Announcements
The Spotify Stars Program: Celebrating Values Week!

Help Wizard

Step 1

NEXT STEP

"Log in with Facebook" fails due to weak Diffie-Hellman key on login.spotilocal.com

"Log in with Facebook" fails due to weak Diffie-Hellman key on login.spotilocal.com

I haven't done any extensive replication on this issue as the only computer I have immediately available is running Arch Linux, but I see no reason Windows users won't be equally affected.

 

As far as I can tell, this issue is present in the latest (Linux) version (v0.9.17.8-1) and there are no existing reports for this issue. Specifically, when trying log into Spotify using the "Log in with Facebook" button, users receive the "Spotify desktop client communication failed" page, seen below:

 

Spotify Facebook Authentication - Mozilla Firefox_003.png

 

 

 

 

 

 

 

 

 

 

 

 

 

After spending some significant time troubleshooting, I found this lovely error in my browser error console:

 

Browser Console_001.png

 

In Firefox, this can be immediately worked around by changing a few about:config values. From what I can tell, there is not an equivalent setting in Chrome/Chromium, but this information is for the benefit of anyone encountering this issue and I digress. This issue needs to be fixed upstream, even though login.spotilocal.com resolves to 127.0.0.1. It is the Spotify client that is listening on 127.0.0.1:4371 and a stronger certificate needs to be generate to workaround the Logjam protection being added to most modern browsers.

Reply
1 Reply

Just to clarify, I assume vv0.9.17.8-1 is the latest because I haven't found anything newer on repository.spotify.com. Specifically, http://repository.spotify.com/pool/non-free/s/spotify/

Suggested posts