interop - 2010-12-06

  1. Kev has joined
  2. Kev Blah?
  3. Dave Cridland has joined
  4. Dave Cridland Blah!
  5. Kev2 has joined
  6. Kev2 has left
  7. Jonas has joined
  8. Tobias has joined
  9. Tobias set the topic to Interop Stuff
  10. Dave Cridland Anyone know if there's a mailing list for this as well?
  11. Tobias this one maybe? but i don't know who is subscribed there
  12. Kev Well, interestingly, I don't have the password for that list.
  13. Kev This suggests it's not been used recently.
  14. Tobias but there're messages in the archive
  15. Tobias though one year idle
  16. Dave Cridland Kev, I assume you're wearing an iteam/XSF hat for this?
  17. Kev Predominantly.
  18. Kev I have other hats available if it gets cold.
  19. fippo has joined
  20. Kev Ok, I've mangled control of the interop mailing list as well, now.
  21. Kev I suggest that people who aren't on that list yet make it so.
  22. Dave Cridland
  23. Kev r
  24. Kev
  25. remko has joined
  26. Dave Cridland So what do we need in terms of client accounts, DNS, and certificates, then?
  27. Dave Cridland Aside from someone to run the CA?
  28. Kev You tell me, I'm just here to do what I'm told.
  29. Kev (Or, rather to ask the iteam to)
  30. waqas has joined
  31. Flo has joined
  32. Dave Cridland OK, updated the wiki page with this and the mailing list.
  33. Tobias something in the topic would be nice too, maybe a pointer to the wiki page
  34. has joined
  35. fippo ok... how do we get certs? Shall we send CSRs or is it easier if you generate privkeys and certs for a given hostname?
  36. Kev fippo: Matt's volunteered to run the CA for the week, so I think we need him to appear first :)
  37. Steffen Larsen has joined
  38. remko will the certificates used in the interop be made available somewhere for later use (or regression testing?)
  39. remko s/or/e.g./
  40. Dave Cridland fippo, Given what Isode is giving Matt, I don't think it makes any difference whether he generates the CSR/PKEY pair you you do.
  41. remko scary green man: will there be 'meeting minutes' of this week? I.e. what was tested etc.
  42. Florian has joined
  43. Florian morning gents.
  44. Morning!
  45. Florian soo ... I'm ready to add the vhosts ...
  46. dbanes has joined
  47. dbanes surprise - I'm in the UK for a while now so time zones a bit easier than when I was in Sydney
  48. Dave Cridland remko, Should do that, shouldn't we?
  49. remko should yes
  50. Florian dbanes: so you're also freezing to death?
  51. dbanes yes, that's the down side
  52. dbanes arriving at Heathrow in shorts was not a good idea :)
  53. Florian haha
  54. Kev On the upside, it's a once in a lifetime experience.
  55. Flo Hopefully, anyway.
  56. Kev Freezing to death? The odds are good, I'd say.
  57. Florian indeed. I froze on my way up the hill to campus
  58. Flo arriving at Heathrow in shorts :)
  59. Florian well ... on the other hand... the Finns jump into snow after the sauna too
  60. Tobias has left
  61. Florian has left
  62. Florian has joined
  63. Dave Cridland Client folk - any of you have SCRAM-SHA1-PLUS coded?
  64. Florian lol ... I think that's a no :)
  65. Dave Cridland Well... Server folk, then? (I've two clients and a server).
  66. Dave Cridland Aw... Ah, well.
  67. Florian hehe
  68. waqas Dave Cridland: Which is the other client?
  69. badlop has joined
  70. Dave Cridland waqas, Well, We-Isode has a CMU SASL fork which now has channel binding. I also have Polymer, which has had it since, erm, last year or something silly.
  71. Dave Cridland waqas, And yes, Polymer *is* a mail client, and quite why it happens to have a small XMPP library in it really is anyone's guess.
  72. jerry has joined
  73. jerry has left
  74. waqas Dave Cridland: Perhaps we need a new version of Zawinski's Law.
  75. Dave Cridland waqas, This is Zawinski is reverse, though.
  76. Dave Cridland in reverse.
  77. Florian what's Zawinski's law?
  78. Florian (sorry ... can't access the web for some reason atm :/)
  79. Florian actually .. DNS is down
  80. Dave Cridland As I recall, every software project grows until it can read mail.
  81. waqas Florian: All software evolves until it can real mail
  82. Kev Every application will continue to expand until it has a mail reader, or such, I think.
  83. waqas *read
  84. Florian right :)
  85. Florian thanks for that :)
  86. waqas Hmm, Prosody has a mail sending extension, though not a reading one :)
  87. Kev That's ok, just run it backwards.
  88. Kev Reverse the polarity!
  89. Dave Cridland Kev, Do you have access to the domain name's DNS , BTW?
  90. waqas How many server projects have shown interest in the interop event? The last I remember was three.
  91. Dave Cridland Kev, If so, we could start setting up that.
  92. Dave Cridland waqas, Wiki page has 5.
  93. Kev I have access to everything. I may not have the inclination to touch it, but I have access. I can also poke appropriate people.
  94. waqas finds the wiki page
  95. Dave Cridland
  96. waqas Thanks
  97. Dave Cridland set the topic to XSF Interop 2010 -
  98. Dave Cridland Ah. I was going to change the subject, but that seems not to work.
  99. Florian hehe
  100. Kev I thought I was an admin on this service, but I'm not sure with which account :)
  101. Kanchil has joined
  102. Dave Cridland Florian, Well, I think it might count as an interop failure, but I don't know if Gajim normally disables that control if it detects it can't change the subject.
