jdev - 2021-02-16

sonny, here is the stacktrace https://paste.rs/adf

Ha it's a stream error, the server is closing the connection, not xmpp.js

Apparently because the server is waiting on xmpp.js and it's not doing what it expects

Can you reproduce with passing --unhandled-rejections=strict to node?

Also what server is that?

sonny, ok. nevermind then. but thanks for your help i got tasked to code this by someone else who needed this. but they don’t know anything about xmpp but it also had to be node because node is all they use

i originally just tried to point them to a 'good' javascript library. and then this grew into more and more me hacking something i don’t understand :-/

so i'm not seeing this error. only they do. and apperantly they are seeing this only when thy try this from a server on the other side of world

so i thought i'd just increase the client side timeout and be done with it

but now that it turns out to be something more weird i'm just gonna give up

Alright, please invite them to create an issue in the repository

Hello, I am trying to use the slixmpp python library synchronously

Like connect() do_some_stuff() close()

is there some examples using it like this ?

I've no recent experience with slixmpp but I'd try prefixing every line with `await` and see what happens. :)

Oh I was talking about sleekxmpp sorry

The thing is that the code using the library is not aware of coroutines

sleekxmpp is unmaintained and deprecated, if you're starting a new project in python I'd use slixmpp or aioxmpp

Ok, I was talking of slixmpp, sorry 😅

The interface exposed to client have to look like somehing synchronous

Maybe just take the echobot example from the docs and remove the message processing and do whatever you want to do in session_start instead?

with the event loop running in a thread

It kind of work but outputs some errors when disconnecting, like "ERROR Task was destroyed but it is pending!"

I was thinking maybe someone has already done this

/cc mathieui (who mostly works on this, I think?)

cyril: https://github.com/moparisthebest/sendxmpp-py

Ok thanks, might be the self.disconnect(wait=True) thing!

It stopped working for me years ago and instead of wasting more time with python I just rewrote it in Rust, might help you as an example though

speaking of, what is the go to rust xmpp library?

Link Mauve, ^

flow: https://crates.io/crates/tokio-xmpp

thanks

mathieui: Here is a minimal example of what I am trying to do https://pastebin.com/0VTQ7qtg

If you have any insight

That was for some quick unit tests, learning rust would be a bit overkill but it is on the todo list!

cyril, I don’t have a lot of insight around using threads with asyncio, I know there are some barriers in place to prevent people from doing weird things

you should keep all slixmpp interactions in the same threads otherwise things can get weird pretty fast

ok thanks

but what you sent seems mostly correct, using process(forever=False) will run the event loop until the client gets disconnected

we might get rid of it at some point as it is confusing for people coming from slixmpp

actually it tells me « ValueError: loop argument must agree with Future » when calling process(forever=False)

with the non minimal example it worked (with almost the same code…) but I got an error on disconnect

cyril, it looks like a future was created on another thread, which then used a different event loop

(slixmpp tries to use one specific event loop and only one, but it will not help if things happen in a multithreaded environment)

yep, I will try again with everything in the same thread

that was the plan anyway

hey is this a good place to submit criticism of MIX spec? or should i wrote a mail/blogpost?

FYI you can have something like def func(self): xmpp = ClientXMPP(…) xmpp.connect() xmpp.loop.run_until_complete(xmpp.wait_until('session_start')) do_stuff() # you need to run the loop for most network operations though loop.run_until_complete(xmpp.disconnect()) but it is not a very pleasant workflow

southerntofu, I guess an email to standards@ might be a more persistent venue for this?

thanks, makes sense

I should finish the slixmpp implementation too, it is already working but lacks mix-admin or mix-misc

hmmm i see no intent (yet) to support in dino, gajim, conversations according to bugtracker

is it because people are so happy with MUC? or because there's no momentum yet?

i'm asking because there's some privacy concerns i'd like to address with some MUCs (eg. occupant ID) and i was told MIX was probably the way to go for feedback on specs, instead of fixing/extending existing MUC XEPs

honestly if you're waiting for MIX to fix this you're gonna wait for some more time

There's two camps, choose yours :x

I don't have any good reason, but I suspect it's a mix of MUC working "good enough" once the implementation is done (even though it's a mess under the hood), so there's no user pressure ot move, and MIX ending up being really complicated and requiring a lot of big dependencies (pubsub/pep).

pep., are you saying some people are not convinced by MIX and likely won't be?

southerntofu, that

So you've got the double whammy of no user pressure and devs don't want to read 46 pages and implement a ton of new things.

well that makes sense Sam Whited

That being said, there is slow uptake. There are experimental implementations in a couple of servers and clients, at least.

