<div dir="auto">Thank you for this info.</div> <div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Mar 29, 2020, 8:00 AM <<a href="mailto:jdev-request@jabber.org">jdev-request@jabber.org</a>> wrote: </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Send JDev mailing list submissions to <a href="mailto:jdev@jabber.org" target="_blank" rel="noreferrer">jdev@jabber.org</a> To subscribe or unsubscribe via the World Wide Web, visit <a href="https://mail.jabber.org/mailman/listinfo/jdev" rel="noreferrer noreferrer" target="_blank">https://mail.jabber.org/mailman/listinfo/jdev</a> or, via email, send a message with subject or body 'help' to <a href="mailto:jdev-request@jabber.org" target="_blank" rel="noreferrer">jdev-request@jabber.org</a> You can reach the person managing the list at <a href="mailto:jdev-owner@jabber.org" target="_blank" rel="noreferrer">jdev-owner@jabber.org</a> When replying, please edit your Subject line so it is more specific than "Re: Contents of JDev digest..." Today's Topics: 1. [ANN] Bad XMPP - Connectivity test suite (Kim Alvefur) 2. Re: [ANN] Bad XMPP - Connectivity test suite (Guus der Kinderen) 3. Re: [ANN] Bad XMPP - Connectivity test suite (Jonas Sch?fer) ---------------------------------------------------------------------- Message: 1 Date: Sat, 28 Mar 2020 19:55:15 +0100 From: Kim Alvefur <<a href="mailto:zash@zash.se" target="_blank" rel="noreferrer">zash@zash.se</a>> To: <a href="mailto:jdev@jabber.org" target="_blank" rel="noreferrer">jdev@jabber.org</a> Subject: [jdev] [ANN] Bad XMPP - Connectivity test suite Message-ID: <<a href="mailto:20200328185514.str7achubcgkfpvl@carcharodon.zash.se" target="_blank" rel="noreferrer">20200328185514.str7achubcgkfpvl@carcharodon.zash.se</a>> Content-Type: text/plain; charset=us-ascii Hello! Server-to-server connectivity is not perfect today. Certificates expire, mistakes are made in DNS zones and firewall configurations. In order to see how XMPP software react to such things without having to wait for problems to pop up, I have set up a few test cases. Most of these have some sort of configuration problem, ranging from faulty DNS and blocked ports up to certificate problems and XMPP s2s authentication. I would be happy if this leads to improved error reporting all the way to end users. Some hint about why their messages could not be delivered are surely better than having them disappear into the void without a trace. Logging and reporting for service operators is also important. Website with list of test cases: <<a href="http://badxmpp.eu/" rel="noreferrer noreferrer" target="_blank">http://badxmpp.eu/</a>> Test cases can also be listed via XEP-0030 items request: <xmpp:<a href="http://badxmpp.eu?disco;type=get;request=items" rel="noreferrer noreferrer" target="_blank">badxmpp.eu?disco;type=get;request=items</a>> Suggestions for additional tests are welcomed. Equivalent tests for XMPP client connectivity is one thing I would like to add, but as a server developer I choose to focus on s2s first. -- Happy testing, Kim "Zash" Alvefur Prosody developer XMPP Council ------------------------------ Message: 2 Date: Sat, 28 Mar 2020 21:14:52 +0100 From: Guus der Kinderen <<a href="mailto:guus.der.kinderen@gmail.com" target="_blank" rel="noreferrer">guus.der.kinderen@gmail.com</a>> To: "Jabber/XMPP software development list" <<a href="mailto:jdev@jabber.org" target="_blank" rel="noreferrer">jdev@jabber.org</a>> Subject: Re: [jdev] [ANN] Bad XMPP - Connectivity test suite Message-ID: <CAMJaV9=+OKb_U075D2gqhD6kB2k5xMG=4WiEn7d9Ps5Adhu=<a href="mailto:sA@mail.gmail.com" target="_blank" rel="noreferrer">sA@mail.gmail.com</a>> Content-Type: text/plain; charset="utf-8" This is super useful. Thanks! Op za 28 mrt. 2020 19:58 schreef Kim Alvefur <<a href="mailto:zash@zash.se" target="_blank" rel="noreferrer">zash@zash.se</a>>: > Hello! > > Server-to-server