-
moparisthebest
Wait a second, I was told a single monolithic spec avoided this: > The Conduit Matrix server (although not yet feature complete) is about 100x lighter on CPU than the server that runs matrix.org. > The developer is now being funded to work on it full time. It's usable for private non-federated servers already (federation is not advised currently, because it is unearthing spec non-compliance issues in various other Matrix servers and clients), which have not yet been fixed.
-
mdosch
Did you ever use xmpp.com? Searx lead me to https://www.xmpp.com/extensions/xep-0371.html but the cert is invalid.
-
qrpnxz
are there any de facto standard ports for xmpps? Or just some common ones that you suggest?
-
Menel
The standard is 5222 for client and 5269 for server. These ports every server and client will try automatically.✎ -
Menel
The standard is 5222 for client and 5269 for server to server. These ports every server and client will try automatically. ✏
-
qrpnxz
for xmpps
-
qrpnxz
not xmpp
-
Menel
Ah, overread that.
-
qrpnxz
np easy to miss
-
Menel
I think its not really standardized, but maybe someone will correct me. People use 5223. You just advertise it where you want.
-
qrpnxz
so for i've only found one server with an xmpps record
-
Menel
Many have them
-
qrpnxz
yeah 404.city has _xmpps-client on 5223
-
Menel
https://compliance.conversations.im/old/
-
Menel
Everyone that is green for srv for tls
-
qrpnxz
looks like xmpp.jp has both xmpp and xmpps on 5269 for server. I wonder how they do that. Try a handshake and if it fails try a normal connection? Seems like a waste of time lol
-
qrpnxz
thx for list
-
qrpnxz
ah that might not be that bad tbh. Maybe i'll do that we'll see
-
qrpnxz
i think you actually know if it's trying to be TLS or XML on the first byte even
-
Menel
Doesn't really matter, since non other server supports it
-
Menel
Direct TLS is for c2s
-
qrpnxz
haha no
-
şişio
XMPP really good and safe
-
şişio
I like it
-
şişio
aTalk fdroid app hasnt got new aTalk version
-
şişio
I writed
-
eevvoor
I never heard of the aTalk App. Who is the dev behind it`?✎ -
eevvoor
I never heard of the aTalk App. Who is the dev behind it? ✏
-
mdosch
https://github.com/cmeng-git/atalk-android
-
şişio
> https://github.com/cmeng-git/atalk-android How do I download it?
-
mdosch
Usually you won't build it yourself but install it from Google Play or Fdroid.
-
şişio
> Usually you won't build it yourself but install it from Google Play or Fdroid. Fdroid doesn't have a new version
-
Menel
Fdroid has problems to build it, it seems nit easy to get it right with the dependencys
-
şişio
Hmm okay
-
moparisthebest
qrpnxz, xep-368 direct tls is most valuable on port 443 due to crap firewalls, the most popular way servers multiplex is with sslh or nginx or something https://wiki.xmpp.org/web/Tech_pages/XEP-0368
-
qrpnxz
agreed
-
moparisthebest
I even suggest ignoring spec and hard-coding 443 as the fallback default for it , just don't tell certain people or they'll have a heart attack https://github.com/moparisthebest/xmpp-proxy/blob/master/src/srv.rs#L122
-
Zash
Depending on your socket and TLS library, you can check if the first byte is '<' or \27 (iirc) and decide plain/direct tls on that
- Zash throws things at moparisthebest
- moparisthebest ducks like a ninja
-
qrpnxz
checking for < is too risk, I would just check for w/e magic byte tls uses, and if it's not that then start trying to parse xml
-
moparisthebest
qrpnxz, I check first 3 bytes to decide TLS or not https://github.com/moparisthebest/xmpp-proxy/blob/master/src/tls.rs#L145
-
moparisthebest
it probably is fine to just check if the first is 0x16
-
Zash
moparisthebest: Good job. You crashed my Dino 🙁
-
Zash
Some byte followed by two bytes representing the SSL version
-
qrpnxz
moparisthebest, 0x16 is already not valid xml, so i'd try tls just based on that
-
moparisthebest
yes, I'll probably change it
-
qrpnxz
and not that i'm super against checking a couple more bytes, but in Go it's gonna be trivial to unread one byte, but not anymore than that.