Sam Whited, where can i see what clients/servers implement it?

my 4 clients of choice apparently don't :P

southerntofu: it's just tigase

southerntofu, siskin is one

ITYM if you want MIX you should implement MIX

Zash, not sure i *want* mix, though building upon standardized building blocks for multi user chatting sounds appealing :)

I think there were experimental implementations in ejabberd, prosody, and tigase (those devs will hopefully correct me if I'm wrong) and the tigase people had an implementation in their clients I think. Unsure if it's released or just on a branch somewhere though.

But yes, there is MUC which has worked well enough for years despite all of its warts, which we can mostly work around by now, and MIX which requires both pubsub support, multiple (albeit quite short) specs, and home server support

And also has different trade-offs really

pep., what's the tradeoffs of MIX?

Not saying I'm against MIX or pro-MUC, but they're not equivalent

pep., well, it is more modular and extensible, and the workflows aer nicer from a client dev perspective

the main downside is the requirement of home server support

and do you folks know if there's some people working on client/server test suite for MIX? soundsl ike it could help imlpmenetaiton

We could make it *drumroll* presence-based, like MUC, then you don't need home server support

Zash, please no

IIRC there was brief discussion on some summit about that

mathieui, what do you mean home server? my understanding is if your server doesn't support it a MIX node can provide a MUC compatibility layer, correct?

southerntofu, it can be done, yes, but then from a client perspective you are not using MIX

presence-based is my main peeve with 0045

yeah i also dislike the whole "presence" concept (to me it's an antifeature though i understand in corporate settings i can be useful)

presence-based chat sounds like IRC to me :)

what

southerntofu, presence is a potential privacy leak but also useful information

and MIX does not remove presence, it just removes it from the workflow and makes its support optional

mathieui, i don't have a use case for it, but i'm not opposed to people broadcasting presence info.. but in my view opt-in is better :)

I can see how it was more useful back when you were online via dialup ~1h per day, but I don't see it as an anti-feature.

The presence of presence isn’t an anti-feature, in my view, but tying MUC’s workings to it is.

⤴️

^

This

(Not because I don’t want presence in my rooms, I do, I just want it decoupled)

Zash, depends on the usecase, but it's a huge metadata leak (see discussion in #modernxmpp). i understand myhome server needs to know which clients are online to deliver messages, but i don't want anyone else to know about that, or whether i received a message or not

It's a metadata leak that won't matter for 99% of people though.

but i can also understand people who want it

southerntofu: Presence should definitely be protected, and XMPP tries to do that.

If you are that tiny percentage of people who need the absolute privacy you described, you need to be using a special service and clients and what not that are designed for that.

Why you need to add people and get their approval to see their presence

Zash, yes that's good, but that a MUC operator can see everyone's presence is a huge difference in the threat model (i.e. correlating identities) compared to simply subscription settings (at least when the convos are OMEMO-encrypted)

Yup. What Kev said.

Sam Whited, i don't understand your point.. should privacy just be for the 1%? i'm aware of the tradeoffs i make but most people are not..

define "privacy"

southerntofu: no, but we don't need to optimize for the tiny percent of people who are worried about the threat you outlined. Most people it's perfectly fine if they join a MUC and share their presence.

We do a pretty good job of balancing that overall. Getting rid of all presence won't help the majority of people in any way, it will just annoy them.

I think it’s good to define protocols that can be used in a reasonably private manner.

southerntofu, I don’t see a thread model that has critical protection requirements on presence data (although sure, protecting it as much as we can should be a goal)

Which MIX tries to do by allowing you to send or not send presence, but still participate in the chat, and it can be controlled on your server, so the room only needs to know when you send a message, or initially join.