connectivity is not perfect today. Certificates expire, > mistakes are made in DNS zones and firewall configurations. > > In order to see how XMPP software react to such things without having to > wait for problems to pop up, I have set up a few test cases. Most of > these have some sort of configuration problem, ranging from faulty DNS > and blocked ports up to certificate problems and XMPP s2s > authentication. > > I would be happy if this leads to improved error reporting all the way > to end users. Some hint about why their messages could not be delivered > are surely better than having them disappear into the void without a > trace. Logging and reporting for service operators is also important. > > Website with list of test cases: <<a href="http://badxmpp.eu/" rel="noreferrer noreferrer" target="_blank">http://badxmpp.eu/</a>> > > Test cases can also be listed via XEP-0030 items request: > <xmpp:<a href="http://badxmpp.eu?disco;type=get;request=items" rel="noreferrer noreferrer" target="_blank">badxmpp.eu?disco;type=get;request=items</a>> > > Suggestions for additional tests are welcomed. Equivalent tests for XMPP > client connectivity is one thing I would like to add, but as a server > developer I choose to focus on s2s first. > > -- > Happy testing, > Kim "Zash" Alvefur > Prosody developer > XMPP Council > _______________________________________________ > JDev mailing list > Info: <a href="https://mail.jabber.org/mailman/listinfo/jdev" rel="noreferrer noreferrer" target="_blank">https://mail.jabber.org/mailman/listinfo/jdev</a> > Unsubscribe: <a href="mailto:JDev-unsubscribe@jabber.org" target="_blank" rel="noreferrer">JDev-unsubscribe@jabber.org</a> > _______________________________________________ > -------------- next part -------------- An HTML attachment was scrubbed... URL: <<a href="http://mail.jabber.org/pipermail/jdev/attachments/20200328/bdb1be24/attachment-0001.html" rel="noreferrer noreferrer" target="_blank">http://mail.jabber.org/pipermail/jdev/attachments/20200328/bdb1be24/attachment-0001.html</a>> ------------------------------ Message: 3 Date: Sun, 29 Mar 2020 13:15:09 +0200 From: Jonas Sch?fer <<a href="mailto:jonas@wielicki.name" target="_blank" rel="noreferrer">jonas@wielicki.name</a>> To: Jabber/XMPP software development list <<a href="mailto:jdev@jabber.org" target="_blank" rel="noreferrer">jdev@jabber.org</a>> Subject: Re: [jdev] [ANN] Bad XMPP - Connectivity test suite Message-ID: <5203905.4QTyD5tSvV@sinistra> Content-Type: text/plain; charset="utf-8" On Samstag, 28. M?rz 2020 19:55:15 CEST Kim Alvefur wrote: > Suggestions for additional tests are welcomed. I have a few! - Outright bogus DNSSEC - Expired DNSSEC - SRV record pointing at the root zone (`.`) mixed into other SRV records - Only a single SRV record pointing at the root zone (`.`) - Only DH suites with short (<1024 bits) DH parameters - Only "export" ciphers Not necessarily bad, but would be good as test cases either way: - DNSSEC-signed SRV record pointing at a hostname different from the domain name and the service only has a certificate for that hostname. This is valid from my understanding, but probably without widespread support. - No SRV record, only A/AAAA records. Echo-ing what moparisthebest suggested in xsf@:? - xmpps-server records where one of which points at an HTTPS port (with a valid one pointing at XMPPS) Thanks for this service! kind regards, Jonas ------------------------------ Subject: Digest Footer _______________________________________________ JDev mailing list <a href="mailto:JDev@jabber.org" target="_blank" rel="noreferrer">JDev@jabber.org</a> <a href="https://mail.jabber.org/mailman/listinfo/jdev" rel="noreferrer noreferrer" target="_blank">https://mail.jabber.org/mailman/listinfo/jdev</a> ------------------------------ End of JDev Digest, Vol 188, Issue 2 ************************************ </blockquote></div>