SSL (was Re: [JDEV] new RFC draft)
stpeter at jabber.org
Mon Feb 4 09:54:49 CST 2002
Dizzy has been planning to add SSL support to the Server Connection
Manager he built on top of JECL, however he's been awfully busy so I think
he hasn't gotten to it yet (he'd need to build SSL support into the
underlying libraries and that's not exactly straightforward).
email+jabber: stpeter at jabber.org
On Mon, 4 Feb 2002, Chris Pile wrote:
> I have compiled jabber with SSL support and can successfully
> listen/connect on the SSL/non-SSL client ports (5223/5222), but it
> doesn't listen on the SSL s2s port (5270). You can see the server
> listening on the standard/non-SSL s2s port 5269.
> $ netstat -an | grep 52
> tcp4 0 0 192.168.1.10.5269 *.* LISTEN
> tcp4 0 0 192.168.1.10.5223 *.* LISTEN
> tcp4 0 0 192.168.1.10.5222 *.* LISTEN
> Just had a quick look through the code (in particular dialback.c) and it
> doesn't look like SSL s2s has been implemented. As you said Peter, the
> RFC is just protocol, it doesn't describe how the server is implemented.
> Shame though SSL s2s would be very nice, especially for a large internal
> messaging system spread accross different locations/servers. I have
> heard of ppl connecting jabber servers using IPsec/VPNs but if s2s could
> use SSL, there would be no need for a VPN.
> Looking at client.c and dialback.c I shouldn't imagine it is difficult
> to use SSL for s2s, but then I could be totally wrong. Temas, any
> Peter Saint-Andre wrote:
> > > I tried the following but port 5270 isn't listening. Also I have
> > > successfully compiled SSL support and I'm using this for clients. I'm
> > > using the CVS version of jabber2, checked out on Jan 17th.
> > Well we must keep in mind that the RFC is just protocol for the
> > standards-inclined. Everything but protocol is just an implementation
> > detail. :)
> > But yes you can run the 1.4 series server with SSL, but you need to
> > compile the server with the SSL libraries and so on. I haven't done that
> > myself so I can't tell you how to do it, though.
> > Peter
> > _______________________________________________
> > jdev mailing list
> > jdev at jabber.org
> > http://mailman.jabber.org/listinfo/jdev
> jdev mailing list
> jdev at jabber.org
More information about the JDev