-
qrpnxz
in rust idk
-
qrpnxz
lol thx for putting the rfc and section in the comments, i've been doing that as well xD
-
moparisthebest
yea if you scroll up a bit you'll see that I discovered it's almost impossible to read > 1 in rust too, and I resorted to hacks, and lamented that I should probably only check 0x16 only :P
-
Sam
I'm assuming you're using bufio in which case it's trivial to do either
-
Sam
but 1 byte is good enough either way
-
qrpnxz
bufio can only unread one byte
-
qrpnxz
ah but you can peek more than that
-
Sam
https://pkg.go.dev/bufio#Reader.Peek
-
qrpnxz
lol
-
moparisthebest
be carefuly though, looks similar to rust's API and it'll let you just spin forever waiting for 3 bytes that'll never come
-
qrpnxz
no worries i'm using timeouts
-
qrpnxz
but thx
-
Sam
yah, the read will indeed spin, but if you haven't set timeouts that's a problem either way
-
qrpnxz
you could also not have xmpp and xmpps on the same port then you don't have to this check :)
-
qrpnxz
it'd be interesting to have both a webpage and xmpp server on the same port tho. I don't know how HTTP/2 requests start however
-
Zash
ALPN?
-
qrpnxz
alpn gives away it's xmpp
-
Zash
I thought we had arrived in the promised land of encrypted handshakes?
-
qrpnxz
best not to use HTTP/2 actually. ``` implementations that support HTTP/2 over TLS MUST use protocol negotiation in TLS [TLS-ALPN]. ``` And if ALPN is used, XEP-0368 says to set it for xmpp.
-
qrpnxz
so you'd wanna do http 1.1, check that request looks like an http request or not, if it doesn't you start parsing xml.
-
qrpnxz
first 3-4 bytes should suffice for the request method
-
Zash
Uppercase ASCII letter
-
Zash
IIRC
-
qrpnxz
i'll check but probably
-
Zash
Prosodys mod_net_multiplex does ^[A-Z] → http for example.
-
Holger
> so you'd wanna do http 1.1, check that request looks like an http request or not, if it doesn't you start parsing xml. After decades of developing Internet technology, we ended up with pure elegance.
-
qrpnxz
😁️
-
Kev
Isn’t checking for < sufficient to know it’s XML?
-
qrpnxz
Honestly doing [GHPDCOT] on the first byte should be good enough
-
Kev
Whether you preamble or not, that’ll be the first char.
-
qrpnxz
Kev, no because it doesn't have to start like that
-
qrpnxz
it could start with whitespace
-
Kev
We allow that?
-
qrpnxz
i can recheck
-
Zash
HTCPCP?
-
qrpnxz
but afaik yes
-
Kev
I had in my head that we didn’t, for some reason.
-
qrpnxz
yeah i don't see any such restriction, but if you find it let me know
-
Zash
Whitespace before `<?xml?>` is forbidden, I think. Expat rejects it at least.
-
qrpnxz
ik other parser don't but that you SHOULD put it at the start for file type detection
-
Zash
Seems to be just fine with whitespace before `<stream:stream ...` tho
-
Zash
The multiplex thing checks for a bunch more anyways
-
qrpnxz
oh that's nice, XML 1.1 actually requires the xml decl. XML 1.0 only recommends it
-
Zash
XMPP is XML 1.0 tho
-
moparisthebest
qrpnxz: don't forget SNI which you can abuse too, all of my TLS services work over port 443 using sslh
-
qrpnxz
SNI?
-
Zash
Personally it feels extremely redundant, since XMPP is always XML and UTF-8 and I think everything else you can say with <?xml?> is forbidden
-
qrpnxz
xmpp might not always use xml 1.0
-
Zash
Server Name Indication, what the HTTP world invented instead of telling which host (and thus cert) is expected prior to TLS.
