Wait a second, I was told a single monolithic spec avoided this:
> The Conduit Matrix server (although not yet feature complete) is about 100x lighter on CPU than the server that runs matrix.org.
> The developer is now being funded to work on it full time. It's usable for private non-federated servers already (federation is not advised currently, because it is unearthing spec non-compliance issues in various other Matrix servers and clients), which have not yet been fixed.
adiaholichas joined
alameyohas joined
florettahas left
florettahas joined
lovetoxhas joined
adiaholichas left
adiaholichas joined
moparisthebesthas left
moparisthebesthas joined
moparisthebesthas left
moparisthebesthas joined
Menelhas left
lskdjfhas left
adiaholichas left
andyhas joined
adiaholichas joined
arcxihas left
adiaholichas left
adiaholichas joined
BASSGODhas left
rionhas left
rionhas joined
BASSGODhas joined
Tobiashas joined
mukt2has joined
dwdhas joined
lovetoxhas left
mukt2has left
mukt2has joined
mukt2has left
mukt2has joined
lovetoxhas joined
adiaholichas left
adiaholichas joined
mukt2has left
lorddavidiiihas joined
Alexhas joined
mukt2has joined
Menelhas joined
lorddavidiiihas left
adiaholichas left
alexbay218has left
mukt2has left
mukt2has joined
marekhas left
adiaholichas joined
yushyinhas left
yushyinhas joined
adiaholichas left
ti_gj06has joined
lorddavidiiihas joined
BASSGODhas left
BASSGODhas joined
mukt2has left
mukt2has joined
adiaholichas joined
mdosch
Did you ever use xmpp.com? Searx lead me to https://www.xmpp.com/extensions/xep-0371.html but the cert is invalid.
BASSGODhas left
BASSGODhas joined
mukt2has left
rorohas joined
deuillhas left
qrpnxz
are there any de facto standard ports for xmpps? Or just some common ones that you suggest?
Menel
The standard is 5222 for client and 5269 for server. These ports every server and client will try automatically.✎
deuillhas joined
Menel
The standard is 5222 for client and 5269 for server to server. These ports every server and client will try automatically. ✏
qrpnxz
for xmpps
qrpnxz
not xmpp
Menel
Ah, overread that.
qrpnxz
np easy to miss
florettahas left
Menel
I think its not really standardized, but maybe someone will correct me. People use 5223.
You just advertise it where you want.
qrpnxz
so for i've only found one server with an xmpps record
Menel
Many have them
qrpnxz
yeah 404.city has _xmpps-client on 5223
Menel
https://compliance.conversations.im/old/
Menel
Everyone that is green for srv for tls
qrpnxz
looks like xmpp.jp has both xmpp and xmpps on 5269 for server. I wonder how they do that. Try a handshake and if it fails try a normal connection? Seems like a waste of time lol
qrpnxz
thx for list
qrpnxz
ah that might not be that bad tbh. Maybe i'll do that we'll see
mukt2has joined
mdoschhas left
mdoschhas joined
qrpnxz
i think you actually know if it's trying to be TLS or XML on the first byte even
adiaholichas left
BASSGODhas left
neshtaxmpphas left
xeckshas joined
werdanhas joined
şişiohas joined
neshtaxmpphas joined
mukt2has left
adiaholichas joined
BASSGODhas joined
ti_gj06has left
florettahas joined
ti_gj06has joined
BASSGODhas left
debaclehas joined
BASSGODhas joined
arcxihas joined
debaclehas left
debaclehas joined
BASSGODhas left
beanhas joined
BASSGODhas joined
florettahas left
karoshihas joined
goffihas joined
LNJhas joined
jcbrandhas joined
adiaholichas left
florettahas joined
antranigvhas joined
werdanhas left
mukt2has joined
BASSGODhas left
BASSGODhas joined
Menel
Doesn't really matter, since non other server supports it
croaxhas joined
Menel
Direct TLS is for c2s
elliot020has left
BASSGODhas left
mathijshas left
mathijshas joined
mathijshas left
chronosx88has left
chronosx88has joined
BASSGODhas joined
adiaholichas joined
Samhas left
ti_gj06has left
ti_gj06has joined
Steve Killehas left
deuillhas left
Steve Killehas joined
Samhas joined
qrpnxz
haha no
mathijshas joined
deuillhas joined
moparisthebesthas left
Kevhas joined
adiaholichas left
moparisthebesthas joined
BASSGODhas left
şişio
XMPP really good and safe
şişio
I like it
adiaholichas joined
BASSGODhas joined
peetahhas left
peetahhas joined
adiaholichas left
ti_gj06has left
marchas joined
BASSGODhas left
adiaholichas joined
BASSGODhas joined
marchas left
marchas joined
emushas joined
ti_gj06has joined
antranigvhas left
stphas joined
marekhas joined
wurstsalathas joined
şişio
aTalk fdroid app hasnt got new aTalk version
şişio
I writed
jcbrandhas left
stphas left
jcbrandhas joined
stphas joined
mukt2has left
eevvoor
I never heard of the aTalk App. Who is the dev behind it`?✎
eevvoor
I never heard of the aTalk App. Who is the dev behind it? ✏
BASSGODhas left
adiaholichas left
mdosch
https://github.com/cmeng-git/atalk-android
BASSGODhas joined
şişio
> https://github.com/cmeng-git/atalk-android
How do I download it?
