Project

General

Profile

where to download tigase-jaxmpp-3.0.0

shir Hu
Added almost 4 years ago

Hi,

I use tigase-jaxmpp-2.1 to do some pubsub on pubsub 3.0, found error, then I see you have tigase-jaxmpp-3.0.0, but I can't find the file, can you tell me where to download tigase-jaxmpp-3.0.0 ?


Replies (16)

(1)
Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam almost 4 years ago

Hi, I have created a ticket request: #2821 to add JaXMPP binaries for version 3.0 to our files section. Please add yourself to watchers of the ticket to receive automatic updates about progress. In the meantime you can get binaries from our maven repository: http://build.tigase.org/maven/tigase/

Added by shir Hu almost 4 years ago

I have download jaxmpp 3.0 and add them to my project, then I found that jaxmpp-core-3.0 doesn't contains modules like pubsub,muc and so on which in jaxmpp-core-2.1, So If I want to use other module, Only download from maven lib?

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam almost 4 years ago

Yes, check the maven lib. Let us know if you have any problems.

(1)

Added by shir Hu almost 4 years ago

I found a problem when I use jaxmpp-3.0.0, can not login in tigase server with ConnectionConfiguration.ConnectionType.socket, error shows

" Can't establish encrypted connection
javax.net.ssl.SSLHandshakeException: Cerificate hostname doesn't match domain name you want to connect.
    at tigase.jaxmpp.j2se.connectors.socket.SocketConnector.proceedTLS(SocketConnector.java:469)
    at tigase.jaxmpp.j2se.connectors.socket.SocketConnector.onTLSStanza(SocketConnector.java:390)
    at tigase.jaxmpp.j2se.connectors.socket.SocketConnector.processElement(SocketConnector.java:566)
    at tigase.jaxmpp.j2se.connectors.socket.SocketConnector$5.processElement(SocketConnector.java:765)
    at tigase.jaxmpp.j2se.connectors.socket.Worker$1.nextElement(Worker.java:49)
    at tigase.jaxmpp.j2se.connectors.socket.XMPPDomBuilderHandler.endElement(XMPPDomBuilderHandler.java:152)
    at tigase.xml.SimpleParser.parse(SimpleParser.java:323)
    at tigase.jaxmpp.j2se.connectors.socket.Worker.run(Worker.java:101)"

Only ConnectionConfiguration.ConnectionType.bosh can connect success. So If I want to use socket type, what should do for this?

Otherwise, When I try to create publish node by "PubSubModule module =jaxmpp.getModulesManager().getModule(PubSubModule.class);", Found that the module return null, I must regiter by"jaxmpp.getModulesManager().register(new PubSubModule());"brfore login with bosh type. But In version jaxmpp2.0, there was no need to do this. So can you tell me what happened about this?

Thank you very much.

Added by Wojciech Kapcia TigaseTeam almost 4 years ago

shir Hu wrote:

I found a problem when I use jaxmpp-3.0.0, can not login in tigase server with ConnectionConfiguration.ConnectionType.socket, error shows

[...]

Only ConnectionConfiguration.ConnectionType.bosh can connect success. So If I want to use socket type, what should do for this?

Well, error Cerificate hostname doesn't match domain name you want to connect. indicates that there is some problem with the certificate configuration of the server.

Otherwise, When I try to create publish node by "PubSubModule module =jaxmpp.getModulesManager().getModule(PubSubModule.class);", Found that the module return null, I must regiter by"jaxmpp.getModulesManager().register(new PubSubModule());"brfore login with bosh type. But In version jaxmpp2.0, there was no need to do this. So can you tell me what happened about this?

Thank you very much.

This is result of splitting library into the modules allowing to use only needed parts.

Added by shir Hu almost 4 years ago

So you mean that if I choose jaxmpp-3.0, should change some config on tigase server? What changes should I do? jaxmpp-2.1 can login success with no change.

Added by Wojciech Kapcia TigaseTeam almost 4 years ago

Jaxmpp3 performs strict validation of certificate name against the domain so it looks like the certificate that you've configured Tigase server with is not exactly correct / uses different domain name than the domain name you are trying to connect, hence the problem.

(1)
Avatar?id=6098&size=32x32

Added by Bartosz Malkowski TigaseTeam almost 4 years ago

Create certificate with correct CN or alternateName. It must be the same as domain (attribute 'to' from xmpp:stream) you connect to.

Or you can disable hostname verification:

jaxmpp.getSessionObject().setProperty(tigase.jaxmpp.j2se.connectors.socket.SocketConnector.HOSTNAME_VERIFIER_DISABLED_KEY, Boolean.TRUE);

Note, that in this case, your code will be man-in-the-middle attack vulnerable.

Added by shir Hu almost 4 years ago

I don't know where to config the certificate name, My tigase server config is:

--virt-hosts = shir-pc
--admins = admin@shir-pc
--debug = server
config-type = --gen-config-all

and client jaxmpp3 call method is:

Jaxmpp jaxmpp = new Jaxmpp();
jaxmpp.getConnectionConfiguration().setConnectionType(ConnectionConfiguration.ConnectionType.socket);
jaxmpp.getConnectionConfiguration().setUserJID("shir1@shir-pc");
jaxmpp.getConnectionConfiguration().setUserPassword("shir1");
jaxmpp.getConnectionConfiguration().setResource("develop");
jaxmpp.getConnectionConfiguration().setDomain("shir-pc");
jaxmpp.login(true);

I think the domain name is same as tigase server host name, So what's the difference?