  103. Florian :)
  104. Flo has left
  105. Flo has joined
  106. Kev Ah, with this account, even. It just doesn't make me a superuser in MUCs :(
  107. Florian don't tell me :)
  108. Florian I use Psi
  109. waqas Kev: Server admins don't automatically become room moderators in the version of Prosody running here sadly
  110. waqas Florian: Did Tigase support SASL EXTERNAL for s2s?
  111. Florian not sure ... inquiring ...
  112. Florian don't think so though
  113. Florian at least it didn't a while back
  114. bear has joined
  115. Tobias has joined
  116. Dave Cridland So, we need domains first of all. What's the domain we're using again?
  117. Kev xmpptest.something, I believe.
  118. Kev I'll look into this now.
  119. bear I was just sending email about that?
  120. Dave Cridland bear, Ah, morning!
  121. bear I am up late (or very early - either works)
  122. bear I can give kev my service password if that speeds things up
  123. Kev bear: You've already transferred the DNS server entries over to the XSF haven't you?
  124. bear you mean nameserver entry?
  125. Kev I've not been following this, but I'm aware the XSF nameservers are willing to answer for it now.
  126. Kev I do.
  127. bear let me double check
  128. bear poo - style showing wrong - what is ns1 and ns2 for xmpp?
  129. bear i'll change it now
  130. Kev bear: I need intosi to reappear before I can answer that.
  131. Florian i only run ns3
  132. bear let me dig it up (/me brushes off his ops toolset)
  133. Florian we need to change it on ns1
  134. Florian
  135. Kev Oh, I can tell you what the NS are (ns1/ns2/ns3) and, I'm just wondering what it makes most sense for you to add :)
  136. Kev Florian: Are you sure? I didn't believe that was true.
  137. Florian oh?
  138. Florian ns1 is athena. ns2 is ds0039 ns3 is sdns1
  139. Kev Indeed.
  140. Kev I believe, however, that we have a hidden master.
  141. Florian ooh, right
  142. Florian where was that though?
  143. Kev That's what I'm trying to work out at the moment.
  144. Kev Unless Edwin reappears before I find it :)
  145. Kev Ok, gottit.
  146. Simon Josefsson has joined
  147. bear so and ns? ??
  148. Florian ns2 and ns3 are slaves
  149. bear or be patient and let kev work?
  150. Kev As is ns1
  151. Florian right ... but ns3 is a slave off ns2
  152. Kev bear: I believe just duplicating the entry for is fine.
  153. Kev i.e. and
  154. bear k
  155. Florian brb ...
  156. Florian no MUC on the N900 :(
  157. bear done
  158. Kev Thanks bear.
  159. bear np - i'll be online after I handover last weeks work to my team
  160. bear technically I have today and tomorrow off
  161. bear goes to take a nap
  162. Kev Thanks bear, nn.
  163. bear please do call my cell if anything is urgent +1 215 680 1747
  164. bear relurks
  165. Kev Ok, so, anyone have a machine ready that they'd like to tell me about?
  166. Dave Cridland Kev, You can setup M-Link trunk on p.d.c.n if you want.
  167. Kev Ok, I'm setting up r146 at teh moment.
  168. Dave Cridland Kev, Most details for twhat's needed are on the Wiki page, but not what domains we'll be using.
  169. Dave Cridland Kev, So if you can pick those, I can update the wiki page with them as we can get our servers setup and ready.
  170. Kev Well, keep in mind that I'm configuring bind on a domain for the first time ever, so this may go badly wrong :)
  171. Florian has left
  172. Dave Cridland Unless anyone has objections, I'm going to run through the clients and assign them each a username and password pair, that the server guys can then put in for each of their supported domains (when we get those).
  173. Kev GFI.
  174. Dave Cridland Done.
  175. Dave Cridland Simon Josefsson, Hey. We have SCRAM-SHA1-PLUS, if you want to interop test yours while we're here.
  176. Florian has joined
  177. Tobias Simon Josefsson: you know of a XMPP client using gsasl and that support scram-sha1-plus?
  178. Dave Cridland Tobias, (FWIW, I can do both server and both clients on IMAP at least, as well)
  179. Florian ok ... I seem to be missing the participant list
  180. Dave Cridland Florian, In the MUC?
  181. Florian yeh
  182. Florian after the reconnect
  183. Florian switch to useless paranoia mode
  184. Tobias Dave Cridland: but i'm not active in IMAP server projects ;)
  185. Steffen Larsen has left
  186. Dave Cridland Tobias, Yeah, but it means I can do interop tests with Simon's implementation.
  187. Kev Florian: Which machine is ns3, did you think?
  188. Florian ns3 is
  189. Florian it's slaved off of ns2
  190. Kev ns1,ns2 and ns1.mons all seem to be fine, but ns3 doesn't seem to be set up for
  191. Florian ah
  192. Florian let me check
  193. Tobias Dave Cridland: good ;)
  194. Florian 2010-11-12 16:31:24 ACTIVE
  195. Florian it might take a bit to propagate
  196. Florian it's not on ns2 either?
  197. Florian Homer:~ florian$ dig A ; <<>> DiG 9.6.0-APPLE-P2 <<>> A ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40305 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ; IN A ;; AUTHORITY SECTION: 3600 IN SOA 2010120602 14400 3600 604800 43200 ;; Query time: 16 msec ;; SERVER: ;; WHEN: Mon Dec 6 12:30:20 2010 ;; MSG SIZE rcvd: 85
