how to encrypt the whole xmpp exchange
29 views
Skip to first unread message
Ellouze Anis
Feb 16, 2021, 6:35:06 AM2/16/21
to libstrophe
here after the exchange of xmpp using libstrophe 0.10
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp Attempting to connect to ThinkPad-E480
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp connection successful
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - conn SENT: <?xml version="1.0"?><stream:stream to="zribi-ThinkPad-E480" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <stream:stream id="14525242889893328675" version="1.0" lang="en" from="ThinkPad-E480">
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <features xmlns="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>X-OAUTH2</mechanism></mechanisms><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/><register xmlns="http://jabber.org/features/iq-register"/></features>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - conn SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp handle proceedtls called for proceed
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp SRV lookup failed, connecting via domain.
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp sock_connect() to ThinkPad-E480:5222 returned 32018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp Attempting to connect to ThinkPad-E480
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp connection successful
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - conn SENT: <?xml version="1.0"?><stream:stream to="zribi-ThinkPad-E480" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <stream:stream id="14525242889893328675" version="1.0" lang="en" from="ThinkPad-E480">
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <features xmlns="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>X-OAUTH2</mechanism></mechanisms><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/><register xmlns="http://jabber.org/features/iq-register"/></features>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - conn SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp handle proceedtls called for proceed
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp proceeding with TLS
===> the TLS start after xmpp RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
is it possible to enable crypto (tls) in the sock_connect of libstrophe ?
Dmitry Podgorny
Feb 18, 2021, 5:26:12 AM2/18/21
to libstrophe
Hello,
You can do this with legacy SSL. But server needs to be configured to expect legacy SSL connection instead of STARTTLS. This is because you cannot start TLS session when server doesn't expects it. When you have XMPP server configured, check how this example uses XMPP_CONN_FLAG_LEGACY_SSL: https://github.com/strophe/libstrophe/blob/master/examples/basic.c
Reply all
Reply to author
Forward
0 new messages