Compared to MUC, where the MUC needs to know not only when you’re online, but how many (and which, practically) devices you have online at that moment.

Kev, with MIX, a client only needs to not send presence to the MIX items in their roster, right?

OTOH, I think Sam is right that 99% (or some high proportion of people) would choose to have the benefits of sharing presence with the room of their friends or whatever, over the privacy.

mathieui: Yes, the client can just not set up presence and everything Should Just Work.

Kev, yes i think that's a huge improvement, however what started this discussion was in XEP 0403:

> A MIX channel MAY require that all participants publish presence, so that active channel participants are visible. It is not possible to enforce this in the server, so participants in a channel with this option MUST publish presence.

Practically, the important bit there for privacy is ‘It is not possible to enforce this’ :)

moparisthebest, defining "privacy" is a hard task.. there's different threat models, but i believe they should be more explicit in the specs :)

To repeat my argument from there: if you need that level of privacy, you can't rely on the server to enforce it anyways, so if you're writing a privacy aware client you'll need to show the user the room policy and not join the room if it requires presence.

Kev, well i'm ok with a server mandating its rules, but why would the spec say my client MUST send my data??

southerntofu: We have the Security Considerations for that - but they’re only as good as the authors think of, and reviewers comment on.

southerntofu: Yes, there’s room for improving that wording.

The client only MUST send the data if the room requires it. If the room doesn't require it (probably most rooms), you don't have to send the data. That's a pretty good privacy tradeoff.

Kev, wouldn't it be useful to have a dedicated mailing list / MUC to discuss privacy/security across the ecosystem and evaluate upcoming specs?

southerntofu, that’s supposed to be part of the global process

Yah, probably best to have them in public, no need for more low-traffic lists.

It would be useful to have people reviewing privacy/security. That’s not quite the same thing :)

Kev, while you’re there, I’m unsure about the resource examples from mix participant jids in 0405

Kev, well i'm no expert at all, but i'm always happy to take some time to give a critical overview from an outsider's perspective (i don't have background on why all the technical decisions have been made)

The upcoming specs all get sent out on the standards list where people can review and make such comments. Realistically the number of people reviewing upcoming specs is relatively low.

are they supposed to mean something or to be public?

southerntofu, yea "impossible to define" because it means different things for different people is pretty much my point, I'm in private MUCs with my family hosted on the server in my closet, so presence is not a privacy problem at all (there)

specs do have security concerns which is generally where privacy related stuff lives too I guess ?

mathieui - can you give a bit of text for me to search on, or section number please?

Kev, e.g. https://xmpp.org/extensions/xep-0405.html#usecase-user-presence-receive

The UUID-a1j/7533 bit?

yes

is it the resource of the client on the other side?

and do we want to do resource leak in JID hidden channels?

moparisthebest, that makes sense though i'm not the best person for formal processes :P

This is the client’s resource, and it’s a long debate. We need unpredictable resources for a bunch of reasons. But at the Summit where we discussed this some people claimed that (despite XMPP already explicitly not guaranteeing your resource is the one you asked for) it was vital that they got the resource they asked for. So a two-part JID where the first half was server-provided, and the second half was client-provided was invented. It’s unrelated to MIX, it’s just the style that was used for those examples.

so anyway thanks for all these answers i'll further read the spec and try to come up with a patch, maybe write for the "security considerations"

I still *really* hate that. The only argument that I remember was that it was needed for logging, in which case it seems like your logging system should just be better and not force server changes that you can't guarantee anyways.

Requiring a weird two-part JID just feels like solving the problem from the wrong end and asking for trouble when people inevitably start assuming that's always the format and splitting on the / or whatever. Then again, maybe there were other better reasons I'm forgetting.

I *do* think we want clients to be able to be uniquely identified by their own server, FWIW.

But that’s not the same as saying it should be encoded in the resource.

that's the thing that's optimizing for making it easier for human admins to scan XML streams and logs without server modifications right?

always seemed beyond silly to me also

There's a disagreement on whether resources identify clients (ie are stable for the long term) or sessions (short lived).

Ok, thanks.