  198. Florian nor on ns1?
  199. Kev We don't want an A record, do we?
  200. Kev dig -t srv
  201. Florian yeah, in that case ... ns3 needs some more time
  202. Florian ah
  203. Florian actually
  204. Florian it's not in the authority section
  205. Florian ;; AUTHORITY SECTION: 3600 IN NS 3600 IN NS 3600 IN NS
  206. gnauck has joined
  207. gnauck has left
  208. Alex has joined
  209. Kev Ah, fine then :)
  210. bear has left
  211. Kev Florian: You're running the Tigase server aren't you?
  212. Kev If so, what machine is it running on, and what ports, please?
  213. Kev Then I'll set up and to point to you.
  214. Florian ok
  215. Dave Cridland Kev, Have you done Prosody and ejabberd?
  216. Kev waqas: Similar question for you and Prosody - is it you want?
  217. Florian here's a guide :D
  218. Florian
  219. Florian
  220. Florian is the host
  221. Kev Dave Cridland: No, I'm working on them now.
  222. Kev Patience, patience.
  223. fippo weren't we supposed to do dns on our own? (at least i've already done that :-)
  224. waqas Kev: dev, not idev
  225. Florian Operation successful. There is no DNS settings for given host:
  226. Florian that's quite cool ... the vhost manager now even tests DNS :)
  227. Kev waqas: Is this prosody trunk or prosody release?
  228. Dave Cridland !version
  229. Florian I guess no DNS yet :)
  230. waqas Kev: unreleased 0.8, which is an older trunk
  231. Kev Ok, I think that's prosody (prosody8/rooms.prosody8), ejabberd (ejabberd21/rooms.ejabberd21) and tigase (tigasetrunk/rooms.tigasetrunk) set up.
  232. Kev That just leaves psyced, I think.
  233. Kev fippo: What host do you want to point to?
  234. Kev Florian / badlop / waqas: There you go, you have domains pointing to you. Please check they look right with e.g. dig -t srv so we can avoid getting incorrect entries cached all over the place :)
  235. Florian looks fine to me
  236. waqas Looks fine
  237. Kev looks fine, doesn't.
  238. Tobias has left
  239. Florian I need to get access to the domain first
  240. fippo kev: I need psyced-db (port 5266), psyced-sasl (port 5267) and psyced-dwd (port 5268) each pointing to
  241. Kev Is that for both the domain and the rooms subdomain?
  242. Florian ah
  243. Florian it's
  244. fippo no rooms subdomain - we are old irc people, we love prefixes :-)
  245. Florian need to see if I can change that ...
  246. Florian !version
  247. Kanchil Florian: is running Tigase version 5.1.0-b2452 on Linux-amd64-, Java HotSpot(TM) 64-Bit Server VM-16.3-b01-Sun Microsystems Inc.
  248. Dave Cridland looks at mlinktrunk.
  249. Dave Cridland I didn't actually mean to include that patch. Harrumph.
  250. Kev Florian: Tigase doesn't work unless it's got a 'muc' subdomain?
  251. Florian it works ... but this isn't that kind of tigase
  252. Florian it's the new one
  253. Florian with the massive vhost tools
  254. Florian as we run 40 or so hosts off of it
  255. Florian so the tool automatically sets it up with muc.domain
  256. Kev You now have muc instead.
  257. Kev fippo: you may have what you asked for, please check.
  258. Florian ah cool :)
  259. Florian was just browsing the config
  260. Kev fippo: No you don't, let me fix.
  261. Kev fippo: Now you should.
  262. Kev Florian: If it's an easy fix, I'd rather have rooms. for everyone with a conference component, just because it shows they're not hardcoded to the usual muc. or conference.
  263. Florian right
  264. Kev (Yes, I know of clients that hard-code to only support conference.domain, for example)
  265. Florian I'll inquire :)
  266. waqas has left
  267. fippo kev: works - thanks
  268. Kev Fab.
  269. Kev Florian: I've set up both muc. and rooms. now, so if you get it working, it should just work.
  270. Florian cools :)
  271. Kev Ok, so I think everyone who was offering a server has the server in DNS now.
  272. Kev Next jobs will be getting certs for them all, when Matt appears :)
  273. waqas has joined
  274. Florian :)
  275. Kanchil Dave Cridland: can't be reached via XMPP
  276. Dave Cridland Kanchil, Speedy response, there. :-)
  277. Florian soo ... currently has 238 users
  278. Dave Cridland !version
  279. Florian let's break 10k :)
  280. Kanchil Dave Cridland: is running Isode M-Link version 15.0a0 on ZX Spectrum 48K
  281. Dave Cridland Excellent.
  282. Dave Cridland !version
  283. Kanchil Dave Cridland: is running Isode M-Link version 14.6v4 on an unknown platform
  284. Kev Maybe I should upgrade this to the newest release :)
  285. Dave Cridland Kev, No significant changes, are there?
  286. Kev I don't remember.
  287. Florian what kind of platform is a ZX Spectrum 48K?
  288. Dave Cridland All client accounts are (or should be) setup ready on mlinktrunk, if people want to give those a try.
  289. Dave Cridland Florian, It's actually a 16K, but I didn't want to brag.
  290. Florian haha
  291. Florian the only bragging tool I have:
  292. Florian yellow being
  293. Tobias has joined
  294. dbanes has left
  295. Dave Cridland Righty. I can see everything on mlinkrelease from mlinktrunk. So yay, Isode M-Link trunk interops with Isode M-Link release.