Samhas left
mdosch
Usually you won't build it yourself but install it from Google Play or Fdroid.
adiaholichas joined
şişio
> Usually you won't build it yourself but install it from Google Play or Fdroid.
Fdroid doesn't have a new version
Alexhas left
Alexhas joined
mukt2has joined
adiaholichas left
BASSGODhas left
Samhas joined
BASSGODhas joined
jcbrandhas left
adiaholichas joined
BASSGODhas left
Menel
Fdroid has problems to build it, it seems nit easy to get it right with the dependencys
BASSGODhas joined
adiaholichas left
lovetoxhas left
lovetoxhas joined
adiaholichas joined
ti_gj06has left
florettahas left
Zashhas left
adiaholichas left
Zashhas joined
adiaholichas joined
mukt2has left
BASSGODhas left
adiaholichas left
jcbrandhas joined
BASSGODhas joined
florettahas joined
adiaholichas joined
alameyohas left
Menelhas left
Menelhas joined
Menelhas left
Menelhas joined
Menelhas left
Menelhas joined
BASSGODhas left
Menelhas left
Menelhas joined
BASSGODhas joined
lovetoxhas left
lovetoxhas joined
lovetoxhas left
x51has joined
lovetoxhas joined
Andrzejhas joined
deuillhas left
inkyhas left
adiaholichas left
mukt2has joined
ti_gj06has joined
moparisthebesthas left
wurstsalathas left
florettahas left
deuillhas joined
andrey.ghas joined
papatutuwawahas joined
mukt2has left
marchas left
marchas joined
adiaholichas joined
adiaholichas left
Menelhas left
Menelhas joined
BASSGODhas left
debaclehas left
debaclehas joined
BASSGODhas joined
adiaholichas joined
Andrzejhas left
adiaholichas left
adiaholichas joined
ti_gj06has left
LNJhas left
Andrzejhas joined
debaclehas left
debaclehas joined
Wojtekhas joined
adiaholichas left
chronosx88has left
LNJhas joined
chronosx88has joined
papatutuwawahas left
debaclehas left
debaclehas joined
BASSGODhas left
BASSGODhas joined
adiaholichas joined
debaclehas left
debaclehas joined
debaclehas left
debaclehas joined
peetahhas left
peetahhas joined
adiaholichas left
debaclehas left
debaclehas joined
adiaholichas joined
mukt2has joined
peetahhas left
peetahhas joined
moparisthebesthas joined
debaclehas left
debaclehas joined
şişio
Hmm okay
BASSGODhas left
BASSGODhas joined
jcbrandhas left
BASSGODhas left
BASSGODhas joined
mukt2has left
ti_gj06has joined
debaclehas left
florettahas joined
marc0shas left
marc0shas joined
adiaholichas left
adiaholichas joined
BASSGODhas left
Calvinhas joined
peetahhas left
peetahhas joined
alameyohas joined
BASSGODhas joined
BASSGODhas left
lskdjfhas joined
deuillhas left
adiaholichas left
adiaholichas joined
alameyohas left
BASSGODhas joined
ti_gj06has left
deuillhas joined
mukt2has joined
moparisthebest
qrpnxz, xep-368 direct tls is most valuable on port 443 due to crap firewalls, the most popular way servers multiplex is with sslh or nginx or something https://wiki.xmpp.org/web/Tech_pages/XEP-0368
qrpnxz
agreed
wgreenhousehas left
moparisthebest
I even suggest ignoring spec and hard-coding 443 as the fallback default for it , just don't tell certain people or they'll have a heart attack https://github.com/moparisthebest/xmpp-proxy/blob/master/src/srv.rs#L122
Zash
Depending on your socket and TLS library, you can check if the first byte is '<' or \27 (iirc) and decide plain/direct tls on that
Zashthrows things at moparisthebest
moparisthebestducks like a ninja
qrpnxz
checking for < is too risk, I would just check for w/e magic byte tls uses, and if it's not that then start trying to parse xml
BASSGODhas left
wgreenhousehas joined
moparisthebest
qrpnxz, I check first 3 bytes to decide TLS or not https://github.com/moparisthebest/xmpp-proxy/blob/master/src/tls.rs#L145
moparisthebest
it probably is fine to just check if the first is 0x16
Zash
moparisthebest: Good job. You crashed my Dino 🙁
Zash
Some byte followed by two bytes representing the SSL version
wgreenhousehas left
BASSGODhas joined
qrpnxz
moparisthebest, 0x16 is already not valid xml, so i'd try tls just based on that
moparisthebest
yes, I'll probably change it
wgreenhousehas joined
qrpnxz
and not that i'm super against checking a couple more bytes, but in Go it's gonna be trivial to unread one byte, but not anymore than that.
qrpnxz
in rust idk
Alexhas left
Andrzejhas left
stphas left
Andrzejhas joined
qrpnxz
lol thx for putting the rfc and section in the comments, i've been doing that as well xD
moparisthebest
yea if you scroll up a bit you'll see that I discovered it's almost impossible to read > 1 in rust too, and I resorted to hacks, and lamented that I should probably only check 0x16 only :P
Sam
I'm assuming you're using bufio in which case it's trivial to do either
Sam
but 1 byte is good enough either way
qrpnxz
bufio can only unread one byte
Andrzejhas left
qrpnxz
ah but you can peek more than that
Sam
https://pkg.go.dev/bufio#Reader.Peek
qrpnxz
lol
Alexhas joined
moparisthebest
be carefuly though, looks similar to rust's API and it'll let you just spin forever waiting for 3 bytes that'll never come
qrpnxz
no worries i'm using timeouts
qrpnxz
but thx
BASSGODhas left
Sam
yah, the read will indeed spin, but if you haven't set timeouts that's a problem either way
BASSGODhas joined
qrpnxz
you could also not have xmpp and xmpps on the same port then you don't have to this check :)
qrpnxz
it'd be interesting to have both a webpage and xmpp server on the same port tho. I don't know how HTTP/2 requests start however
BASSGODhas left
Zash
ALPN?
qrpnxz
alpn gives away it's xmpp
Zash
I thought we had arrived in the promised land of encrypted handshakes?
adiaholichas left
adiaholichas joined
beanhas left
beanhas joined
ti_gj06has joined
inkyhas joined
adiaholichas left
qrpnxz
best not to use HTTP/2 actually.
```
implementations that support HTTP/2 over TLS MUST use protocol negotiation in TLS [TLS-ALPN].
```
And if ALPN is used, XEP-0368 says to set it for xmpp.
qrpnxz
so you'd wanna do http 1.1, check that request looks like an http request or not, if it doesn't you start parsing xml.
qrpnxz
first 3-4 bytes should suffice for the request method
Zash
Uppercase ASCII letter
Zash
IIRC
qrpnxz
i'll check but probably
Zash
Prosodys mod_net_multiplex does ^[A-Z] → http for example.
BASSGODhas joined
Holger
> so you'd wanna do http 1.1, check that request looks like an http request or not, if it doesn't you start parsing xml.
After decades of developing Internet technology, we ended up with pure elegance.
adiaholichas joined
qrpnxz
😁️
Kev
Isn’t checking for < sufficient to know it’s XML?
qrpnxz
Honestly doing [GHPDCOT] on the first byte should be good enough
Kev
Whether you preamble or not, that’ll be the first char.
qrpnxz
Kev, no because it doesn't have to start like that
qrpnxz
it could start with whitespace
Kev
We allow that?
qrpnxz
i can recheck
Zash
HTCPCP?
qrpnxz
but afaik yes
Kev
I had in my head that we didn’t, for some reason.
qrpnxz
yeah i don't see any such restriction, but if you find it let me know
Zash
Whitespace before `<?xml?>` is forbidden, I think. Expat rejects it at least.
