jdev - 2021-10-24

  1. lovetox

    Ge0rG, its not old, a few weeks

  2. lovetox

    thoug i take back the "by default"

  3. lovetox

    who knows what i changed in my wisdom

  4. lovetox

    but the option in openwrt is really bad named, i try to find it

  5. lovetox

    https://share.hoerist.com/philipp/QB1JMKjEDlfQGJfx/b1abc041-690c-4d7a-a7d9-403e619eadc4.png

  6. lovetox

    There tell me you see this option and think, No i defenitly want useless requests

  7. lovetox

    so i leave this unchecked

  8. lovetox

    turns out the useless request are not that useless

  9. lovetox

    thought to be fair thats not openwrt

  10. lovetox

    thats LUCI a webinterface for openwrt

  11. Zash

    Wat!

  12. Martin

    What are 'useless requests' in openwrt jargon translated to plain english,

  13. Martin

    What are 'useless requests' in openwrt jargon translated to plain english?

  14. lovetox

    in dnsmask config which openwrt uses there is a decade old configswitch

  15. lovetox

    -f, --filterwin2k Later versions of windows make periodic DNS requests which don't get sensible answers from the public DNS and can cause problems by trigger- ing dial-on-demand links. This flag turns on an option to filter such requests. The requests blocked are for records of types SOA and SRV, and type ANY where the requested name has underscores, to catch LDAP requests.

  16. lovetox

    this LUCI option turns this on, and filters all srv requests

  17. lovetox

    seems 12 years ago srv records counted as useless

  18. lovetox

    sorry all srv records with underscore

  19. lovetox

    which xmpp uses

  20. lovetox

    but i doubt this is on by default, i probably activated it because it looked good, when i configured my router

  21. lovetox

    goes to show that you should not push buttons if you dont know what they do

  22. Zash

    Win2k?!

  23. lovetox

    yeah more like 2 decades old :D

  24. lovetox

    but that option is so bad named in in luci

  25. lovetox

    the only reason to not activate that is when you actually know the background of what it does

  26. lovetox

    but if Zash wouldnt have made that issue, i would probably never know that srv requests didnt work, like i wasnt impacted at all by this

  27. selurvedu

    https://git.openwrt.org/?p=project/luci.git;a=blob;f=modules/luci-mod-network/htdocs/luci-static/resources/view/network/dhcp.js;h=f425bd060509167d9be4ca6b50fd1c258fe45969;hb=HEAD#l385 https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=dnsmasq.conf.example;hb=9560658c5ba27a370b97d30850db474ce67912b7#l38 # Note that (amongst other things) this blocks all SRV requests, # so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk. Yeah.

  28. selurvedu

    Not that useless.

  29. selurvedu

    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464357 so this was fixed in upstream in 2008, but 13 years later it's still labelled as "useless" in OpenWrt :-\

  30. Zash

    Things breaking SRV → admins deploying without → things continuing to break SRV

  31. selurvedu

    Speaking of SRV, what level of support and adoption do direct TLS s2s connections and _xmpps-server SRV records have?

  32. Zash

    ejabberd seems to do it, and Daves proxy thing but the name escapes me

  33. Zash

    Metre

  34. Zash

    Prosody trunk has some partial support, in that it can set up such a listening port and check if the SRV record is correctly set up

  35. selurvedu

    Zash, will Prosody connect to a server via direct TLS s2s if _xmpps-server record is correctly set up?

  36. Zash

    No

  37. Zash

    That's the hard part

  38. Sam

    Minor weird thing that I didn't expect to cause me so much trouble: turns out pubsub items aren't directly in the IQ payload, they have a second wrapper (eg. instad of "<iq><pubsub><item1/><item2/>" you have "<iq><pubsub><items><item1/><item2/>"). Very clearly documented in the XEP, but I just kind of skipped over the extra wrapper not expecting it and took forever to track down the problem.

  39. Martin

    But you have something locally. Are there any issues stopping you from pushing it?

  40. Zash

    Making it *

  41. Zash

    Making it *only* use `_xmpps-server` is easy.

  42. Zash

    Making it use _both_ is *hard*

  43. Martin

    I see.

  44. Martin

    Anyway, my server was part of the first prosody - prosody direct tls s2s connection. 😃

  45. Martin updates his CV…

  46. Sam

    In pubsub land do you have to publish a complete XML document? If it's wrapped in <item/> could you publish <foo/><bar/> for example?

  47. Zash

    Sam: Yes. One child of `<item/>`, no more, no less.

  48. Sam

    Thanks

  49. Zash

    Once upon a time there was a bunch of batch processing support in XEP-0060, that's where all the seemingly extra wrapper elements comes from

  50. Sam

    That's what I figured; it seemed weird that there was a wrapper but then you couldn't eg. retract multiple items at once, why wrap in <items/> if it's only one item?

  51. Zash

    `<items/>` _can_ have multiple items

  52. Sam

    err, <item/> then, whatever it's called

  53. Zash

    But you have iq/publish/item/{foo}bar

  54. Zash

    https://xmpp.org/extensions/xep-0060.html#nt-idm45119980301424

  55. Sam

    Trying to follow the constraints in this document is very difficult; thanks for the help.

  56. Zash

    Ah, there it is: https://xmpp.org/extensions/xep-0060.html#publisher-publish-error-badpayload > If the <item/> element does not contain exactly one payload element [...] the service MUST bounce the request with a <bad-request/> error

  57. Zash

    Conveniently far away from "The syntax is as follows:" https://xmpp.org/extensions/xep-0060.html#publisher-publish-request

  58. Sam

    "Ah, there it is" after some amount of time is exactly the problem I've been having :)

  59. Zash

    What, aren't you used to reading kleinbottle-shaped hyperdimensional documents by now? 😉

  60. Sam

    Alas, it's a skill I've never mastered.

  61. Zash

    Tho this is one of those that constantly grow new text when you're not looking, so I agree it can be a bit confusing.

  62. Sam

    However, after multiple attempts to get something as simple as "be able to publish and retract an item" working, I think I've finally done it. Integration tests running now, so we'll see how ejabberd handles them though.

  63. Zash

    Is this a client implementation?

  64. Sam

    Yah

  65. Zash

    Cool

  66. Sam

    Eventually it will grow a server side implementation too, but for now I just want "enough to fetch bookmarks"

  67. Zash

    When do we finish the XEP-0060 split?

  68. selurvedu

    Zash, I see, thanks. That is what I expected. I thought DTLS s2s is not supported anywhere, so I didn't configure it on my server, but since XEP-0368 mentions it, I decided to ask.

  69. Sam

    Excellent, ejabberd works too (for some reason it locks up the whole test suite if I try it locally, but works fine on the CI runner, so I'm never sure)

  70. selurvedu

    Also I stumbled upon https://code.moparisthebest.com/moparisthebest/xmpp-proxy , it looks very interesting.

  71. Zash

    Sam, if you don't already have https://xmpp.org/extensions/xep-0223.html open in parallel, might be worth to do so

  72. Zash filed https://github.com/openwrt/luci/issues/5456

  73. Sam

    Another one? *sigh* thanks

  74. Zash

    Don't worry, it's only Informational, on use of pubsub for bookmarks and such

  75. flow

    lovetox, you did not open an openwrt issue for, at least, better describing the configuration option, or maybe dropping it alltogether?

  76. flow

    lovetox, you did not, by chance, open an openwrt issue for, at least, better describing the configuration option, or maybe dropping it alltogether?

  77. Zash

    Yes, please do

  78. Martin

    > Zash filed https://github.com/openwrt/luci/issues/5456 Closed already…