  296. Dave Cridland Florian, Tigase is up too, right?
  297. vt100 has joined
  298. Florian yup
  299. Florian it's up
  300. vt100 'lo
  301. vt100 !version
  302. Kanchil vt100: is running ejabberd version 2.1.5 on unix/linux 2.6.32
  303. Kev I've taken down mlinkrelease for a bit.
  304. fippo kev: can I have another dns record please? psyced6 pointing to port 5269 (thanks vt100 :-)
  305. Kev Should be done.
  306. fippo thanks
  307. Dave Cridland 12/ 6 13:43:14 xmppd 11021 (root ) D-MBOX-Auth closed originating s2s connection to domain [] (host-unknown)
  308. Dave Cridland badlop, is this one set up yet?
  309. Sjoerd has joined
  310. Kev mlinkrelease is back up
  311. Dave Cridland After a chat with Kev, I've dropped the usernames and passwords off the Interop wiki page, we'll just have to ask as required.
  312. Dave Cridland In any case, server folk may need accounts on other people's servers anyway for testing.
  313. Florob has joined
  314. fippo just ping the other server
  315. fippo even though that does not work when you want the other server to initiate the connection
  316. MattJ has joined
  317. Dave Cridland Yes, I suppose I ought to consider bidi, if you've got that up.
  318. MattJ brrrrr
  319. Dave Cridland MattJ, Indeed. Although nice and sunny, now. No sign of the ice melting, though.
  320. fippo depends on how fast mattj is :-)
  321. MattJ When I've defrosted, I'm fast - at what? :)
  322. Kev MattJ: CA duty :)
  323. Kev If server devs want accounts on mlinkrelease as well, just poke me. I've created accounts for the clients, just waiting to be asked for details :)
  324. MattJ Where do I start with CA duty?
  325. Dave Cridland MattJ, Probably getting the CA software. One sec, I'll sort that out.
  326. MattJ thanks
  327. MattJ do we have SRV records yet?
  328. Dave Cridland We do. And you do.
  329. MattJ Oh good
  330. Dave Cridland for you.
  331. Kev We explicitly only have SRV records, not A.
  332. Dave Cridland Not sure your end's set up yet. (Although I've not checked in a long while)
  333. Kev Perhaps I should set incorrect A records for each domain as well :)
  334. MattJ :)
  335. fippo Kev: on friday :-)
  336. Dave Cridland Yeah... Outright attempts to break things are fun, but let's get things working in sane environments first.
  337. Dave Cridland We will, however, need a small website somewhere, for the CRL DP.
  338. Flo has left
  339. Flo has joined
  340. Kev Is it easiest if Matt runs that site, if he's controlling the CRL?
  341. Dave Cridland Probably.
  342. Kev MattJ: Are you capable of easily hosting a vhost to do this?
  343. Dave Cridland Although IIRC, Matt has access to XSF webservers, so I doubt it makes much difference.
  344. MattJ Sure, I don't mind
  345. Dave Cridland It's just a file to copy about, anyway.
  346. Kev Other than me remembering to do cleanup after.
  347. Kev Yes, but doing it to the XSF machines requires him uploading, sudoing etc.
  348. MattJ point it to $(host if you like
  349. Kev MattJ: Up to you, I'll set up a vhost on athena if you'd rather.
  350. Kev I'm on my zonefile serial number 8 for the day.
  351. Kev MattJ: A record set up.
  352. MattJ Thanks
  353. badlop Dave Cridland: vhost added, now ejabberd21 should work
  354. Kev badlop: Thanks.
  355. Kev Hmm, mlinkrelease isn't happy.
  356. Kev Oh, because I'm stupid.
  357. Dave Cridland Kev, No? I may well have broken things. It is *very* trunk.
  358. Kev It's not :)
  359. Kev So mlinkrelease and ejabberd21 are happily chatting.
  360. Dave Cridland Right, bit of trouble, had to restart Gajim for that.
  361. Dave Cridland But ejabberd21 and mlinktrunk are good.
  362. Dave Cridland MattJ, Is prosody8 up?
  363. MattJ Nearly
  364. MattJ Compiling OpenSSL, don't ask...
  365. Dave Cridland MattJ, I had to recompile pyOpenSSL this morning, after porting some patches from one hacked version to another, then kicking the Ubuntu packages violently out of the way.
  366. MattJ Sounds familiar
  367. MattJ Oh, 1.0.0c is out
  368. MattJ let's see if this builds any easier than 1.0.0b
  369. Dave Cridland I just love the way they encrypt their own documentation.
  370. Florian has joined
  371. fippo dave: would be interesting how they document their verify callback behaviour :-)
  372. MattJ woohoo, they must have broken the build for 1.0.0b, a and c both work :/
  373. fippo dave: mlinktrunk is not showing a cert currently?
  374. Dave Cridland fippo, No cert at all?
  375. fippo ah no... problem on my side (at least it works with openssl)
  376. Dave Cridland fippo, I'd expect it to have the one.
  377. Kev mlinkrelease should have the (expired) one.
  378. louiz’ has joined
  379. darkrain has joined
  380. waqas has left
  381. Florob has left
  382. Florian has joined
  383. Florian and I'm back ... the OpenJDK VM decided to die
  384. MattJ :)
  385. Florian !version
  386. Kanchil Florian: can't be reached via XMPP
  387. Florian great :)
  388. MattJ Dave Cridland, does M-Link cache s2s failures?
  389. Dave Cridland MattJ, Nope, shouldn't do.
  390. Florian Dave Cridland: <Artur Hefczyc> unfortunately I am unable to spare any time for the interop week, still working hard on the tls for s2s, (no sasl external support yet and it is not planned soon)
  391. Tobias has left
  392. zanchin has joined
  393. MattJ !version
  394. Kanchil MattJ: is running Prosody version hg:c8fcd63e9526 on Linux
  395. MattJ No idea what certs, but I'll hopefully be able to generate some soon
  396. fippo looks like a self-signed one
  397. Florian !version
  398. Kanchil Florian: is running Tigase version 5.1.0-b2457 on Linux-i386-, OpenJDK Server VM-16.0-b13-Sun Microsystems Inc.