(1)
Avatar?id=6098&size=32x32

Added by Bartosz Malkowski TigaseTeam almost 4 years ago

The problem is in X.509 certificate you have. Check your certificate.

Added by shir Hu almost 4 years ago

then I use trustManager from example code as follow:

 final Jaxmpp jaxmpp = new Jaxmpp();

        X509TrustManager trustManager = new X509TrustManager() {

            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // TODO Auto-generated method stub
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // TODO Auto-generated method stub
                System.out.println("SERVER CERTIFICATE: " + Arrays.toString(chain));
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                // TODO Auto-generated method stub
                return null;
            }
        };

        jaxmpp.getProperties().setUserProperty(SocketConnector.TRUST_MANAGERS_KEY, new X509TrustManager[] { trustManager });

        jaxmpp.getProperties().setUserProperty(SessionObject.USER_BARE_JID, BareJID.bareJIDInstance("shir1@shir-pc"));
        jaxmpp.getProperties().setUserProperty(SessionObject.PASSWORD, "shir1");

        System.out.println("Loging in...");

        jaxmpp.login();

also error :

 javax.net.ssl.SSLHandshakeException: Cerificate hostname doesn't match domain name you want to connect.

So I was confused, can you tell me if tigase server also should change config to adapt it?

Avatar?id=6098&size=32x32

Added by Bartosz Malkowski TigaseTeam almost 4 years ago

Show us server certificate

(1)

Added by shir Hu almost 4 years ago

Do you want this:

SERVER CERTIFICATE: [[
[
  Version: V1
  Subject: CN=etw-pc, CN=*.etw-pc, EMAILADDRESS=admin@tigase.org, OU=XMPP Service, O=Tigase.org
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 118366836843441669555139851293555300923132035251440225376090508012534461954325752418983460740123987341977140668271933767637651394358221822372265069320728305753401888488187346630950789617643292869523099844955178357643790628176211303508037898960465358401571481332429449543583727611185181254529112918582452069377
  public exponent: 65537
  Validity: [From: Tue Mar 03 10:19:07 CST 2015,
               To: Wed Mar 02 10:19:07 CST 2016]
  Issuer: CN=etw-pc, CN=*.etw-pc, EMAILADDRESS=admin@tigase.org, OU=XMPP Service, O=Tigase.org
  SerialNumber: [    54f51a1b]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 32 FB D6 13 C5 BE 86 43   4B 8E CF E5 3E 89 91 88  2......CK...>...
0010: 0C 52 1D 17 9A 2A DB 8B   C3 51 F5 BF FC 6C 93 47  .R...*...Q...l.G
0020: 1F A3 11 27 D3 47 F1 9C   CE 53 97 26 A0 E6 E2 88  ...'.G...S.&....
0030: 1C 52 5E 22 1E BE 60 40   9B 16 10 E6 88 30 A5 87  .R^"..`@.....0..
0040: D2 72 D2 55 F9 E4 D3 9E   FA 06 0B 9C 60 39 F1 83  .r.U........`9..
0050: 69 03 BD 90 38 05 0F 12   F8 2E 09 64 05 B1 66 A4  i...8......d..f.
0060: 5A 8E CB E6 B8 39 31 0C   C2 C7 85 E8 EC 6D C5 0F  Z....91......m..
0070: 99 72 90 F4 AD 66 62 D1   E1 D2 19 06 5A 93 AF 99  .r...fb.....Z...

]]
(1)
Avatar?id=6098&size=32x32

Added by Bartosz Malkowski TigaseTeam almost 4 years ago

etw-pc doesn't match to @shir-pc@.

Added by shir Hu almost 4 years ago

Sorry,It's a different machine. for this certificate, client code is:

     final Jaxmpp jaxmpp = new Jaxmpp();
        X509TrustManager trustManager = new X509TrustManager() {

            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // TODO Auto-generated method stub
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // TODO Auto-generated method stub
                System.out.println("SERVER CERTIFICATE: " + Arrays.toString(chain));
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                // TODO Auto-generated method stub
                return null;
            }
        };

        jaxmpp.getProperties().setUserProperty(SessionObject.USER_BARE_JID, BareJID.bareJIDInstance("shir1@etw-pc"));
        jaxmpp.getProperties().setUserProperty(SessionObject.PASSWORD, "shir1");
        jaxmpp.getProperties().setUserProperty(SessionObject.DOMAIN_NAME, "etw-pc");
        System.out.println("Loging in...");

        jaxmpp.login();

        Thread.sleep(10 * 60 * 1000);

        jaxmpp.disconnect();

Added by shir Hu almost 4 years ago

I switch to use jaxmpp-j2se source code, and debug it , found that

DefaultHostnameVerifier.java

function

verifyHostname(String hostname, X509Certificate x509Certificate)

here

x509Certificate.getSubjectAlternativeNames()

retrun null

then application occur error directly and didn't go on running follow code, then I add

if( x509Certificate.getSubjectAlternativeNames()!=null){...}

the code go on match hostname with X500Principal, All the things work well, So Is this a bug or somewhere I changed wrong?

    (1-16/16)