-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow using a custom XMPP server #12
Comments
It shouldn't be, I think I tested a jabber.org login and it worked, but I'll have to look into it more. XMPPFramework supports custom servers to my knowledge and if I recall correctly I even enabled the option to accept self signed SSL Certs. |
Already works with custom server |
@mkai have you been able to get it working with a custom server? You should be able to just type in account@example.com for the username field. Not sure whether I should mark this issue as closed or not because vitalyster says he has had success with his custom server. |
I'm not familiar neither Off-the-Record, nor xmppframework code, but proper xmpp client should get hostname to connect via dns SRV query - http://tools.ietf.org/html/rfc6120#section-3.2.1 |
I think XMPPFramework only works with hostname/domain differences for Google Talk via a hardcoded function, so that could explain the problem. |
I've set up my XMPP server with the relevant SRV DNS entries, so the resolving is not the problem. Rather it fails because I'm using a self-signed SSL cert. I can only connect if I change in OTRXMPPManager.m: - allowSelfSignedCertificates = NO;
- allowSSLHostNameMismatch = NO;
+ allowSelfSignedCertificates = YES;
+ allowSSLHostNameMismatch = YES; OTR key exchange and chatting works nicely, then. Only problem is the SSL cert. |
I have been working on a new Settings view and will now plan to make these options user-configurable in the next release. |
EDIT: I wrote that before your answer came in - great news! Thanks! I guess just changing that in upstream would compromise security for Google Talk users for no good reason - so I'd suggest adding a "Custom" tab to add a custom XMPP server, with a setting to allow self-signed SSL certs. My ObjC skills are very rusty, though. So I'll leave it up to you depending on if you think it would benefit the app. |
Good call. I was going to overhaul the way accounts were added as well and, On Thu, Apr 12, 2012 at 12:43 PM, Markus Kaiserswerth <
|
Hi Chris, I need to disable ARC in the project's settings to be able to compile OTRSettingsManager.m and OTRSetting.m:
If I disable ARC, I get the following exception when I tap "Settings" in the simulator:
On a similar note, I also got this error when compiling (solved it for testing by uncommenting the line until now):
Using Xcode Version 4.2.1 |
Try updating Xcode to 4.3.2 (only available for 10.7+ and through the Mac App Store), but I'll see if I can fix it for you. |
See if this fixes your issue: 1fa3d3f |
4.2.1 still complained about a missing storage attribute on some properties, so I googled a bit and did the following changes in order to compile ('strong' is nothing but a guess, so I'm not really up to sending a real pull request - hope it's helpful anyway): diff --git a/Off the Record/OTRSettingsGroup.h b/Off the Record/OTRSettingsGroup.h
index ed2f0c6..42cc7ad 100644
--- a/Off the Record/OTRSettingsGroup.h
+++ b/Off the Record/OTRSettingsGroup.h
@@ -10,8 +10,8 @@
@interface OTRSettingsGroup : NSObject
-@property (nonatomic, readonly) NSArray *settings;
-@property (nonatomic, readonly) NSString *title;
+@property (strong, nonatomic, readonly) NSArray *settings;
+@property (strong, nonatomic, readonly) NSString *title;
- (id) initWithTitle:(NSString*)newTitle settings:(NSArray*)newSettings;
diff --git a/Off the Record/OTRValueSetting.h b/Off the Record/OTRValueSetting.h
index ac07280..599d94e 100644
--- a/Off the Record/OTRValueSetting.h
+++ b/Off the Record/OTRValueSetting.h
@@ -10,7 +10,7 @@
@interface OTRValueSetting : OTRSetting
-@property (nonatomic, readonly) NSString *key;
+@property (strong, nonatomic, readonly) NSString *key;
@property (nonatomic) id value;
- (id) initWithTitle:(NSString*)newTitle description:(NSString*)newDescription settingsKey:(NSString*)newSettingsKey;
diff --git a/Off the Record/OTRViewSetting.h b/Off the Record/OTRViewSetting.h
index 99c61a5..3dd73f4 100644
--- a/Off the Record/OTRViewSetting.h
+++ b/Off the Record/OTRViewSetting.h
@@ -15,7 +15,7 @@
@interface OTRViewSetting : OTRSetting
-@property (nonatomic, readonly) Class viewControllerClass;
+@property (strong, nonatomic, readonly) Class viewControllerClass;
@property (nonatomic, retain) id<OTRViewSettingDelegate> delegate;
|
Yeah, I need to read a little bit more about ARC conventions, but it seems On Fri, Apr 13, 2012 at 10:14 AM, Markus Kaiserswerth <
|
As for the runtime behaviour: it works and I can connect using the new options! There's a small bug, however: if I enable the option and then try to connect directly afterwards, it doesn't work. I have to restart the app in order for it to pickup the setting. I guess the setting's just not updated or not read from UserDefaults. After that initial hiccup, it always works. |
And please don't bother spending time on supporting 4.2.1 on my account :) I've just upgraded to 4.3.2. |
Oh sweet! I'm glad it works for you. It looks like I forgot to "synchronize" the NSUserDefaults somewhere, I'll look into that. Thanks! |
Ok I'm gonna close this issue, feel free to reopen it if you have any other problems. Thanks! |
Just a small point on security. Once multiple xmpp accounts are supported, self-signing needs to be a per-account setting, otherwise services like gtalk will be open to man-in-the-middle attacks. Also important is to notify the user whenever the self-signed certificate changes - again, to make MitM attacks visible. |
(mitm attacks are much more likely on mobile devices, which connect to a lot of open wifi networks. :) |
This is a very good catch. I'll make it a priority to make those options per-account. I'll see if I can implement a notification when the self-signed certificate changes as well, although this might require some hacking on XMPPFramework. |
Thanks for your effort!
I'm using my own XMPP server (ejabberd) - do you think adding support for using arbitrary XMPP servers besides Google's would be a major undertaking?
The text was updated successfully, but these errors were encountered: