interop - 2010-12-06

  1. Kev has joined

  2. Kev


  3. Dave Cridland has joined

  4. Dave Cridland


  5. Kev2 has joined

  6. Kev2 has left

  7. Jonas has joined

  8. Tobias has joined

  9. Tobias set the topic to

    Interop Stuff

  10. Dave Cridland

    Anyone know if there's a mailing list for this as well?

  11. Tobias this one maybe? but i don't know who is subscribed there

  12. Kev

    Well, interestingly, I don't have the password for that list.

  13. Kev

    This suggests it's not been used recently.

  14. Tobias

    but there're messages in the archive

  15. Tobias

    though one year idle

  16. Dave Cridland

    Kev, I assume you're wearing an iteam/XSF hat for this?

  17. Kev


  18. Kev

    I have other hats available if it gets cold.

  19. fippo has joined

  20. Kev

    Ok, I've mangled control of the interop mailing list as well, now.

  21. Kev

    I suggest that people who aren't on that list yet make it so.

  22. Dave Cridland

  23. Kev


  24. Kev

  25. remko has joined

  26. Dave Cridland

    So what do we need in terms of client accounts, DNS, and certificates, then?

  27. Dave Cridland

    Aside from someone to run the CA?

  28. Kev

    You tell me, I'm just here to do what I'm told.

  29. Kev

    (Or, rather to ask the iteam to)

  30. waqas has joined

  31. Flo has joined

  32. Dave Cridland

    OK, updated the wiki page with this and the mailing list.

  33. Tobias

    something in the topic would be nice too, maybe a pointer to the wiki page

  34. has joined

  35. fippo

    ok... how do we get certs? Shall we send CSRs or is it easier if you generate privkeys and certs for a given hostname?

  36. Kev

    fippo: Matt's volunteered to run the CA for the week, so I think we need him to appear first :)

  37. Steffen Larsen has joined

  38. remko

    will the certificates used in the interop be made available somewhere for later use (or regression testing?)

  39. remko


  40. Dave Cridland

    fippo, Given what Isode is giving Matt, I don't think it makes any difference whether he generates the CSR/PKEY pair you you do.

  41. remko

    scary green man: will there be 'meeting minutes' of this week? I.e. what was tested etc.

  42. Florian has joined

  43. Florian

    morning gents.

  44. Morning!

  45. Florian

    soo ... I'm ready to add the vhosts ...

  46. dbanes has joined

  47. dbanes

    surprise - I'm in the UK for a while now so time zones a bit easier than when I was in Sydney

  48. Dave Cridland

    remko, Should do that, shouldn't we?

  49. remko

    should yes

  50. Florian

    dbanes: so you're also freezing to death?

  51. dbanes

    yes, that's the down side

  52. dbanes

    arriving at Heathrow in shorts was not a good idea :)

  53. Florian


  54. Kev

    On the upside, it's a once in a lifetime experience.

  55. Flo

    Hopefully, anyway.

  56. Kev

    Freezing to death? The odds are good, I'd say.

  57. Florian

    indeed. I froze on my way up the hill to campus

  58. Flo

    arriving at Heathrow in shorts :)

  59. Florian

    well ... on the other hand... the Finns jump into snow after the sauna too

  60. Tobias has left

  61. Florian has left

  62. Florian has joined

  63. Dave Cridland

    Client folk - any of you have SCRAM-SHA1-PLUS coded?

  64. Florian

    lol ... I think that's a no :)

  65. Dave Cridland

    Well... Server folk, then? (I've two clients and a server).

  66. Dave Cridland

    Aw... Ah, well.

  67. Florian


  68. waqas

    Dave Cridland: Which is the other client?

  69. badlop has joined

  70. Dave Cridland

    waqas, Well, We-Isode has a CMU SASL fork which now has channel binding. I also have Polymer, which has had it since, erm, last year or something silly.

  71. Dave Cridland

    waqas, And yes, Polymer *is* a mail client, and quite why it happens to have a small XMPP library in it really is anyone's guess.

  72. jerry has joined

  73. jerry has left

  74. waqas

    Dave Cridland: Perhaps we need a new version of Zawinski's Law.

  75. Dave Cridland

    waqas, This is Zawinski is reverse, though.

  76. Dave Cridland

    in reverse.

  77. Florian

    what's Zawinski's law?

  78. Florian

    (sorry ... can't access the web for some reason atm :/)

  79. Florian

    actually .. DNS is down

  80. Dave Cridland

    As I recall, every software project grows until it can read mail.

  81. waqas

    Florian: All software evolves until it can real mail

  82. Kev

    Every application will continue to expand until it has a mail reader, or such, I think.

  83. waqas


  84. Florian

    right :)

  85. Florian

    thanks for that :)

  86. waqas

    Hmm, Prosody has a mail sending extension, though not a reading one :)

  87. Kev

    That's ok, just run it backwards.

  88. Kev

    Reverse the polarity!

  89. Dave Cridland

    Kev, Do you have access to the domain name's DNS , BTW?

  90. waqas

    How many server projects have shown interest in the interop event? The last I remember was three.

  91. Dave Cridland

    Kev, If so, we could start setting up that.

  92. Dave Cridland

    waqas, Wiki page has 5.

  93. Kev

    I have access to everything. I may not have the inclination to touch it, but I have access. I can also poke appropriate people.

  94. waqas finds the wiki page

  95. Dave Cridland

  96. waqas


  97. Dave Cridland set the topic to

    XSF Interop 2010 -

  98. Dave Cridland

    Ah. I was going to change the subject, but that seems not to work.

  99. Florian


  100. Kev

    I thought I was an admin on this service, but I'm not sure with which account :)

  101. Kanchil has joined

  102. Dave Cridland

    Florian, Well, I think it might count as an interop failure, but I don't know if Gajim normally disables that control if it detects it can't change the subject.

  103. Florian


  104. Flo has left

  105. Flo has joined

  106. Kev

    Ah, with this account, even. It just doesn't make me a superuser in MUCs :(

  107. Florian

    don't tell me :)

  108. Florian

    I use Psi

  109. waqas

    Kev: Server admins don't automatically become room moderators in the version of Prosody running here sadly

  110. waqas

    Florian: Did Tigase support SASL EXTERNAL for s2s?

  111. Florian

    not sure ... inquiring ...

  112. Florian

    don't think so though

  113. Florian

    at least it didn't a while back

  114. bear has joined

  115. Tobias has joined

  116. Dave Cridland

    So, we need domains first of all. What's the domain we're using again?

  117. Kev

    xmpptest.something, I believe.

  118. Kev

    I'll look into this now.

  119. bear

    I was just sending email about that?

  120. Dave Cridland

    bear, Ah, morning!

  121. bear

    I am up late (or very early - either works)

  122. bear

    I can give kev my service password if that speeds things up

  123. Kev

    bear: You've already transferred the DNS server entries over to the XSF haven't you?

  124. bear

    you mean nameserver entry?

  125. Kev

    I've not been following this, but I'm aware the XSF nameservers are willing to answer for it now.

  126. Kev

    I do.

  127. bear

    let me double check

  128. bear

    poo - style showing wrong - what is ns1 and ns2 for xmpp?

  129. bear

    i'll change it now

  130. Kev

    bear: I need intosi to reappear before I can answer that.

  131. Florian

    i only run ns3

  132. bear

    let me dig it up (/me brushes off his ops toolset)

  133. Florian

    we need to change it on ns1

  134. Florian

  135. Kev

    Oh, I can tell you what the NS are (ns1/ns2/ns3) and, I'm just wondering what it makes most sense for you to add :)

  136. Kev

    Florian: Are you sure? I didn't believe that was true.

  137. Florian


  138. Florian

    ns1 is athena. ns2 is ds0039 ns3 is sdns1

  139. Kev


  140. Kev

    I believe, however, that we have a hidden master.

  141. Florian

    ooh, right

  142. Florian

    where was that though?

  143. Kev

    That's what I'm trying to work out at the moment.

  144. Kev

    Unless Edwin reappears before I find it :)

  145. Kev

    Ok, gottit.

  146. Simon Josefsson has joined

  147. bear

    so and ns? ??

  148. Florian

    ns2 and ns3 are slaves

  149. bear

    or be patient and let kev work?

  150. Kev

    As is ns1

  151. Florian

    right ... but ns3 is a slave off ns2

  152. Kev

    bear: I believe just duplicating the entry for is fine.

  153. Kev

    i.e. and

  154. bear


  155. Florian

    brb ...

  156. Florian

    no MUC on the N900 :(

  157. bear


  158. Kev

    Thanks bear.

  159. bear

    np - i'll be online after I handover last weeks work to my team

  160. bear

    technically I have today and tomorrow off

  161. bear goes to take a nap

  162. Kev

    Thanks bear, nn.

  163. bear

    please do call my cell if anything is urgent +1 215 680 1747

  164. bear relurks

  165. Kev

    Ok, so, anyone have a machine ready that they'd like to tell me about?

  166. Dave Cridland

    Kev, You can setup M-Link trunk on p.d.c.n if you want.

  167. Kev

    Ok, I'm setting up r146 at teh moment.

  168. Dave Cridland

    Kev, Most details for twhat's needed are on the Wiki page, but not what domains we'll be using.

  169. Dave Cridland

    Kev, So if you can pick those, I can update the wiki page with them as we can get our servers setup and ready.

  170. Kev

    Well, keep in mind that I'm configuring bind on a domain for the first time ever, so this may go badly wrong :)

  171. Florian has left

  172. Dave Cridland

    Unless anyone has objections, I'm going to run through the clients and assign them each a username and password pair, that the server guys can then put in for each of their supported domains (when we get those).

  173. Kev


  174. Dave Cridland


  175. Dave Cridland

    Simon Josefsson, Hey. We have SCRAM-SHA1-PLUS, if you want to interop test yours while we're here.

  176. Florian has joined

  177. Tobias

    Simon Josefsson: you know of a XMPP client using gsasl and that support scram-sha1-plus?

  178. Dave Cridland

    Tobias, (FWIW, I can do both server and both clients on IMAP at least, as well)

  179. Florian

    ok ... I seem to be missing the participant list

  180. Dave Cridland

    Florian, In the MUC?

  181. Florian


  182. Florian

    after the reconnect

  183. Florian

    switch to useless paranoia mode

  184. Tobias

    Dave Cridland: but i'm not active in IMAP server projects ;)

  185. Steffen Larsen has left

  186. Dave Cridland

    Tobias, Yeah, but it means I can do interop tests with Simon's implementation.

  187. Kev

    Florian: Which machine is ns3, did you think?

  188. Florian

    ns3 is

  189. Florian

    it's slaved off of ns2

  190. Kev

    ns1,ns2 and ns1.mons all seem to be fine, but ns3 doesn't seem to be set up for

  191. Florian


  192. Florian

    let me check

  193. Tobias

    Dave Cridland: good ;)

  194. Florian 2010-11-12 16:31:24 ACTIVE

  195. Florian

    it might take a bit to propagate

  196. Florian

    it's not on ns2 either?

  197. Florian

    Homer:~ florian$ dig A ; <<>> DiG 9.6.0-APPLE-P2 <<>> A ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40305 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ; IN A ;; AUTHORITY SECTION: 3600 IN SOA 2010120602 14400 3600 604800 43200 ;; Query time: 16 msec ;; SERVER: ;; WHEN: Mon Dec 6 12:30:20 2010 ;; MSG SIZE rcvd: 85

  198. Florian

    nor on ns1?

  199. Kev

    We don't want an A record, do we?

  200. Kev

    dig -t srv

  201. Florian

    yeah, in that case ... ns3 needs some more time

  202. Florian


  203. Florian


  204. Florian

    it's not in the authority section

  205. Florian

    ;; AUTHORITY SECTION: 3600 IN NS 3600 IN NS 3600 IN NS

  206. gnauck has joined

  207. gnauck has left

  208. Alex has joined

  209. Kev

    Ah, fine then :)

  210. bear has left

  211. Kev

    Florian: You're running the Tigase server aren't you?

  212. Kev

    If so, what machine is it running on, and what ports, please?

  213. Kev

    Then I'll set up and to point to you.

  214. Florian


  215. Dave Cridland

    Kev, Have you done Prosody and ejabberd?

  216. Kev

    waqas: Similar question for you and Prosody - is it you want?

  217. Florian

    here's a guide :D

  218. Florian

  219. Florian

  220. Florian

    is the host

  221. Kev

    Dave Cridland: No, I'm working on them now.

  222. Kev

    Patience, patience.

  223. fippo

    weren't we supposed to do dns on our own? (at least i've already done that :-)

  224. waqas

    Kev: dev, not idev

  225. Florian

    Operation successful. There is no DNS settings for given host:

  226. Florian

    that's quite cool ... the vhost manager now even tests DNS :)

  227. Kev

    waqas: Is this prosody trunk or prosody release?

  228. Dave Cridland


  229. Florian

    I guess no DNS yet :)

  230. waqas

    Kev: unreleased 0.8, which is an older trunk

  231. Kev

    Ok, I think that's prosody (prosody8/rooms.prosody8), ejabberd (ejabberd21/rooms.ejabberd21) and tigase (tigasetrunk/rooms.tigasetrunk) set up.

  232. Kev

    That just leaves psyced, I think.

  233. Kev

    fippo: What host do you want to point to?

  234. Kev

    Florian / badlop / waqas: There you go, you have domains pointing to you. Please check they look right with e.g. dig -t srv so we can avoid getting incorrect entries cached all over the place :)

  235. Florian

    looks fine to me

  236. waqas

    Looks fine

  237. Kev looks fine, doesn't.

  238. Tobias has left

  239. Florian

    I need to get access to the domain first

  240. fippo

    kev: I need psyced-db (port 5266), psyced-sasl (port 5267) and psyced-dwd (port 5268) each pointing to

  241. Kev

    Is that for both the domain and the rooms subdomain?

  242. Florian


  243. Florian


  244. fippo

    no rooms subdomain - we are old irc people, we love prefixes :-)

  245. Florian

    need to see if I can change that ...

  246. Florian


  247. Kanchil

    Florian: is running Tigase version 5.1.0-b2452 on Linux-amd64-, Java HotSpot(TM) 64-Bit Server VM-16.3-b01-Sun Microsystems Inc.

  248. Dave Cridland looks at mlinktrunk.

  249. Dave Cridland

    I didn't actually mean to include that patch. Harrumph.

  250. Kev

    Florian: Tigase doesn't work unless it's got a 'muc' subdomain?

  251. Florian

    it works ... but this isn't that kind of tigase

  252. Florian

    it's the new one

  253. Florian

    with the massive vhost tools

  254. Florian

    as we run 40 or so hosts off of it

  255. Florian

    so the tool automatically sets it up with muc.domain

  256. Kev

    You now have muc instead.

  257. Kev

    fippo: you may have what you asked for, please check.

  258. Florian

    ah cool :)

  259. Florian

    was just browsing the config

  260. Kev

    fippo: No you don't, let me fix.

  261. Kev

    fippo: Now you should.

  262. Kev

    Florian: If it's an easy fix, I'd rather have rooms. for everyone with a conference component, just because it shows they're not hardcoded to the usual muc. or conference.

  263. Florian


  264. Kev

    (Yes, I know of clients that hard-code to only support conference.domain, for example)

  265. Florian

    I'll inquire :)

  266. waqas has left

  267. fippo

    kev: works - thanks

  268. Kev


  269. Kev

    Florian: I've set up both muc. and rooms. now, so if you get it working, it should just work.

  270. Florian

    cools :)

  271. Kev

    Ok, so I think everyone who was offering a server has the server in DNS now.

  272. Kev

    Next jobs will be getting certs for them all, when Matt appears :)

  273. waqas has joined

  274. Florian


  275. Kanchil

    Dave Cridland: can't be reached via XMPP

  276. Dave Cridland

    Kanchil, Speedy response, there. :-)

  277. Florian

    soo ... currently has 238 users

  278. Dave Cridland


  279. Florian

    let's break 10k :)

  280. Kanchil

    Dave Cridland: is running Isode M-Link version 15.0a0 on ZX Spectrum 48K

  281. Dave Cridland


  282. Dave Cridland


  283. Kanchil

    Dave Cridland: is running Isode M-Link version 14.6v4 on an unknown platform

  284. Kev

    Maybe I should upgrade this to the newest release :)

  285. Dave Cridland

    Kev, No significant changes, are there?

  286. Kev

    I don't remember.

  287. Florian

    what kind of platform is a ZX Spectrum 48K?

  288. Dave Cridland

    All client accounts are (or should be) setup ready on mlinktrunk, if people want to give those a try.

  289. Dave Cridland

    Florian, It's actually a 16K, but I didn't want to brag.

  290. Florian


  291. Florian

    the only bragging tool I have:

  292. Florian

    yellow being

  293. Tobias has joined

  294. dbanes has left

  295. Dave Cridland

    Righty. I can see everything on mlinkrelease from mlinktrunk. So yay, Isode M-Link trunk interops with Isode M-Link release.

  296. Dave Cridland

    Florian, Tigase is up too, right?

  297. vt100 has joined

  298. Florian


  299. Florian

    it's up

  300. vt100


  301. vt100


  302. Kanchil

    vt100: is running ejabberd version 2.1.5 on unix/linux 2.6.32

  303. Kev

    I've taken down mlinkrelease for a bit.

  304. fippo

    kev: can I have another dns record please? psyced6 pointing to port 5269 (thanks vt100 :-)

  305. Kev

    Should be done.

  306. fippo


  307. Dave Cridland

    12/ 6 13:43:14 xmppd 11021 (root ) D-MBOX-Auth closed originating s2s connection to domain [] (host-unknown)

  308. Dave Cridland

    badlop, is this one set up yet?

  309. Sjoerd has joined

  310. Kev

    mlinkrelease is back up

  311. Dave Cridland

    After a chat with Kev, I've dropped the usernames and passwords off the Interop wiki page, we'll just have to ask as required.

  312. Dave Cridland

    In any case, server folk may need accounts on other people's servers anyway for testing.

  313. Florob has joined

  314. fippo

    just ping the other server

  315. fippo

    even though that does not work when you want the other server to initiate the connection

  316. MattJ has joined

  317. Dave Cridland

    Yes, I suppose I ought to consider bidi, if you've got that up.

  318. MattJ


  319. Dave Cridland

    MattJ, Indeed. Although nice and sunny, now. No sign of the ice melting, though.

  320. fippo

    depends on how fast mattj is :-)

  321. MattJ

    When I've defrosted, I'm fast - at what? :)

  322. Kev

    MattJ: CA duty :)

  323. Kev

    If server devs want accounts on mlinkrelease as well, just poke me. I've created accounts for the clients, just waiting to be asked for details :)

  324. MattJ

    Where do I start with CA duty?

  325. Dave Cridland

    MattJ, Probably getting the CA software. One sec, I'll sort that out.

  326. MattJ


  327. MattJ

    do we have SRV records yet?

  328. Dave Cridland

    We do. And you do.

  329. MattJ

    Oh good

  330. Dave Cridland for you.

  331. Kev

    We explicitly only have SRV records, not A.

  332. Dave Cridland

    Not sure your end's set up yet. (Although I've not checked in a long while)

  333. Kev

    Perhaps I should set incorrect A records for each domain as well :)

  334. MattJ


  335. fippo

    Kev: on friday :-)

  336. Dave Cridland

    Yeah... Outright attempts to break things are fun, but let's get things working in sane environments first.

  337. Dave Cridland

    We will, however, need a small website somewhere, for the CRL DP.

  338. Flo has left

  339. Flo has joined

  340. Kev

    Is it easiest if Matt runs that site, if he's controlling the CRL?

  341. Dave Cridland


  342. Kev

    MattJ: Are you capable of easily hosting a vhost to do this?

  343. Dave Cridland

    Although IIRC, Matt has access to XSF webservers, so I doubt it makes much difference.

  344. MattJ

    Sure, I don't mind

  345. Dave Cridland

    It's just a file to copy about, anyway.

  346. Kev

    Other than me remembering to do cleanup after.

  347. Kev

    Yes, but doing it to the XSF machines requires him uploading, sudoing etc.

  348. MattJ

    point it to $(host if you like

  349. Kev

    MattJ: Up to you, I'll set up a vhost on athena if you'd rather.

  350. Kev

    I'm on my zonefile serial number 8 for the day.

  351. Kev

    MattJ: A record set up.

  352. MattJ


  353. badlop

    Dave Cridland: vhost added, now ejabberd21 should work

  354. Kev

    badlop: Thanks.

  355. Kev

    Hmm, mlinkrelease isn't happy.

  356. Kev

    Oh, because I'm stupid.

  357. Dave Cridland

    Kev, No? I may well have broken things. It is *very* trunk.

  358. Kev

    It's not :)

  359. Kev

    So mlinkrelease and ejabberd21 are happily chatting.

  360. Dave Cridland

    Right, bit of trouble, had to restart Gajim for that.

  361. Dave Cridland

    But ejabberd21 and mlinktrunk are good.

  362. Dave Cridland

    MattJ, Is prosody8 up?

  363. MattJ


  364. MattJ

    Compiling OpenSSL, don't ask...

  365. Dave Cridland

    MattJ, I had to recompile pyOpenSSL this morning, after porting some patches from one hacked version to another, then kicking the Ubuntu packages violently out of the way.

  366. MattJ

    Sounds familiar

  367. MattJ

    Oh, 1.0.0c is out

  368. MattJ

    let's see if this builds any easier than 1.0.0b

  369. Dave Cridland

    I just love the way they encrypt their own documentation.

  370. Florian has joined

  371. fippo

    dave: would be interesting how they document their verify callback behaviour :-)

  372. MattJ

    woohoo, they must have broken the build for 1.0.0b, a and c both work :/

  373. fippo

    dave: mlinktrunk is not showing a cert currently?

  374. Dave Cridland

    fippo, No cert at all?

  375. fippo

    ah no... problem on my side (at least it works with openssl)

  376. Dave Cridland

    fippo, I'd expect it to have the one.

  377. Kev

    mlinkrelease should have the (expired) one.

  378. louiz’ has joined

  379. darkrain has joined

  380. waqas has left

  381. Florob has left

  382. Florian has joined

  383. Florian

    and I'm back ... the OpenJDK VM decided to die

  384. MattJ


  385. Florian


  386. Kanchil

    Florian: can't be reached via XMPP

  387. Florian

    great :)

  388. MattJ

    Dave Cridland, does M-Link cache s2s failures?

  389. Dave Cridland

    MattJ, Nope, shouldn't do.

  390. Florian

    Dave Cridland: <Artur Hefczyc> unfortunately I am unable to spare any time for the interop week, still working hard on the tls for s2s, (no sasl external support yet and it is not planned soon)

  391. Tobias has left

  392. zanchin has joined

  393. MattJ


  394. Kanchil

    MattJ: is running Prosody version hg:c8fcd63e9526 on Linux

  395. MattJ

    No idea what certs, but I'll hopefully be able to generate some soon

  396. fippo

    looks like a self-signed one

  397. Florian


  398. Kanchil

    Florian: is running Tigase version 5.1.0-b2457 on Linux-i386-, OpenJDK Server VM-16.0-b13-Sun Microsystems Inc.

  399. Florian


  400. Kanchil

    Florian: can't be reached via XMPP

  401. Florian

    that's not right :/

  402. darkrain has left

  403. vt100


  404. Dave Cridland


  405. prefiks has joined

  406. Kanchil

    Dave Cridland: is running Tigase version 5.1.0-b2452 on Linux-amd64-, Java HotSpot(TM) 64-Bit Server VM-16.3-b01-Sun Microsystems Inc.

  407. vt100

    quite verbose

  408. Dave Cridland

    vt100, And not nearly as cool as a ZX Spectrum, either.

  409. vt100


  410. fippo

    mattj: do you keep plaintext logs on prosody8? I just spotted an interesting failure, removed the rawlog and now I can not reproduce it :-/

  411. vt100

    Hm, speaking of Prosody, how's the v6 implementation of lua going?

  412. MattJ

    vt100, not yet begun - unless you want /only/ IPv6 :)

  413. fippo

    mattj: we might test /only/ IPv6 - then we know that it works at least and can take care of the 4/6 issues later :-)

  414. MattJ

    fippo, me? keep logs? I have several GB of them :)

  415. vt100

    MattJ: Bah. :)

  416. Florian


  417. Flo has left

  418. MattJ

    vt100, I can't do everything at once :)

  419. Florian

    well, has an IPv6

  420. MattJ

    I judged s2s TLS as higher priority

  421. vt100

    MattJ: No offence :)

  422. MattJ

    which was the other thing the relevant Lua library was missing

  423. MattJ

    IPv6 should be a breeze in comparison

  424. Dave Cridland

    Florian, Might want to note that Tigase is serving IPv6, too.

  425. Dave Cridland

    Florian, I mean on the Wiki page.

  426. remko

    oo, ipv6, i'ld like to test that too

  427. Dave Cridland

    remko, mlinktrunk does it as well.

  428. remko

    yeah, but it requires an ipv6 network i'm told

  429. remko

    i was hoping someone could test that for me :)

  430. Dave Cridland

    remko, Ah not got IPv6 at your end?

  431. remko


  432. remko

    and i haven't the slightest clue how to set it up :)

  433. Dave Cridland

    remko, Hang on, I'll give it a spin. Assuming I can find a Swift build.

  434. Dave Cridland

    remko, Pretty easy - I'm using's tunnel server.

  435. remko

  436. Dave Cridland

    remko, `cd ~/src/swift; git pull`

  437. remko

    that works :)

  438. remko, huh

  439. remko

    interesting, i'll look into that

  440. vt100

    he or sixxs

  441. MattJ

    OT, but "muahahaha" - Highways Agency alerts delivered via pubsub to desktop notifications (and no, I still don't drive)

  442. Dave Cridland

    vt100, sixxs if you happen to enjoy random firewalling.

  443. vt100

    Dave Cridland: Or Theo de Rant like support.

  444. Dave Cridland

    vt100, I dropped sixxs and suffered the renumber when I discovered I could no longer talk to Gajim's servers.

  445. Dave Cridland

    vt100, I looked at the small print and figured that it was technically against the sixxs T&C to run an XMPP service.

  446. vt100

    Dave Cridland: I've got a sixxs tunnel at home, no problems so far.

  447. vt100

    Eh? Well, one of their admins is not too far from here, we share some mailing lists, I could ask him if there's trouble.

  448. MattJ

    Are the xmpptest records mirrored across all of,,

  449. Dave Cridland

    MattJ, That was certainlt the intention.

  450. MattJ

    Just had a random DNS failure here, no records returned for a SRV query

  451. fippo

    mattj: technically, you want to send a dialback error instead of a stream error - but even I don't do that yet :-)

  452. MattJ

    Agreed, it's added to my todo :)

  453. Dave Cridland thinks we do.

  454. Florob has joined

  455. Dave Cridland

    Oh. No I've desynced when crashed. (It's running a different "trunk" too at the moment)

  456. fippo

    dave: if you do, you don't announce it in stream features (at least not on release)

  457. MattJ

  458. MattJ

    getsrv is just a dig-wrapping script

  459. MattJ

    At least this makes things a little more "interesting"

  460. fippo

    I get the correct response from all three dns servers

  461. Alex has left

  462. Kev

    MattJ: All of's nameserver's should be mirroring.

  463. Kev

    MattJ: Can you tell me which on you think isn't?

  464. MattJ

    Nope, they all seem to respond when queried individually

  465. Tobias has joined

  466. darkrain has joined

  467. vt100 has left

  468. Florob has left

  469. Dave Cridland has left

  470. Dave Cridland has joined

  471. waqas has joined

  472. Kev

    So, do we need some sort of checklist of things we'd like to check between servers? I'm assuming just basic XMPP like "Can s2s without using dialback for auth if there are trusted certs", "Can reject all connections not presenting a trusted cert", "Doesn't send junk over s2s in jabber:client" etc.

  473. Dave Cridland

    We probably do. Seeing if anyone does dialback errors, too. (Which we don't I just checked. But easy to change)

  474. MattJ

    We do dialback errors when the token doesn't validate

  475. fippo

    I think we do - at least the host-unkonwn variant

  476. MattJ

    but not when the dialbacking connection fails

  477. zash has joined

  478. louiz’ has left

  479. fippo

    oh... we could test piggybacking - even though I am sure that googlemail/gmail does a pretty good job at enforcing it :-)

  480. Kev

    fippo: I'm happy to test stuff like that, but I'm not sure it's worth it as a baseline for interop testing.