adiaholichas left
qrpnxz
ik other parser don't but that you SHOULD put it at the start for file type detection
inkyhas left
Zash
Seems to be just fine with whitespace before `<stream:stream ...` tho
Zash
The multiplex thing checks for a bunch more anyways
raghavgururajanhas left
emushas left
qrpnxz
oh that's nice, XML 1.1 actually requires the xml decl. XML 1.0 only recommends it
Andrzejhas joined
Zash
XMPP is XML 1.0 tho
moparisthebest
qrpnxz: don't forget SNI which you can abuse too, all of my TLS services work over port 443 using sslh
qrpnxz
SNI?
Zash
Personally it feels extremely redundant, since XMPP is always XML and UTF-8 and I think everything else you can say with <?xml?> is forbidden
qrpnxz
xmpp might not always use xml 1.0
Zash
Server Name Indication, what the HTTP world invented instead of telling which host (and thus cert) is expected prior to TLS.
andyhas left
stphas joined
Sam
it will because almost no one implements 1.1 and at this point no one ever will
adiaholichas joined
mukt2has left
moparisthebest
qrpnxz, like imap.example.org goes to dovecot and smtp.example.org goes to postfix etc etc
qrpnxz
i plan to, it's not that different either, just adds internationalization stuff
moparisthebest
and there is no negotiation for xml 1.1 meaning... it'll never happen
andyhas joined
Zash
Wouldn't the "modern" way be to add some ALPN XMPP 2.0 thing then? (not serious, but if it happens it'll probably turn out something like that)
Sam
Negotiation would be "what decl does the client send?" no?
Sam
not that it matters, just cirious
Sam
curious too
moparisthebest
sure, but then what, you've got client1 <-> server1 <-> server2 <-> client2 and each of those 3 links can be XML 1.0 or 1.1 now ? do the servers automagically convert or... what's the advantage
beanhas left
beanhas joined
beanhas left
BASSGODhas left
beanhas joined
qrpnxz
hmm, actually xml 1.1 is not just internalization. Looking at the grammar to answer the whitespace question, it actually cleans up some other crap in the standard. Btw, if there is an xmldecl, it indeed has to be the very first thing in the document. If we were using xml 1.1 which requires the xmldecl, that means that you would indeed reliable detect an xml document.
toutafaithas joined
qrpnxz
i guess you could check for `<?xml ` then sometimes you'd know for sure if it's XML, but not always.
Andrzejhas left
Andrzejhas joined
qrpnxz
> I think everything else you can say with <?xml?> is forbidden
Zash, you're also allowed to say `standalone="yes"` :)
Zash
What sense does that make in XMPP?
BASSGODhas joined
andyhas left
andyhas joined
qrpnxz
it must be a standalone document for xmpp, so you aren't allowed to say `standalone="no"`
pjnhas joined
Zash
So what's the point?
Zash
Explicit > implicit?
qrpnxz
just informing you there's one more thing that's not forbidden :)
Zash
My point is that there's a bunch of things you can say where you only have one choice, where saying nothing means the same thing.
Zash
Which makes it feel like a waste of bytes.
qrpnxz
ah yeah i wouldn't bother sending encoding or standalone attributes
qrpnxz
i'd send xmldecl to help detection tho
papatutuwawahas joined
emushas joined
jcbrandhas joined
adiaholichas left
alameyohas joined
adiaholichas joined
ti_gj06has left
neshtaxmpphas left
adiaholichas left
adiaholichas joined
etahas left
adiaholichas left
adiaholichas joined
etahas joined
wurstsalathas joined
mukt2has joined
BASSGODhas left
Syndacehas left
Syndacehas joined
BASSGODhas joined
alameyohas left
mukt2has left
mukt2has joined
inkyhas joined
BASSGODhas left
adiaholichas left
adiaholichas joined
BASSGODhas joined
mukt2has left
mukt2has joined
pasdesushihas joined
adiaholichas left
mathijshas left
mathijshas joined
debaclehas joined
werdanhas joined
adiaholichas joined
papatutuwawahas left
BASSGODhas left
adiaholichas left
adiaholichas joined
BASSGODhas joined
neshtaxmpphas joined
toutafaithas left
toutafaithas joined
mukt2has left
toutafait
> mdosch wrote:
> https://github.com/cmeng-git/atalk-android
is it better than conversation/blabber?