Re: [Standards] XEP-0368: What does a . for a target mean in _xmpps-client/server records?
Am 01.07.19 um 10:08 schrieb Dave Cridland:
[...]
Do you know which server implementations currently support both TLS and
non-TLS (with STARTLS) on the same port?
I have a vague recollection that Fippo mentioned this trick years ago -
perhaps Psyc, perhaps even the original Jabberd?
psyced supports that, as well as good old jabberd14.
Servers can do this by trying a (non-destructive) XML parse on the data,
and if that fails (with any error other than EOF), try interpreting it as a
TLS ClientHello handshake message. I think you could probably make some
heuristic based on the first character, too, and I think that's what Fippo
mentioned.
the heuristic works the other way round. You peek the first byte (i.e.
call recv with MSG_PEEK) .
0x16 means a TLSv1 record (and I think newer versions too), 0x80 or 0x00
indicate the evil SSLv2 (skip this), 0x3c ('<') is actually xml you can
feed into your xml parser. You can also demultiplex this on port 80 or
443 and run your web server along with your xmpp server.
If I say "Fippo" a third time, I think it summons him and he might
comment...
it does :-)
___
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: standards-unsubscr...@xmpp.org
___
Re: [Standards] XEP-0368: What does a . for a target mean in _xmpps-client/server records?
On Sun, 30 Jun 2019 at 17:31, Ralph Meijer wrote: > On June 30, 2019 5:20:09 PM GMT+02:00, Sam Whited > wrote: > >On Sun, Jun 30, 2019, at 15:16, Ralph Meijer wrote: > >> Hmm. On which port? I want to point out explicitly that although 5223 > >> has been used a bunch since before the IETF standardization, IANA has > >> assigned it to some HP management service. Hence my other proposal, > >> which is still currently unregistered. > > > >5222, assuming a client connection, probably. If we ever got a port > >registered for xmpps-client, I'd probably switch it to that. Although > >right now it seems fine to do both on 5222. > > Do you know which server implementations currently support both TLS and > non-TLS (with STARTLS) on the same port? I have a vague recollection that Fippo mentioned this trick years ago - perhaps Psyc, perhaps even the original Jabberd? Servers can do this by trying a (non-destructive) XML parse on the data, and if that fails (with any error other than EOF), try interpreting it as a TLS ClientHello handshake message. I think you could probably make some heuristic based on the first character, too, and I think that's what Fippo mentioned. If I say "Fippo" a third time, I think it summons him and he might comment... Dave. ___ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org ___