  399. Florian !version
  400. Kanchil Florian: can't be reached via XMPP
  401. Florian that's not right :/
  402. darkrain has left
  403. vt100 heh
  404. Dave Cridland !version
  405. prefiks has joined
  406. Kanchil Dave Cridland: is running Tigase version 5.1.0-b2452 on Linux-amd64-, Java HotSpot(TM) 64-Bit Server VM-16.3-b01-Sun Microsystems Inc.
  407. vt100 quite verbose
  408. Dave Cridland vt100, And not nearly as cool as a ZX Spectrum, either.
  409. vt100 Indeed.
  410. fippo mattj: do you keep plaintext logs on prosody8? I just spotted an interesting failure, removed the rawlog and now I can not reproduce it :-/
  411. vt100 Hm, speaking of Prosody, how's the v6 implementation of lua going?
  412. MattJ vt100, not yet begun - unless you want /only/ IPv6 :)
  413. fippo mattj: we might test /only/ IPv6 - then we know that it works at least and can take care of the 4/6 issues later :-)
  414. MattJ fippo, me? keep logs? I have several GB of them :)
  415. vt100 MattJ: Bah. :)
  416. Florian :)
  417. Flo has left
  418. MattJ vt100, I can't do everything at once :)
  419. Florian well, has an IPv6
  420. MattJ I judged s2s TLS as higher priority
  421. vt100 MattJ: No offence :)
  422. MattJ which was the other thing the relevant Lua library was missing
  423. MattJ IPv6 should be a breeze in comparison
  424. Dave Cridland Florian, Might want to note that Tigase is serving IPv6, too.
  425. Dave Cridland Florian, I mean on the Wiki page.
  426. remko oo, ipv6, i'ld like to test that too
  427. Dave Cridland remko, mlinktrunk does it as well.
  428. remko yeah, but it requires an ipv6 network i'm told
  429. remko i was hoping someone could test that for me :)
  430. Dave Cridland remko, Ah not got IPv6 at your end?
  431. remko no
  432. remko and i haven't the slightest clue how to set it up :)
  433. Dave Cridland remko, Hang on, I'll give it a spin. Assuming I can find a Swift build.
  434. Dave Cridland remko, Pretty easy - I'm using's tunnel server.
  435. remko
  436. Dave Cridland remko, `cd ~/src/swift; git pull`
  437. remko that works :)
  438. remko, huh
  439. remko interesting, i'll look into that
  440. vt100 he or sixxs
  441. MattJ OT, but "muahahaha" - Highways Agency alerts delivered via pubsub to desktop notifications (and no, I still don't drive)
  442. Dave Cridland vt100, sixxs if you happen to enjoy random firewalling.
  443. vt100 Dave Cridland: Or Theo de Rant like support.
  444. Dave Cridland vt100, I dropped sixxs and suffered the renumber when I discovered I could no longer talk to Gajim's servers.
  445. Dave Cridland vt100, I looked at the small print and figured that it was technically against the sixxs T&C to run an XMPP service.
  446. vt100 Dave Cridland: I've got a sixxs tunnel at home, no problems so far.
  447. vt100 Eh? Well, one of their admins is not too far from here, we share some mailing lists, I could ask him if there's trouble.
  448. MattJ Are the xmpptest records mirrored across all of,,
  449. Dave Cridland MattJ, That was certainlt the intention.
  450. MattJ Just had a random DNS failure here, no records returned for a SRV query
  451. fippo mattj: technically, you want to send a dialback error instead of a stream error - but even I don't do that yet :-)
  452. MattJ Agreed, it's added to my todo :)
  453. Dave Cridland thinks we do.
  454. Florob has joined
  455. Dave Cridland Oh. No I've desynced when crashed. (It's running a different "trunk" too at the moment)
  456. fippo dave: if you do, you don't announce it in stream features (at least not on release)
  457. MattJ
  458. MattJ getsrv is just a dig-wrapping script
  459. MattJ At least this makes things a little more "interesting"
  460. fippo I get the correct response from all three dns servers
  461. Alex has left
  462. Kev MattJ: All of's nameserver's should be mirroring.
  463. Kev MattJ: Can you tell me which on you think isn't?
  464. MattJ Nope, they all seem to respond when queried individually
  465. Tobias has joined
  466. darkrain has joined
  467. vt100 has left
  468. Florob has left
  469. Dave Cridland has left
  470. Dave Cridland has joined
  471. waqas has joined
  472. Kev So, do we need some sort of checklist of things we'd like to check between servers? I'm assuming just basic XMPP like "Can s2s without using dialback for auth if there are trusted certs", "Can reject all connections not presenting a trusted cert", "Doesn't send junk over s2s in jabber:client" etc.
  473. Dave Cridland We probably do. Seeing if anyone does dialback errors, too. (Which we don't I just checked. But easy to change)
  474. MattJ We do dialback errors when the token doesn't validate
  475. fippo I think we do - at least the host-unkonwn variant
  476. MattJ but not when the dialbacking connection fails
  477. zash has joined
  478. louiz’ has left
  479. fippo oh... we could test piggybacking - even though I am sure that googlemail/gmail does a pretty good job at enforcing it :-)
  480. Kev fippo: I'm happy to test stuff like that, but I'm not sure it's worth it as a baseline for interop testing.
  481. Asterix has joined
  482. Dave Cridland fippo, Oh, that's interesting - what's the right error condition for "Yes, I know who you are, but I kjust don't want to talk to you" - the ones I'd expect to use are all specified for TLS/X.509 usage.