-
Sam
it will because almost no one implements 1.1 and at this point no one ever will
-
moparisthebest
qrpnxz, like imap.example.org goes to dovecot and smtp.example.org goes to postfix etc etc
-
qrpnxz
i plan to, it's not that different either, just adds internationalization stuff
-
moparisthebest
and there is no negotiation for xml 1.1 meaning... it'll never happen
-
Zash
Wouldn't the "modern" way be to add some ALPN XMPP 2.0 thing then? (not serious, but if it happens it'll probably turn out something like that)
-
Sam
Negotiation would be "what decl does the client send?" no?
-
Sam
not that it matters, just cirious
-
Sam
curious too
-
moparisthebest
sure, but then what, you've got client1 <-> server1 <-> server2 <-> client2 and each of those 3 links can be XML 1.0 or 1.1 now ? do the servers automagically convert or... what's the advantage
-
qrpnxz
hmm, actually xml 1.1 is not just internalization. Looking at the grammar to answer the whitespace question, it actually cleans up some other crap in the standard. Btw, if there is an xmldecl, it indeed has to be the very first thing in the document. If we were using xml 1.1 which requires the xmldecl, that means that you would indeed reliable detect an xml document.
-
qrpnxz
i guess you could check for `<?xml ` then sometimes you'd know for sure if it's XML, but not always.
-
qrpnxz
> I think everything else you can say with <?xml?> is forbidden Zash, you're also allowed to say `standalone="yes"` :)
-
Zash
What sense does that make in XMPP?
-
qrpnxz
it must be a standalone document for xmpp, so you aren't allowed to say `standalone="no"`
-
Zash
So what's the point?
-
Zash
Explicit > implicit?
-
qrpnxz
just informing you there's one more thing that's not forbidden :)
-
Zash
My point is that there's a bunch of things you can say where you only have one choice, where saying nothing means the same thing.
-
Zash
Which makes it feel like a waste of bytes.
-
qrpnxz
ah yeah i wouldn't bother sending encoding or standalone attributes
-
qrpnxz
i'd send xmldecl to help detection tho
-
toutafait
> mdosch wrote: > https://github.com/cmeng-git/atalk-android is it better than conversation/blabber?
-
toutafait
better being "to have more features"✎ -
toutafait
better meaning: "to have more features" ✏
-
Zash
Try it and compare?
-
toutafait
old version on fdroid
-
eta
I found the XMPP tunnel
-
eta
https://theta.eu.org/xmpp/upload/GQEMe1jq_9IuZ66Q/cStIxtEhQbyjL98TA7nudg.jpg
-
şişio
Test
-
şişio
Good
-
şişio
If I add myself, I'll have a notebook.
-
şişio
Right?
-
şişio
No one can see
-
moparisthebest
your server admin, unless you encrypt
-
eevvoor
Gajim does not allow me to add myself to my own roster. Or the Server does not allow this.
-
wurstsalat
eevvoor, if you have 2+ devices online, gajim shows your own contact (but that's buggy at the moment). 1.4 will have this more prominent
-
Zash
Forbidden by some specification or something
-
Zash
Or was it hysterical raisins?
-
eevvoor
wurstsalat, it does work for me without bugs. I meant the ecact same jid does not work. ;-)✎ -
eevvoor
wurstsalat, it does work for me without bugs. I meant the exact same jid does not work. ;-) ✏
-
Zash
You're already implicitly subscribed to your own presence tho
-
eevvoor
yeay but şişio asked for "writing" to yourself, not mere presence✎ -
eevvoor
yeay but şişio asked for "writing" to yourself, not mere presence ✏
-
Zash
Don't need presence or roster entry to write to anyone, especially not yourself
-
şişio
> moparisthebest wrote: > your server admin, unless you encrypt How? I dont understand
-
moparisthebest
omemo, pgp etc
-
moparisthebest
I send myself messages all the time
-
şişio
If I encrypt it, no one can see it, so there'll be a notebook.
-
şişio
> I wrote: > If I encrypt it, no one can see it, so there'll be a notebook. Right?
-
eevvoor
yes şişio
-
şişio
I can't get old messages in new session on Xmpp
-
şişio
Test
-
eevvoor
that is normal şişio.
-
eevvoor
Only new messages will be received.