|
|
Close Help | ||||||||||||||
[Please don’t stop my drama….]
I hope I’m wrong. I hope I’m just an idiot and someone can explain to me what I just can’t quite seem to grasp.
It seems to me that google isn’t following XMPP spec, at least in the initial negotiation. A usual connection negotiation session looks like this:
<stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' to='freebsdgirl.com' from='xmpp.us' version='1.0' id='1slcbstvomrcwpcjw2kyoz5kpxjj9ruajgmu9gpx'>
<stream:features xmlns:stream='http://etherx.jabber.org/streams'>
<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
<mechanism>DIGEST-MD5</mechanism>
<mechanism>PLAIN</mechanism>
</mechanisms>
</stream:features>
Here’s what Google does:
<stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="talk.google.com" id="EC5484B5" version="1.0">
<stream:features>
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
</stream:features>
See anything missing? Now, Google states that the only authentication method they support is SASL PLAIN, so uh….yeah. As a result, some clients are broken. I’m curious, is SASL PLAIN thought to be the default if the authentication type isn’t specified in the stream:features? I’m really not that familiar with the Jabber/XMPP protocol, so enlighten me, please.
You must be logged in to post a comment.
[powered by WordPress.]
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
| « May | ||||||
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | |
24 queries. 0.254 seconds
August 31st, 2005 at 3:02 am
Google only supports plain authentication, but that would give away your password. So it requires you to do TLS. You can do it all over TLS using port 5223 (IIRC), or you negotiate TLS on port 5222 (the recommended way). Then you have two choices of authentication PLAIN (ie, just send your password), or X-GOOGLE-TOKEN, which I presume is the same as you gmail.com cookie.
August 31st, 2005 at 9:27 am
Well, I’m aware of that - they only support SASL PLAIN. However, they should specify they support this in the preamble - as according to the RFC. After I got done writing this, I read over *all* the XMPP RFC’s - so boring, blah. They should have transmitted a mechanisms field, either at start, or after the TLS session was established - and as far as I can tell, they did neither.
October 6th, 2005 at 3:10 pm
I actually receieve the following when I connect which includes the mechanism field:
X-GOOGLE-TOKEN
The problem I’m having is I’m trying to figure out how to generate the X-GOOGLE-TOKEN. Apperently it is base64 encoded and contains two null terminated strings: 1) your account, 2) a base 64 encoded string. The second string appears to be encrypted and I’m guessing contains the authentication information. It is also appears to be required to negotiate a voice connection and seems to be generated by the client. I’m trying to write my own client but this has been a roadblock for me. Any suggestions?
October 6th, 2005 at 3:15 pm
I apologise for the previous post. Apperently the ‘<’ and ‘>’ in my post were not automagically escaped. Here is the XML fragment with those escaped:
<?xml version=”1.0″ encoding=”UTF-8″?>
<stream:stream from=”gmail.com” id=”379BECCD” version=”1.0″ xmlns:stream=”http://etherx.jabber.org/streams” xmlns=”jabber:client”>
<stream:features>
<starttls xmlns=”urn:ietf:params:xml:ns:xmpp-tls”/>
<mechanisms xmlns=”urn:ietf:params:xml:ns:xmpp-sasl”>
<mechanism>X-GOOGLE-TOKEN</mechanism>
</mechanisms>
</stream:features>
October 7th, 2005 at 9:36 am
Good luck getting Google to help. They just point you at their “here’s our news!” page. It’s going to be hard to write a fully supported client until they actually do publish their implimentation specs the way they’ve been promising to do - “eventually”.
For how neat and cool and fun and new Google’s talk is, I’m not happy with the way Google has handled it thus far. Breaking the spec was one thing, but then refusing to give any information on it? They claim they want to promote partnerships, development, and overall flexibility in their product, but they aren’t really giving us much here to work with.
Regarding what you posted, that’s totally new. Before they weren’t posting a mechanisms tag at all. I’ll play with it and see if I can figure something out, but I put this project aside a while back.
February 5th, 2006 at 8:06 am
Here’s the solution to your problem:
http://dystopics.dump.be/2006/02/04/the-mysteries-of-x-google-token-and-why-it-matters/
April 25th, 2006 at 7:04 pm
[…] Yeah, so Google, what’s up with that? Are you angry because I dissed your support team as well as gtalk? [link] […]