  483. Dave Cridland I'll go for forbidden.
  484. Tobias has left
  485. Bob (BJ) has joined
  486. Bob (BJ) has left
  487. has left
  488. Dave Cridland Right, done and updated.
  489. stpeter has joined
  490. Jonas has left
  491. fippo policy-violation?
  492. Dave Cridland fippo, XEP-0220 specifies that as meaning requiring TLS. forbidden seemed to be reasonable.
  493. Dave Cridland fippo, I was tempted to go for payment-required just to irritate. :-)
  494. stpeter haha
  495. stpeter you would :P
  496. fippo lol
  497. remko :)
  498. fippo dave: I think you would send a policy violation stream error in response to the initial stream header in that case
  499. Dave Cridland fippo, Yeah, except that if you receive it as a pggybacked request, you don't want to kill the other multiplexed pairs.
  500. fippo so if you know that you don't like domain X you still like domain Y hosted on the same server?
  501. Tobias has joined
  502. Dave Cridland fippo, Yes, yes, it's astonishingly unlikely.
  503. fippo btw... we should start making a list of things that are known to work - first item are srv-lookups and ports other than 5269
  504. Kev fippo: Sonuds like a good plan.
  505. Dave Cridland What we should also do is make a blog post about how wonderfully successful each day has been.
  506. remko has left
  507. Kev Monday: Success, Kev played with bind9 for the first time, and managed to not break the XSF infrastructure.
  508. zash \o/
  509. MattJ Ok, I guess I'm now accepting CSRs to
  510. fippo CSRs? geee!
  511. MattJ :)
  512. Florian has left
  513. MattJ
  514. stpeter Dave Cridland: do you mind if I forward your email to the list?
  515. Dave Cridland stpeter, Which one? Interop one? Go for it.
  516. stpeter yeha
  517. stpeter yeah even
  518. Dave Cridland wondered why you asked, but then remembered the IPR issues.
  519. stpeter yeah, usually I'm not so courteous :P
  520. Dave Cridland WOw, libjingle now speaking XEP-0166. Does that have implication that the GTalk client might also do so?
  521. stpeter libjingle was the first step, as I understand it from having chatted with Harald in Beijin
  522. darkrain Have they officially released such a version? I heard/saw they were actively updating the code repo on
  523. stpeter darkrain: yes
  524. stpeter darkrain: well, a version of the library, not of the client yet
  525. darkrain Right.
  526. darkrain Nice :)
  527. stpeter indeed
  528. zash Did the ditchabillity of legacy pre-xep jingle code increase? :)
  529. Sjoerd hopes that will go together with introducing VP8 as a video codec
  530. stpeter dents it
  531. Sjoerd do you doubt it as well ? :p
  532. stpeter well
  533. stpeter doubt VP8 support?
  534. stpeter or their support for the XEPs?
  535. Sjoerd both
  536. stpeter the folks I've talked with on the Talk team are committed to supporting the XEPs
  537. stpeter and the folks I've talked with are in a position to make that happen
  538. Sjoerd cool
  539. stpeter does say: What XEPs does libjingle support?¶ Libjingle has basic support for XEP-166 and XEP-167. It also supports the pre-standard versions of those protocols that Google Talk currently uses (web-based Google Talk will be updated to speak jingle soon). Libjingle does not yet have support for XEP-176 because it uses a pre-standard version of ICE-UDP. We're looking at how we can fully implement XEP-176 and ICE-UDP.
  540. Sjoerd :)
  541. MattJ Ok, prosody8 restarted with certs signed by
  542. bear waves
  543. MattJ Hey bear
  544. Kev MattJ: Can you issue for mlinkrelease and rooms.mlinkrelease please?
  545. bear looks like things are moving nicely
  546. Kev Or do you need me to work out how to get a CSR generated? :)
  547. MattJ Kev, I think I did, for Dave
  548. bear i'm going to go over the wiki page and the log scrollback later this afternoon and whack up a "day 1 summary"
  549. MattJ Ah no, that was mlinktrunk
  550. MattJ Kev, then I need a CSR, but I guess I can make one for you :)
  551. bear if anyone is inclined, patches accepted for any text snippets :)
  552. Kev MattJ: That'd be nice please.
  553. MattJ Thanks
  554. zash has left
  555. Zash has joined
  556. Florian has joined
  557. vt100 has joined
  558. MattJ fippo, I don't know how you did it, but congratulations
  559. MattJ Your CSR crashes the Isode CA software :)
  560. vt100 \o/
  561. MattJ Hopefully Dave will reappear with a solution
  562. vt100 MattJ: You wrote some CA implementation?
  563. MattJ No, Isode did
  564. fippo yay!
  565. fippo mattj: they were elmex'ed
  566. MattJ Thanks to Zash Prosody can generate OpenSSL configurations to feed into OpenSSL to generate a self-signed cert or CSR
  567. MattJ but a bit short of a CA
  568. fippo mattj: if it's easier for you, you can make me a cert instead of using that cert
  569. vt100 .o0( I wonder if this bot here will count karma points for people crashing other people servers in interop test )
  570. vt100 people's
  571. remko has joined
  572. MattJ No crashed /servers/, yet anyway :)
  573. Kev MattJ: Received, thanks.
  574. waqas has left
  575. vt100 has left
  576. fippo mattj: prosody8 doesn't show me starttls - and does not attempt it either
  577. Nÿco has joined
  578. Nÿco hi all
  579. Nÿco planning interop teset Gajim and OneTeam on Jingle voice
  580. Kev That'll be interesting.
  581. Florob has joined
  582. Asterix Nÿco: just in time! I'm here
  583. Sjoerd has left
  584. Kev If client devs want passwords for the servers, please poke the server admins. I've got accounts created for each of the clients on the interop page, ready.
