" only messaging using jams and jami clients.
Want to selfhost everything, so installed jams inside rootless container using podman, setup nginx reverse proxy, made self-signed CA and certificates for tls, setup dns resolving for my made-up tld, installed my root ca certificate on client devices.
I assume everything went ok - when i load webpage (jams webinterface) everything loads without an error, there is 'lock' icon in browser's address bar (both on linux pc and android phone).
In jams wizard i've set local database and correct domain. Then created a few users.
I can login in jams webinterface with those logins.
Problem: everytime i try to connect from jami clients i get "Can't find account. Account couldn't be found on the Jami network. Make sure it was exported on Jami from an existing device, and that provided credentials are correct".
Capturing traffic on different machines shows that jami client resolving my jams domain name ("jams.lan"), trying to connect using tls ("Client hello"), server responds ("Server hello"), then they send each other just a few more encrypted packets and then i see that "Can't find accound" message in jami client.
I suspect that jami clients are actually don't trust my self-signed tls certificate. I created fullchain + key bundle (cat server.crt rootca.crt server.key > server.pem) from my already working well certificates from my nginx reverse proxy. Then used mitmproxy:
`$ mitmdump -p 9922 --certs server.pem -w dump.log -m reverse:http://127.0.0.1:9900`
and here is a log (i'm using "jams.lan:9922" as management server url in jami clients):
```
192.168.1.3:41378: client connect
192.168.1.3:41378: server connect 127.0.0.1:9900
192.168.1.3:41378: Client TLS handshake failed. The client does not trust the proxy's certificate for jams.lan (tlsv1 alert unknown ca)
192.168.1.3:41378: client disconnect
192.168.1.3:41378: server disconnect 127.0.0.1:9900
```
and nothing was written to dump.log, so nothing was send back to the actual jams server (which listens on port 9900).
If i try to open this address (jams.lan:9922) in browser then again everything is fine, getting 'lock' icon in address bar, and dump.log has some data.
Please make jami clients trust user installed certificates.Larbi GharibLarbi Gharibhttps://git.jami.net/savoirfairelinux/jami-jams/-/issues/70Replace Statement database management with ORM such as Hibernate2021-03-17T20:17:11ZLarbi GharibReplace Statement database management with ORM such as HibernateAdrien BéraudLarbi GharibGuillaume HellerAdrien Béraudhttps://git.jami.net/savoirfairelinux/jami-jams/-/issues/67Expired session will editing2021-02-24T17:40:41ZLarbi GharibExpired session will editingStart new session
Start editing
After few minutes user experiences issuesStart new session
Start editing
After few minutes user experiences issueshttps://git.jami.net/savoirfairelinux/jami-jams/-/issues/62Remove Add group and delete group in UI for LDAP/AD2020-11-17T23:04:32ZLarbi GharibRemove Add group and delete group in UI for LDAP/ADRemove Add group and delete group in UI for LDAP/AD.Remove Add group and delete group in UI for LDAP/AD.Adrien BéraudLarbi GharibGuillaume HellerAdrien Béraudhttps://git.jami.net/savoirfairelinux/jami-jams/-/issues/61Add API endpoint Groups with pagination2020-11-17T23:02:47ZLarbi GharibAdd API endpoint Groups with paginationImplement an endpoint to fetch groups **/api/admin/group** at the moment we use the group endpoint where the name = "*" this is inefficient an can cause **/api/admin/group** performance issue if a big number of groups is stored in the da...Implement an endpoint to fetch groups **/api/admin/group** at the moment we use the group endpoint where the name = "*" this is inefficient an can cause **/api/admin/group** performance issue if a big number of groups is stored in the database.Larbi GharibWilliam EnrightLarbi Gharibhttps://git.jami.net/savoirfairelinux/jami-jams/-/issues/60Update API for group Id2020-11-17T23:00:14ZLarbi GharibUpdate API for group IdInstead of using the Name to update and delete Groups we should use the id (Which can be a string)Instead of using the Name to update and delete Groups we should use the id (Which can be a string)Larbi GharibWilliam EnrightLarbi Gharibhttps://git.jami.net/savoirfairelinux/jami-jams/-/issues/55Read user agent when client connects to JAMS2020-09-08T15:02:12ZWilliam EnrightRead user agent when client connects to JAMSWhen a Jami client attempts to connect to JAMS, we should read the user agent in the device registration request and send back the appropriate configuration.
NOTE: This is for next release.When a Jami client attempts to connect to JAMS, we should read the user agent in the device registration request and send back the appropriate configuration.
NOTE: This is for next release.