  481. Asterix has joined

  482. Dave Cridland

    fippo, Oh, that's interesting - what's the right error condition for "Yes, I know who you are, but I kjust don't want to talk to you" - the ones I'd expect to use are all specified for TLS/X.509 usage.

  483. Dave Cridland

    I'll go for forbidden.

  484. Tobias has left

  485. Bob (BJ) has joined

  486. Bob (BJ) has left

  487. has left

  488. Dave Cridland

    Right, done and updated.

  489. stpeter has joined

  490. Jonas has left

  491. fippo


  492. Dave Cridland

    fippo, XEP-0220 specifies that as meaning requiring TLS. forbidden seemed to be reasonable.

  493. Dave Cridland

    fippo, I was tempted to go for payment-required just to irritate. :-)

  494. stpeter


  495. stpeter

    you would :P

  496. fippo


  497. remko


  498. fippo

    dave: I think you would send a policy violation stream error in response to the initial stream header in that case

  499. Dave Cridland

    fippo, Yeah, except that if you receive it as a pggybacked request, you don't want to kill the other multiplexed pairs.

  500. fippo

    so if you know that you don't like domain X you still like domain Y hosted on the same server?

  501. Tobias has joined

  502. Dave Cridland

    fippo, Yes, yes, it's astonishingly unlikely.

  503. fippo

    btw... we should start making a list of things that are known to work - first item are srv-lookups and ports other than 5269

  504. Kev

    fippo: Sonuds like a good plan.

  505. Dave Cridland

    What we should also do is make a blog post about how wonderfully successful each day has been.

  506. remko has left

  507. Kev

    Monday: Success, Kev played with bind9 for the first time, and managed to not break the XSF infrastructure.

  508. zash


  509. MattJ

    Ok, I guess I'm now accepting CSRs to

  510. fippo

    CSRs? geee!

  511. MattJ


  512. Florian has left

  513. MattJ

  514. stpeter

    Dave Cridland: do you mind if I forward your email to the list?

  515. Dave Cridland

    stpeter, Which one? Interop one? Go for it.

  516. stpeter


  517. stpeter

    yeah even

  518. Dave Cridland wondered why you asked, but then remembered the IPR issues.

  519. stpeter

    yeah, usually I'm not so courteous :P

  520. Dave Cridland

    WOw, libjingle now speaking XEP-0166. Does that have implication that the GTalk client might also do so?

  521. stpeter

    libjingle was the first step, as I understand it from having chatted with Harald in Beijin

  522. darkrain

    Have they officially released such a version? I heard/saw they were actively updating the code repo on

  523. stpeter

    darkrain: yes

  524. stpeter

    darkrain: well, a version of the library, not of the client yet

  525. darkrain


  526. darkrain

    Nice :)

  527. stpeter


  528. zash

    Did the ditchabillity of legacy pre-xep jingle code increase? :)

  529. Sjoerd hopes that will go together with introducing VP8 as a video codec

  530. stpeter dents it

  531. Sjoerd

    do you doubt it as well ? :p

  532. stpeter


  533. stpeter

    doubt VP8 support?

  534. stpeter

    or their support for the XEPs?

  535. Sjoerd


  536. stpeter

    the folks I've talked with on the Talk team are committed to supporting the XEPs

  537. stpeter

    and the folks I've talked with are in a position to make that happen

  538. Sjoerd


  539. stpeter does say: What XEPs does libjingle support?¶ Libjingle has basic support for XEP-166 and XEP-167. It also supports the pre-standard versions of those protocols that Google Talk currently uses (web-based Google Talk will be updated to speak jingle soon). Libjingle does not yet have support for XEP-176 because it uses a pre-standard version of ICE-UDP. We're looking at how we can fully implement XEP-176 and ICE-UDP.

  540. Sjoerd


  541. MattJ

    Ok, prosody8 restarted with certs signed by

  542. bear waves

  543. MattJ

    Hey bear

  544. Kev

    MattJ: Can you issue for mlinkrelease and rooms.mlinkrelease please?

  545. bear

    looks like things are moving nicely

  546. Kev

    Or do you need me to work out how to get a CSR generated? :)

  547. MattJ

    Kev, I think I did, for Dave

  548. bear

    i'm going to go over the wiki page and the log scrollback later this afternoon and whack up a "day 1 summary"

  549. MattJ

    Ah no, that was mlinktrunk

  550. MattJ

    Kev, then I need a CSR, but I guess I can make one for you :)

  551. bear

    if anyone is inclined, patches accepted for any text snippets :)

  552. Kev

    MattJ: That'd be nice please.

  553. MattJ


  554. zash has left

  555. Zash has joined

  556. Florian has joined

  557. vt100 has joined

  558. MattJ

    fippo, I don't know how you did it, but congratulations

  559. MattJ

    Your CSR crashes the Isode CA software :)

  560. vt100


  561. MattJ

    Hopefully Dave will reappear with a solution

  562. vt100

    MattJ: You wrote some CA implementation?

  563. MattJ

    No, Isode did

  564. fippo


  565. fippo

    mattj: they were elmex'ed

  566. MattJ

    Thanks to Zash Prosody can generate OpenSSL configurations to feed into OpenSSL to generate a self-signed cert or CSR

  567. MattJ

    but a bit short of a CA

  568. fippo

    mattj: if it's easier for you, you can make me a cert instead of using that cert

  569. vt100

    .o0( I wonder if this bot here will count karma points for people crashing other people servers in interop test )

  570. vt100


  571. remko has joined

  572. MattJ

    No crashed /servers/, yet anyway :)

  573. Kev

    MattJ: Received, thanks.

