SSL (was Re: [JDEV] new RFC draft)
Chris Pile
cpile at snoogans.co.uk
Mon Feb 4 07:14:52 CST 2002
I have compiled jabber with SSL support and can successfully
listen/connect on the SSL/non-SSL client ports (5223/5222), but it
doesn't listen on the SSL s2s port (5270). You can see the server
listening on the standard/non-SSL s2s port 5269.
$ netstat -an | grep 52
tcp4 0 0 192.168.1.10.5269 *.* LISTEN
tcp4 0 0 192.168.1.10.5223 *.* LISTEN
tcp4 0 0 192.168.1.10.5222 *.* LISTEN
Just had a quick look through the code (in particular dialback.c) and it
doesn't look like SSL s2s has been implemented. As you said Peter, the
RFC is just protocol, it doesn't describe how the server is implemented.
Shame though SSL s2s would be very nice, especially for a large internal
messaging system spread accross different locations/servers. I have
heard of ppl connecting jabber servers using IPsec/VPNs but if s2s could
use SSL, there would be no need for a VPN.
Looking at client.c and dialback.c I shouldn't imagine it is difficult
to use SSL for s2s, but then I could be totally wrong. Temas, any
ideas?
Thanks,
Chris.
Peter Saint-Andre wrote:
>
> > I tried the following but port 5270 isn't listening. Also I have
> > successfully compiled SSL support and I'm using this for clients. I'm
> > using the CVS version of jabber2, checked out on Jan 17th.
>
> Well we must keep in mind that the RFC is just protocol for the
> standards-inclined. Everything but protocol is just an implementation
> detail. :)
>
> But yes you can run the 1.4 series server with SSL, but you need to
> compile the server with the SSL libraries and so on. I haven't done that
> myself so I can't tell you how to do it, though.
>
> Peter
>
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
More information about the JDev
mailing list