I’ll pretend that this is an opaque identifier

(not that that's what was happening with this split JID thing IIRC, but letting the client think it can guarantee anything being set is just too close for comfort)

I think what people encode in resources is up to them in a closed system (or if they’re a server in an open system, for that matter).

I know GTalk used to encode cluster routing information into the resources, and that seemed fine (smart, even) to me.

Wouldn’t work so well these days in the increasingly post-resource world, but back then it made sense.

Oh yah, HipChat did that too and that part was nice, it was the bits the client had to understand that made it a problem, made upgrades difficult, broke them if the server didn't have it for some reason, etc.

But yah, server sets the resource so if it wants to sneak some information in there it probably can't hurt anything.

(assuming it does like I said and doesn't accept the resource from the client, which could lead to issues if a malicious client tries to sneak stuff in)

> A MIX channel MAY require that all participants publish presence how does a client discover this requirement? and how does a server know that a client complies?

mathieui> and do we want to do resource leak in JID hidden channels? there is a resource like in MIX hidden channels? could you point me to it?

flow, I was pointing out that MIX-Presence supposed that you keep the resource even in the "anonymized" JID you get from the service

(1234567#room@service/<preserved-resourced-from-real-presence>)

ah no, it is addressed in 3.2

3.2 of which xep?

403

https://xmpp.org/extensions/xep-0403.html#concept-jid-address

These JIDs will be used to represent specific JID clients. The resource associated with the encoded JID can be either of the follipwing two options: The resource value from the associated client JID; or A mapped valued to an anonymized value. This approach MUST be used with MIX-ANON.

not a fan of the encoded JID thing, to be honest, but I can see how that is something you may want for plugging it into existing presence-handling code

Oh crap, when I thought that I didn't want to re-read thsi earlier and was complaining about the length I forgot there are actually 7 other XEPs some of which I'd need to also read in order to understand this. Yah, maybe I won't get to that this weekend.

I guess technically it works with just core, so I'm going to pretend I didn't see that and try not to despair.

So summary XEP the broken down series is too long by itself?

to be fair, I believe groupchat protocols are simply not short

mathieui, which "encoded JID thing" exactly?

Yah, it's true, it is a *big* thing no matter how you slice it, but that doesn't make me feel better about the work I'd have to do to support it :)

hmm, if you have a decent PubSub/PEP support then creating a minimal MIX client implementation should be "easy". OTOH I did not do it yet in Smack, so I could be proven wrong. ✏

flow, user JIDs are "<opaque id>#room@service"

see any example in mix-presence https://xmpp.org/extensions/xep-0403.html#usecase-presence-leave

mathieui, yeah right, you need to stuff the four-tule of (MIX service, room name, room-user id, and room-user session id) into a JID, which has at most three parts

I would have design it similar, so I don't see the issue with it

(I was considering adding the room-user id into the resource, but it appears all the same in the end)

*four-tuple

Guess I'll have to read pubsub (20 pages) and its smaller and simpler cousine because pubsub was too complex, pep (25 pages) as well. (not that I think mix would have been better of without using existing building blocks, I just don't think it's feasable for me to actually implement all of this any time soon)

20 pages?

Sam Whited, you have to look at it this way: MIX motivates you to implement PubSub, then PEP, and with that you have the building block for another dozens XEPs like bookmarks, avatars, …

ish. I know it's not a great measurement, half of that is probably just version and appendices

How are you measuring?

printed to PDF

Did you forget a zero?

he didn't specify the paper format

for all we know, it could be A2

The PDF version of 0060 is 182 pages, PEP is 19

or is this about one of the MIX XEPs?

huh, that would make more sense, let's see what this did weird

While cool kids have posters of their favorite swedish speed-death metal band on their wall, flow likes to look at walls full of specifications to read

PEP is 20 for me (I was looking at the wrong one) but XEP-0060 appears to have printed (in that the first/last pages are correct), and it's also roughly 20, weird

I did think it would be a lot longer thoug, so that's weird

Surely you mean 20 *stacks* of paper?

still shorter than LOTR

We should resume the cut&paste we started in ... like 2014?

Zash, IIRC it was 2015

oh yah, there it goes, now it's 223 pages. No idea what happened last time or how it left pages out of the middle.