  574. waqas has left

  575. vt100 has left

  576. fippo

    mattj: prosody8 doesn't show me starttls - and does not attempt it either

  577. Nÿco has joined

  578. Nÿco

    hi all

  579. Nÿco planning interop teset Gajim and OneTeam on Jingle voice

  580. Kev

    That'll be interesting.

  581. Florob has joined

  582. Asterix

    Nÿco: just in time! I'm here

  583. Sjoerd has left

  584. Kev

    If client devs want passwords for the servers, please poke the server admins. I've got accounts created for each of the clients on the interop page, ready.

  585. sjoerd.simons has joined

  586. sjoerd.simons has left

  587. Asterix

    Kev: ok thanks, maybe later during the week

  588. Kev

    Not that it's all that interesting.

  589. darkrain

    Is it the same password as my luggage?

  590. Kev

    We know Gajim works with M-Link, and Prosody, and ejabberd anyway :)

  591. Asterix

    no but testing how clients behaves with all servers, all cert things (is it only s2s certs that has been generated?)

  592. Kev

    Certs are good for both s2s and c2s.

  593. Kev

    Not that I've installed the one for mlinkrelease yet, I intend doing that tomorrow morning.

  594. Zash

    *Client* certs?

  595. Kev

    Oh, we don't have certs for the clients.

  596. Kev

    Although we could get them.

  597. Kev

    I'm happy to set up certs on mlinkrelease for strong auth for clients.

  598. Kev

    Although MattJ would probably have to provide them so they're from the same CA.

  599. Dave Cridland

    Kev, Not, actually. You could setup your own CA for that.

  600. Kev

    Yes, but that would mean me setting up a CA.

  601. Kev

    Although I actually have one somewhere.

  602. prefiks

    apropos gajim on ejabberd compatibility, i just can't login using latest version from hg, it authentication, bind, and session worked ok, i guess it failed when ejabberd returned error when gajim tried to delete some pep node

  603. prefiks

    i can send log if someone is interested

  604. Asterix

    I use gajim on ejabberd without problem. ejabberd replies with errors when deleting pep things, that's normal and it's not a problem

  605. Asterix


  606. Asterix has left

  607. darkrain

    prefiks: What stanza are you sending, and what's the error response you get back?

  608. darkrain

    (or is the server uncleanly terminating the connection?)

  609. prefiks

    one moment let me consult ejabberd logs

  610. Dave Cridland

    prefiks, Gajim doesn't delete a PEP node, but it does publish empty Activity and Mood on connect.

  611. Dave Cridland

    (Which mildly annoys me, although I only noticed when I was trying to test persistent PEP)

  612. Kev

    I'm not convinced that's the Right Thing to do, fwiw.

  613. prefiks

    ups, sorry looks like this is fault of my ejabberd (it's not vanilla one, it's quite heavy patched)

  614. Zash

    Kev: But, if you set a status like "I'm going to sleep now", and then shuts down the client, it won't make that much sence when restarting

  615. Dave Cridland

    Kev, I understand why - it's because Gajim's presence system regards the status message, activity, and mood as a three-tuple that gets set together, so when it comes online and sets its status message it sets all three.

  616. Dave Cridland

    Zash, It's slightly more annoying if you set PEPness in another client then spin up the laptop briefly...

  617. Kev

    Zash: Yes, but that's an argument for removing it at logout, not at login :)

  618. Kev

    (And only if you set it)

  619. Kev

    For the reasons Dave says.

  620. Dave Cridland

    I think on login you just see what's there, unless you've been explicitly told to set something else.

  621. Asterix has joined

  622. remko has left

  623. remko has joined

  624. sjoerd.simons has joined

  625. Asterix

    as wash said, there are also cases when that doesn't mean anything to keep last pep informatio...

  626. Asterix


  627. Asterix

    prefiks: is it you there:

  628. Asterix

    Nÿco: ping?

  629. prefiks

    Asterix: no

  630. Nÿco


  631. Asterix

    Nÿco: nice, we go in pm?

  632. Dave Cridland

    Whoops. Seems my "IPv6" claim was a little exaggerated. Now told my router to route IPv6 instead of looking at it blankly.

  633. Nÿco


  634. Florian

    did the certs get sorted?

  635. prefiks has left

  636. prefiks has joined

  637. darkrain

    Asterix: The one you linked to looks like

  638. prefiks has left

  639. prefiks has joined

  640. Nÿco has left

  641. Nÿco has joined

  642. Florob has left

  643. Florob has joined

  644. Nÿco talking with Asterix

  645. Nÿco

    on the phone

  646. Nÿco


  647. Nÿco

    over Jingle

  648. Nÿco

    quality quite ok

  649. Zash


  650. Asterix

    and works the first time (when I use a non-buggy Gajim ;) )

  651. Nÿco!/nyconyco/status/11891978551693312

  652. Asterix


  653. Nÿco

    OneTeam also works against an N900 client

  654. Dave Cridland

    That sounds pretty cool.

  655. Dave Cridland

    I can see the headline - "Jingle interoperability proven! Even works in French!"

  656. Zash


  657. Nÿco

    to be honest, I don't use often the voice calls... I will... more than before

  658. Dave Cridland

    I've tried it once or twice with Florian, occasionally with some success.

  659. Nÿco

    Dave Cridland: to be completely sure, and test at 100 % the Jingle calls, I need to test 'Humor over Jingle'

  660. Florian


  661. Dave Cridland

    See? Interop failure right there.

  662. Florian

    just testing with Nyco

  663. Dave Cridland

    It's "humour". ;-)

  664. Florian

    do you remember the noise?

  665. Dave Cridland

    Florian, The background noise, or that ghastly sound you make when you speak?

  666. Nÿco has made it, spelling mistakes always work ;-)

  667. Florian

    background noise :p

  668. darkrain

    Dave Cridland: Surely that's an interop issue for written communication, but not verbal?

