how to encrypt the whole xmpp exchange

22 views
Skip to first unread message

Ellouze Anis

unread,
Feb 16, 2021, 6:35:06 AM2/16/21
to libstrophe
here after the exchange of xmpp using libstrophe 0.10  

2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp SRV lookup failed, connecting via domain.
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp sock_connect() to ThinkPad-E480:5222 returned 3
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp Attempting to connect to ThinkPad-E480
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp connection successful
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - conn SENT: <?xml version="1.0"?><stream:stream to="zribi-ThinkPad-E480" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <stream:stream id="14525242889893328675" version="1.0" lang="en" from="ThinkPad-E480">
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <features xmlns="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>X-OAUTH2</mechanism></mechanisms><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/><register xmlns="http://jabber.org/features/iq-register"/></features>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - conn SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp handle proceedtls called for proceed
2018-05-04 22:21:01 [tr069_xmpp] DEBUG - xmpp proceeding with TLS

===> the TLS start after xmpp RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>

is it possible to enable crypto (tls) in the sock_connect of libstrophe ?

Dmitry Podgorny

unread,
Feb 18, 2021, 5:26:12 AM2/18/21
to libstrophe

Hello,

You can do this with legacy SSL. But server needs to be configured to expect legacy SSL connection instead of STARTTLS. This is because you cannot start TLS session when server doesn't expects it. When you have XMPP server configured, check how this example uses XMPP_CONN_FLAG_LEGACY_SSL: https://github.com/strophe/libstrophe/blob/master/examples/basic.c
Reply all
Reply to author
Forward
0 new messages