jdev - 2024-09-10


  1. Schimon

    Good day! Please read this. It is two lines and a few lines of XML. https://dev.gajim.org/gajim/gajim/-/issues/11979 Data Form value of `type="fixed"` is not manifested (Ad-Hoc Commands)

  2. Schimon

    https://codeberg.org/poezio/poezio/issues/3584 PEP, PubSub and Atom Over XMPP

  3. singpolyma

    Fixed with only a label is a bit of an odd case. Why not use fixed with text in that case?

  4. singpolyma

    Fixed with only a label is a bit of an odd case. Why not use fixed with value in that case?

  5. Schimon

    > Good day! > Please read this. > It is two lines and a few lines of XML. > https://dev.gajim.org/gajim/gajim/-/issues/11979 > Data Form value of `type="fixed"` is not manifested > (Ad-Hoc Commands) singpolyma. I am not familiar with the matter. This element is created by Slixmpp. Could it be that Slixmpp requires a fix, or probably my code?

  6. singpolyma

    For sure it's made by your code. You probably want to switch label for value there, especially since it looks like it isn't a label anyway?

  7. Schimon

    > For sure it's made by your code. You probably want to switch label for value there, especially since it looks like it isn't a label anyway? I think so, too. I will review my code.

  8. nicoco__

    XMPP components uses a "secret" passphrase to connect to their server. What threat model does that protect agains? ie, how bad would it be if components could connect without passphrase?

  9. Zash

    Other things running on the same machine?

  10. nicoco__

    isn't it basically game over if this happens anyway?

  11. nicoco__

    hmmm with properly configured unix users and permissions stuff maybe not, right…

  12. singpolyma

    Yeah for most setup it's a very small threat but it's there

  13. Zash

    I'm not sure how common it is to limit what ports local users can connect to

  14. nicoco__

    Zash: I was thinking about reading the passphrase in `/etc/...`

  15. Zash

    nicoco__, `chmod o-r`

  16. nicoco

    That's why I said "with properly configured unix users and permissions stuff" ;)

  17. moparisthebest

    No password and Unix sockets would provide better protection and be faster

  18. moparisthebest

    I thought it was more to restrict domains though...

  19. Link Mauve

    moparisthebest, are there servers able to listen on an unix socket for component connections?

  20. moparisthebest

    Link Mauve: don't know, but there should be

  21. moparisthebest

    Unix sockets have even been supported natively on windows for 7 years, time sure flies...

  22. singpolyma

    I wish that were supported. Using TCP on localhost is silly

  23. moparisthebest

    Prosody admin module listens on Unix socket, I thought that would be easy to adapt into a module that listens for c2s/s2s etc but not so much, for me anyway

  24. singpolyma

    Components aren't over normal c2s either. There is a xep for that but no one implemented it yet 😞