  585. sjoerd.simons has joined
  586. sjoerd.simons has left
  587. Asterix Kev: ok thanks, maybe later during the week
  588. Kev Not that it's all that interesting.
  589. darkrain Is it the same password as my luggage?
  590. Kev We know Gajim works with M-Link, and Prosody, and ejabberd anyway :)
  591. Asterix no but testing how clients behaves with all servers, all cert things (is it only s2s certs that has been generated?)
  592. Kev Certs are good for both s2s and c2s.
  593. Kev Not that I've installed the one for mlinkrelease yet, I intend doing that tomorrow morning.
  594. Zash *Client* certs?
  595. Kev Oh, we don't have certs for the clients.
  596. Kev Although we could get them.
  597. Kev I'm happy to set up certs on mlinkrelease for strong auth for clients.
  598. Kev Although MattJ would probably have to provide them so they're from the same CA.
  599. Dave Cridland Kev, Not, actually. You could setup your own CA for that.
  600. Kev Yes, but that would mean me setting up a CA.
  601. Kev Although I actually have one somewhere.
  602. prefiks apropos gajim on ejabberd compatibility, i just can't login using latest version from hg, it authentication, bind, and session worked ok, i guess it failed when ejabberd returned error when gajim tried to delete some pep node
  603. prefiks i can send log if someone is interested
  604. Asterix I use gajim on ejabberd without problem. ejabberd replies with errors when deleting pep things, that's normal and it's not a problem
  605. Asterix brb
  606. Asterix has left
  607. darkrain prefiks: What stanza are you sending, and what's the error response you get back?
  608. darkrain (or is the server uncleanly terminating the connection?)
  609. prefiks one moment let me consult ejabberd logs
  610. Dave Cridland prefiks, Gajim doesn't delete a PEP node, but it does publish empty Activity and Mood on connect.
  611. Dave Cridland (Which mildly annoys me, although I only noticed when I was trying to test persistent PEP)
  612. Kev I'm not convinced that's the Right Thing to do, fwiw.
  613. prefiks ups, sorry looks like this is fault of my ejabberd (it's not vanilla one, it's quite heavy patched)
  614. Zash Kev: But, if you set a status like "I'm going to sleep now", and then shuts down the client, it won't make that much sence when restarting
  615. Dave Cridland Kev, I understand why - it's because Gajim's presence system regards the status message, activity, and mood as a three-tuple that gets set together, so when it comes online and sets its status message it sets all three.
  616. Dave Cridland Zash, It's slightly more annoying if you set PEPness in another client then spin up the laptop briefly...
  617. Kev Zash: Yes, but that's an argument for removing it at logout, not at login :)
  618. Kev (And only if you set it)
  619. Kev For the reasons Dave says.
  620. Dave Cridland I think on login you just see what's there, unless you've been explicitly told to set something else.
  621. Asterix has joined
  622. remko has left
  623. remko has joined
  624. sjoerd.simons has joined
  625. Asterix as wash said, there are also cases when that doesn't mean anything to keep last pep informatio...
  626. Asterix +n
  627. Asterix prefiks: is it you there:
  628. Asterix Nÿco: ping?
  629. prefiks Asterix: no
  630. Nÿco ayes
  631. Asterix Nÿco: nice, we go in pm?
  632. Dave Cridland Whoops. Seems my "IPv6" claim was a little exaggerated. Now told my router to route IPv6 instead of looking at it blankly.
  633. Nÿco yes
  634. Florian did the certs get sorted?
  635. prefiks has left
  636. prefiks has joined
  637. darkrain Asterix: The one you linked to looks like
  638. prefiks has left
  639. prefiks has joined
  640. Nÿco has left
  641. Nÿco has joined
  642. Florob has left
  643. Florob has joined
  644. Nÿco talking with Asterix
  645. Nÿco on the phone
  646. Nÿco ;-)
  647. Nÿco over Jingle
  648. Nÿco quality quite ok
  649. Zash \o/
  650. Asterix and works the first time (when I use a non-buggy Gajim ;) )
  651. Nÿco!/nyconyco/status/11891978551693312
  652. Asterix ;)
  653. Nÿco OneTeam also works against an N900 client
  654. Dave Cridland That sounds pretty cool.
  655. Dave Cridland I can see the headline - "Jingle interoperability proven! Even works in French!"
  656. Zash :D
  657. Nÿco to be honest, I don't use often the voice calls... I will... more than before
  658. Dave Cridland I've tried it once or twice with Florian, occasionally with some success.
  659. Nÿco Dave Cridland: to be completely sure, and test at 100 % the Jingle calls, I need to test 'Humor over Jingle'
  660. Florian yeah
  661. Dave Cridland See? Interop failure right there.
  662. Florian just testing with Nyco
  663. Dave Cridland It's "humour". ;-)
  664. Florian do you remember the noise?
  665. Dave Cridland Florian, The background noise, or that ghastly sound you make when you speak?
  666. Nÿco has made it, spelling mistakes always work ;-)
  667. Florian background noise :p
  668. darkrain Dave Cridland: Surely that's an interop issue for written communication, but not verbal?
