jdev - 2022-05-02


  1. Martin

    https://xmpp.org/extensions/xep-0420.html#affix_elements > Prevent known ciphertext and message length correlation attacks. The content of this element is a randomly generated sequence of random length between 0 and 200 characters. TODO: sane boundaries? Hmm, so I should change rpad to '200-messagelength%200' 🤔

  2. Martin

    https://files.mdosch.de/upload/zPDnDQiM8CUtYgpq9Vfe0zGK/pHxv-z42S7ykFzi6A5dxbg.jpg

  3. Martin

    BTW, why we have two jdev? 🤔

  4. Link Mauve

    The old one got replaced with the new one because the old server was extremely old.

  5. Link Mauve

    It isn’t in use any longer (AFAIK).

  6. pep.

    Wasn't it destroyed?

  7. Link Mauve

    I don’t know.

  8. Martin

    About the first question, don't you think 200 chars is pretty long for the rpad?

  9. jonas’

    Martin, mind that when generating the padding, you need to count utf-8 bytes, not unicode codepoints btw

  10. jonas’

    Martin, mind that when generating the padding based on the message length, you need to count utf-8 bytes, not unicode codepoints btw

  11. Martin

    He, i think I have to change that.

  12. Martin

    Should be OK now: > go build . && echo "☭"|./go-sendxmpp --ox martin@mdosch.de > Message length: 3 > Rpad length: 97 > Rpad: e1f49f122ccf5a860024a1eaabb8de9811d6d3a1ff89dc8f838d7b317c49f9011bea3dddf8f6bc4432c976947bbd42137cf25b870aad04680a0eda3d876bcdabb47b50a319f1ab87d4adcf460c4a98a91f9b25cf9b3150ccff1493960cbb72931e But I think I rather stick with padding to a multiple of 100 as 200 seems a bit exaggerated…

  13. lovetox

    i have a server, which when in muc, the muc reflection of the message has 2 stanza-id nodes

  14. lovetox

    one with a "by" attr of the muc jid, so archive of the muc

  15. lovetox

    one with a "by" attr of the account of the user who sent the message

  16. lovetox

    .. why why why

  17. lovetox

    the spec is great about it

  18. lovetox

    everything is written like it allows multiple stanza id elements

  19. lovetox

    but then in the last sentence

  20. lovetox

    The value of the 'by' attribute MUST be the XMPP address of the entity assigning the unique and stable stanza ID. For one-on-one messages the assigning entity is the account. In groupchats the assigning entity is the room.

  21. lovetox

    no .. the assigning entity is whatever is in the by attr and not necessarily the room or account