The main problem you want to avoid with large specs like PubSub and MIX is unclarity about the required and optional parts. Ideally a XEP tells you early about the required parts and extension points for optional features, so that a developer can stop reading after them when starting an implementation. I think PubSub fails to do so.

Yah, I tend to agree

I was having a discussion with someone earlier who was saying they hoped the last holdouts from XMPP would switch over to working on / using Matrix, and while I pushed back against that for all the usual reasons, one of the things someone else said was that the Matrix specs were just a lot clearer and easier to build on top of even if you already started with a basic protocol implementation and were just developing features. I don't know if they had pubsub in mind when they said that, but I do suspec they're not wrong when I look at things like this.

I don't really know how to improve that situation though, unfortunately.

Matrix is a chat system though, isn’t it?

It's a distributed JSON graph database.

It's a protocol that's used for a lot of things in the same way XMPP is.

But mostly for a chat system.

It does get further with "simple clients, complex servers" than current XMPP does, I'll give them that.

Amusingly, this discussion took place over IRC.

(for me, I assume they were on Matrix)

I find the Matrix specifications on https://matrix.org/docs/spec/ heavily API centric, I am missing a description of their basic principles

flow, that was also my conclusion a few years ago, this is an API documentation at most (maybe that got better even if it is not what you would like, I don’t know)

I just skimmed over it, it appears to be a bit better now

JSON Web API all the things.

eventually I always wondered if that "distributed graph" thing matrix does could also be done on top of XMPP, I see no reason why not

Sure you can

that would allow you to exploit an existing federated network, but HTTP and JSON where probably to tempting to use

Sure, but if we write another 200 page spec to do it and mock them for using json instead of getting our own house in order it's probably not going to be very helpful.

mocking them for using json is not helpful, right

but writing and implementing a spec similar to matrix's distributed graph thingy should be fine

flow: you thinking MAM replication instead of routing, or something?

right, but then again, I am fine with centralized room management

not sure if we need to have something that provides eventual consistency

there are surely distributed systems where you want to have eventual consistency, but can't think of a reason why federated groupchats should be based on such a system

if you want availability, use an server implementation that supports clustering

I'd love to hear the take on a Matrix person on that

flow, I don’t really have much insight over how matrix works, I assume the replication & eventual consistency allow a more "resilient" view over rooms, without additional requirements for the server "hosting" the room for real

they usually compare it to git

You can probably interact with the people on your own server who are also in that room, and that counts as delayed writes when the "real" room gets back online

I mean, that is an interesting property to have, against outages, censorship, etc

(I am only speculating obviously, I don’t know if that is even possible, as reconciliation between all of that state must be a real pain in the neck)

mathieui, use a high-availability cluster to reduce outages, planed maintainance is usually not an issue, not sure how it helps against censorship

flow: you can remove a server and the room lives on on other servers

flow, in the event of a server being bleeped out of existence by a powerful actor, instead of a whole lot of nothing, you have split communities across the ecosystem

also, what incentivies servers to keep state of rooms the don't "own"

flow: now that's a question

and how do you enforce moderation, bans etc?

potentially someone will answer, "no server owns a room", but the question still applies

flow, well for matrix, "because that’s the protocol", but otherwise, I don’t know

flow, my understanding of the matrix model is censorship-resilience.. if my server with high availability gets seized/disconnected/attacked other people can continue chatting as if nothing happened.. it's not in my threat model, but i understand the value of it eg. for a wikileaks chan :)

blockchain? probably blockchain.

(ah people just said the same sorry i was reading backlog)

southerntofu, sure that is a very nice property in theory. but doesn't that somehow imply that all servers need to keep all the state for eternity?

