[Standards] XEP-0065: SOCKS5 acknowledgement after stream activation
justin-keyword-jabber.093179 at affinix.com
Mon May 7 23:33:03 UTC 2007
On Monday 07 May 2007 3:51 pm, Peter Saint-Andre wrote:
> Peter Saint-Andre wrote:
> > Jakob Schroeter wrote:
> >> Hi,
> >> On Tue May 1 2007, Justin Karneges wrote:
> >>> On Monday 30 April 2007 3:37 pm, Jakob Schroeter wrote:
> >>>> However, it seems this is not inline with the SOCKS5 spec, e.g.
> >>>> immediately after the proxy acknowledged the connection to the target
> >>>> (Section 4.6 in XEP-0065) the stream is ready to be used as far as
> >>>> SOCKS5
> >>>> is concerned. So calling this a 'SOCKS5 acknowledgement' is wrong,
> >>>> IMHO.
> >>> You're right, this looks like a goof. Example 19 and the text above it
> >>> should be removed I think, although I have not double-checked with my
> >>> own
> >>> code.
> >>>> Further, it appears neither of the clients I tested against
> >>>> (Iris/Kopete/Psi, Gajim, Tkabber) nor proxy65 are sending or expecting
> >>>> such additional byte/s (if it were SOCKS5, it'd be at least two bytes:
> >>>> X'05', X'00').
> >>> The SOCKS5 snippets in the XEP use a short-hand, they do not describe
> >>> entire packets. I believe the "STATUS = X'00'" refers to the entire
> >>> response packet, and that is just the only field we care about. E.g.
> >>> this
> >>> would have been the same as the meaning of Example 15.
> >>>> Is this a left-over from an earlier revision? Would peeple be
> >>>> interested
> >>>> in a (in-band?) stream-active notification from stream host to target?
> >>> For what purpose?
> >> A simple file retrieval protocol could use it, similar to the good old
> >> 'fax polling'. Anyway, I was just wondering about this when
> >> implementing 0065, and it'd be fine with me if Example 19 would be
> >> removed as you proposed.
> > That seems correct.
> Er, no, I think it's a simple copy-and-paste error, where I didn't
> change "Target" to "Initiator". The text should say:
> The Proxy MUST then send SOCKS5 acknowledgement of the connection to the
> Example 19. StreamHost Acknowledges Connection to Initiator
> STATUS = X'00'
In the Iris implementation, the SOCKS5 handshake between the initiator and the
streamhost must complete before the initiator sends the <activate> request
From section 4.8: "If the StreamHost used is a Proxy, the Initiator MUST
authenticate and establish a connection with the StreamHost before requesting
that the StreamHost activate bytestream." I read "authenticate and
establish" to mean the entire process of the SOCKS5 handshake, including
acks. This would mean that the ack would occur during 4.8, and has no place
I vote we drop example 19, and possibly clarify section 4.8.
More information about the Standards