  669. Florian

    just sending the recording via mail

  670. Florian

    and then sharing

  671. Florian


  672. Florian

    listen to this

  673. Florian

  674. Florian

    when nyco talks (5s in) there is a noise

  675. Nÿco

    voice qualities differ

  676. Dave Cridland

    "Backlog too deep"

  677. Dave Cridland

    Ace. Nice debug message from the heroku developers.

  678. Dave Cridland

    Florian, Sounds like Nÿco's speaking through a sock. One that's clicking, too.

  679. Florian


  680. Florian

    right ... the clicking

  681. Dave Cridland

    I assume it's recording you locally, which doesn't help - the contrast between the sound quality makes it more apparent.

  682. Florian


  683. Florian

    it's a small app on the N900 that allows you to record phone conversations :)

  684. Dave Cridland


  685. Florian

    great if you borrow someone your phone to make a "private call" :)

  686. Dave Cridland


  687. Florian

    i'd call it genious :)

  688. Dave Cridland

    But only if you can't spell "genius".

  689. Florian


  690. sjoerd.simons likes when other people test interop for us

  691. Zash

    sjoerd.simons: Isn't that called "customers"? ;)

  692. sjoerd.simons


  693. sjoerd.simons

    indirectly i guess :)

  694. Zash

    anyone tested N900, Gajim and video? Me and a friend tested a while ago, but I don't remember if it worked

  695. Florian

    just testing audio N900 <-> OneTeam

  696. Dave Cridland

    Zash, I've tried that with Florian. I can't remember if I could see him but not hear him, or something else.

  697. Florian

    it was weird

  698. Florian

    it was or audio or video worked

  699. Florian

    but not both :)

  700. Dave Cridland

    Zash, I do remember writing things down on my whiteboard in order to communicate, actually.

  701. Dave Cridland

    Zash, Which was quite funny.

  702. Zash


  703. Dave Cridland

    Zash, And, of course, demonstrated that there's no need for a dedicated whiteboarding protocol in XMPP after all.

  704. Florian

    he then realized that XMPP has this thing that allows you to send text :)

  705. Florian

    haha :D

  706. Florian

    just in: VodafoneUK blocks Jingle

  707. Zash

    Why not just go straight ahead to svg-sxe.. aw

  708. Florian

    doesn't block SIP though

  709. Florian

    I think we found the problem

  710. Florian

    Vodafone has some nifty routing: N900 -> -> -> -> -> Internet

  711. Nÿco

    bye all

  712. Dave Cridland

    Florian, How many of those are NATs?

  713. Florian

    I guess all of them

  714. Florian

    or none

  715. Dave Cridland

    Nÿco, See you tomorrow.

  716. Florian

    I dunno tbh

  717. Florian

    SIP works

  718. Florian

    Jingle doesn't

  719. Florian


  720. Florian

    SIP goes to a public server IP

  721. Florian

    jingle was to Nÿco behind a NAT

  722. Florian

    single nat worked ... i.e. N900 on WiFi

  723. darkrain has left

  724. Nÿco has left

  725. Zash

    Jingle nodes?

  726. Florian


  727. Florian

    where ?

  728. Zash

    Iduno, but I guess that's what would be needed :/

  729. remko has left

  730. prefiks has left

  731. Asterix has left

  732. Asterix has joined

  733. Dave Cridland

    Asterix, Have you looked into IGD/UPnP at all in Gajim?

  734. Asterix

    doesn't gstreamer handle that for us?

  735. Dave Cridland

    Asterix, I don't know, actually.

  736. sjoerd.simons

    Asterix: depends, are you using farsight and nice ?

  737. Asterix

    yes we are

  738. sjoerd.simons

    then it should do upnp automagically assume your distro compiled things properly

  739. Dave Cridland

    So running up a upnpd on ym router might help. Interesting.

  740. Zash

    Mmmm.. UPnP IGD ..

  741. Dave Cridland

    Zash, I think it needs a clearer name, though.

  742. Dave Cridland

    Zash, Maybe UFMP.

  743. Dave Cridland

    Zash, "Unauthenticated Firewall Manipulation Protocol".

  744. Zash

    Universal Forward My Port!

  745. Zash

    Dave Cridland: It needs more 'X'-es, since it uses SOAP, and therefore XML

  746. Dave Cridland

    I wish I wrote a SOAP server. Then I could make loads of gags about how clean the code was.

  747. Florian


  748. Florian

    I'd actually love to have an XMPP2SOAP gateway :)

  749. Dave Cridland

    Florian, There's a gag there somewhere, I just can't see it.

  750. Zash

    XMPP over SOAP over HTTP over UDP?

  751. Zash

    .. over IP over avian carrier

  752. Florian


  753. Dave Cridland

    Zash, Reminds me of that time in Brussels a couple of years ago, when Dirk Meyer had HTTP over Jingle over XMPP working, and everyone who heard suggested running BOSH over it.

  754. Florian


  755. Zash

    haha, awesome

  756. Florian

    well ... that's where I heard about: Jingle over TCP over UDP over ICE

  757. Florian

    or something like that

  758. Florian

    that was 200

  759. Florian


  760. Florob

    Hmm... + mod_tcpproxy = TCP over XMPP over BOSH over HTTP over Jingle over XMPP orver TCP over IP...

  761. Zash

    And then you do all of it over that again!

  762. Florian

    ok ... wtf ... why does iPlayer recommend BBC Wales Today?!

  763. Florian

    I'm not in Wales

  764. Florian

    I'm in London

  765. Florian

    and I guess the chick from my Uni finally got fired in the Apprentice

  766. stpeter

    y'know, I'm getting a bit tired of the RFC revision process :)

  767. Florian


  768. stpeter

    ok, bbl

  769. stpeter has left

  770. Tobias has left

  771. Florian

    looks like I'll be joining the Hackday too :)