(and if that is a desired property, then you need to put it in the base protocol to have the incentive "this must work")

notsurehowthiscouldscale

I tried reading the s2s spec once and it gave me a headache. Quite the opposite of XMPP s2s where you just open a stream and send stuff.

flow, not necessary for all eternity, but sure that's the main problem with matrix servers lol

I don’t want to try to read the specs again, but I imagine you must have the latest state to be able to send writes to the upstream server

i mean i understand why you would support this use case in some circumstances, but making it the default takes hardware requirements through the roof

which require you to effectively maintain the state internally

mathieui, I don't think this is true

if it is a dag, then you just need to have some dag node

and eventually someone will reconcile

but you should be able to write without having the latest state, I mean that is the core of eventual consistency

flow, though another interesting property is because so many beefy servers store the state, you can host your server on a very unstable uplink that often gets disconnected from the internet, without resulting in eg. netsplits alla IRC :)

I don’t know how the state is managed and what is accepted and what isn’t so I will not try to extrapolate further

southerntofu, that's actually a very good point

XMPP links are very fragile if the receiving end is on a low-bandwith connection ✏

IMHO one of XMPPs biggest weakness

OTOH, MIX/MAM mitigates this (a bit)

flow, yes that's why FMUC was so interesting, though i still have to finish reading MIX spec because they said there was something equivalent :)

Still tricky with s2s outages

Zash, right

I think if I where to do XMPP again, I would base it on pulling, not pushing

because with pulling, the receiver can determine the rate

flow, doesn't PubSub support pull modes?

southerntofu, sure it does

but I was talking about pulling a first-class principle

This reminds me, has anyone looked at MLS? I read the architecture doc and it talked about requiring guaranteed eventual delivery.

e.g. sending a message is just putting the message into your server's archive, the server informs the recipient about the new message. once the recipients server has pulled the message, the "pending messages" flag is cleared

flow, isn't that what happens already when an s2s message can't be delivered?

isn't there like MAM for s2s? :P

southerntofu: there is not

oooh, my bad for assuming otherwise :)

southerntofu, not exactly, and even if, not potentially

sounds like it could be useful

MAM for s2s would pretty much be the "matrix over xmpp" flow mentioned earlier

well matrix over XMPP would be that + guaranteeing eventual consistency between several nodes who all act as authority for a resources (which is way more comlpex)

Isn't "MAM for s2s" a little bit to vague? Hmm, but yes, if it is vague, then it could be pretty much everything ;)

flow: You could also figure out s2s+198 with resumption.

Not graph stuff tho

Zash, sure, but what I have in mind is much more radical

flow: wanna write a xep about `<previous id="mam id of previous message"/>` and how to use that to magic together archives?

eta, i love your article (not finished reading just yet), the "sponsoring servers" is precisely what MX/NS secondary servers are about :P

Zash, once I get a better grasp about where this is exaclty going, why not. :)

uh, and I would need to fall into a pot of gold first, so that I can take the required time to do so :)

flow: Lets you detect holes in archives at least, if you receive a message with a pointer to a previous message you don't have. Throw some graph theory at it and call it Matrix over XMPP.

hmm, having an extension that points to the preceeding message in <{mam:2}result/> actually does not sound like a bad idea

we don't we have that already?

eta, https://xmpp.org/extensions/xep-0289.html sounds a lot like what you're talking about (federated MUC) :)

flow: not unless you count rsm, but it's not excatly that

thinking about it <{mam:2}fin/> is probably the better place

flow: I was thinking about this for live messages

For patching up after s2s outages

Remember how MIX and s2s outages is an unsolved problem :)

southerntofu: indeed!

shame nothing implements it though

eta: you don't happen to have markdown sources for that blog somewhere? I like to convert to .epub for reading and source files tend to be less messy than converting from html.

Zash: sure https://theta.eu.org/lx/selif/zmc58s7b.md

(can do other posts if you want)

Zash: Undocumented solution, but I’m sure I discussed how to address it at the summit last year or the year before. Indeed, just by signalling there’s a hole.

eta, it doesn't look over complicated to implement.. also i need to finished reading MIX spec but it looks like there's some stuff about that in there too :)

On xmpp.org they mention stroke as client library. A quick look around in the java world and i found camel-quarkus-xmpp. Any advice/remarks on that one?

I haven't used it, but that looks like it's just a simple thing to get XMPP messages into/out of their integration framework, not a full XMPP library?

There's also babbler if you're just looking for something in Java: https://bitbucket.org/sco0ter/babbler/src

ok thnx i'll look at that too