"Log in with Facebook" fails due to weak Diffie-Hellman key on login.spotilocal.com

Reply

"Log in with Facebook" fails due to weak Diffie-Hellman key on login.spotilocal.com

AWildColin
Casual Listener

I haven't done any extensive replication on this issue as the only computer I have immediately available is running Arch Linux, but I see no reason Windows users won't be equally affected.

 

As far as I can tell, this issue is present in the latest (Linux) version (v0.9.17.8-1) and there are no existing reports for this issue. Specifically, when trying log into Spotify using the "Log in with Facebook" button, users receive the "Spotify desktop client communication failed" page, seen below:

 

Spotify Facebook Authentication - Mozilla Firefox_003.png

 

 

 

 

 

 

 

 

 

 

 

 

 

After spending some significant time troubleshooting, I found this lovely error in my browser error console:

 

Browser Console_001.png

 

In Firefox, this can be immediately worked around by changing a few about:config values. From what I can tell, there is not an equivalent setting in Chrome/Chromium, but this information is for the benefit of anyone encountering this issue and I digress. This issue needs to be fixed upstream, even though login.spotilocal.com resolves to 127.0.0.1. It is the Spotify client that is listening on 127.0.0.1:4371 and a stronger certificate needs to be generate to workaround the Logjam protection being added to most modern browsers.

1 Reply
Highlighted

Re: "Log in with Facebook" fails due to weak Diffie-Hellman key on login.spotilocal.com

AWildColin
Casual Listener
Just to clarify, I assume vv0.9.17.8-1 is the latest because I haven't found anything newer on repository.spotify.com. Specifically, http://repository.spotify.com/pool/non-free/s/spotify/
SUGGESTED POSTS