  669. Florian just sending the recording via mail
  670. Florian and then sharing
  671. Florian ok
  672. Florian listen to this
  673. Florian
  674. Florian when nyco talks (5s in) there is a noise
  675. Nÿco voice qualities differ
  676. Dave Cridland "Backlog too deep"
  677. Dave Cridland Ace. Nice debug message from the heroku developers.
  678. Dave Cridland Florian, Sounds like Nÿco's speaking through a sock. One that's clicking, too.
  679. Florian haha
  680. Florian right ... the clicking
  681. Dave Cridland I assume it's recording you locally, which doesn't help - the contrast between the sound quality makes it more apparent.
  682. Florian right
  683. Florian it's a small app on the N900 that allows you to record phone conversations :)
  684. Dave Cridland Nifty.
  685. Florian great if you borrow someone your phone to make a "private call" :)
  686. Dave Cridland Evil.
  687. Florian i'd call it genious :)
  688. Dave Cridland But only if you can't spell "genius".
  689. Florian :p
  690. sjoerd.simons likes when other people test interop for us
  691. Zash sjoerd.simons: Isn't that called "customers"? ;)
  692. sjoerd.simons hah
  693. sjoerd.simons indirectly i guess :)
  694. Zash anyone tested N900, Gajim and video? Me and a friend tested a while ago, but I don't remember if it worked
  695. Florian just testing audio N900 <-> OneTeam
  696. Dave Cridland Zash, I've tried that with Florian. I can't remember if I could see him but not hear him, or something else.
  697. Florian it was weird
  698. Florian it was or audio or video worked
  699. Florian but not both :)
  700. Dave Cridland Zash, I do remember writing things down on my whiteboard in order to communicate, actually.
  701. Dave Cridland Zash, Which was quite funny.
  702. Zash Hah
  703. Dave Cridland Zash, And, of course, demonstrated that there's no need for a dedicated whiteboarding protocol in XMPP after all.
  704. Florian he then realized that XMPP has this thing that allows you to send text :)
  705. Florian haha :D
  706. Florian just in: VodafoneUK blocks Jingle
  707. Zash Why not just go straight ahead to svg-sxe.. aw
  708. Florian doesn't block SIP though
  709. Florian I think we found the problem
  710. Florian Vodafone has some nifty routing: N900 -> -> -> -> -> Internet
  711. Nÿco bye all
  712. Dave Cridland Florian, How many of those are NATs?
  713. Florian I guess all of them
  714. Florian or none
  715. Dave Cridland Nÿco, See you tomorrow.
  716. Florian I dunno tbh
  717. Florian SIP works
  718. Florian Jingle doesn't
  719. Florian but!
  720. Florian SIP goes to a public server IP
  721. Florian jingle was to Nÿco behind a NAT
  722. Florian single nat worked ... i.e. N900 on WiFi
  723. darkrain has left
  724. Nÿco has left
  725. Zash Jingle nodes?
  726. Florian yup
  727. Florian where ?
  728. Zash Iduno, but I guess that's what would be needed :/
  729. remko has left
  730. prefiks has left
  731. Asterix has left
  732. Asterix has joined
  733. Dave Cridland Asterix, Have you looked into IGD/UPnP at all in Gajim?
  734. Asterix doesn't gstreamer handle that for us?
  735. Dave Cridland Asterix, I don't know, actually.
  736. sjoerd.simons Asterix: depends, are you using farsight and nice ?
  737. Asterix yes we are
  738. sjoerd.simons then it should do upnp automagically assume your distro compiled things properly
  739. Dave Cridland So running up a upnpd on ym router might help. Interesting.
  740. Zash Mmmm.. UPnP IGD ..
  741. Dave Cridland Zash, I think it needs a clearer name, though.
  742. Dave Cridland Zash, Maybe UFMP.
  743. Dave Cridland Zash, "Unauthenticated Firewall Manipulation Protocol".
  744. Zash Universal Forward My Port!
  745. Zash Dave Cridland: It needs more 'X'-es, since it uses SOAP, and therefore XML
  746. Dave Cridland I wish I wrote a SOAP server. Then I could make loads of gags about how clean the code was.
  747. Florian lol
  748. Florian I'd actually love to have an XMPP2SOAP gateway :)
  749. Dave Cridland Florian, There's a gag there somewhere, I just can't see it.
  750. Zash XMPP over SOAP over HTTP over UDP?
  751. Zash .. over IP over avian carrier
  752. Florian lol
  753. Dave Cridland Zash, Reminds me of that time in Brussels a couple of years ago, when Dirk Meyer had HTTP over Jingle over XMPP working, and everyone who heard suggested running BOSH over it.
  754. Florian hehe
  755. Zash haha, awesome
  756. Florian well ... that's where I heard about: Jingle over TCP over UDP over ICE
  757. Florian or something like that
  758. Florian that was 200
  759. Florian *2007
  760. Florob Hmm... + mod_tcpproxy = TCP over XMPP over BOSH over HTTP over Jingle over XMPP orver TCP over IP...
  761. Zash And then you do all of it over that again!
  762. Florian ok ... wtf ... why does iPlayer recommend BBC Wales Today?!
  763. Florian I'm not in Wales
  764. Florian I'm in London
  765. Florian and I guess the chick from my Uni finally got fired in the Apprentice
  766. stpeter y'know, I'm getting a bit tired of the RFC revision process :)
  767. Florian hehe
  768. stpeter ok, bbl
  769. stpeter has left
  770. Tobias has left
  771. Florian looks like I'll be joining the Hackday too :)