Just figured it out for myself. My code wasn't accounting for the
fact that Google isn't compliant with XMPP version 1.0, and doesn't
declare itself as such, either. That means I shouldn't send a
features block, which I was doing, and THAT was causing an error, as
it is not recognized by Google servers.
My response should look like this (and now does):
<stream:stream
xmlns="jabber:server"
xmlns:db="jabber:server:dialback"
from="my.domain.com"
xml:lang="en-US"
id="2008-03-26T16:28:28_oTQbW5UZrG8WToK6"
xmlns:stream="http://etherx.jabber.org/streams";>
<db:result
to="gmail.com"
from="my.domain.com"
type="valid">CAESBxCgprHrjiMaEMlPVX0Jr89lP8mzc8apK/0=</db:result>
<db:verify
to="gmail.com"
from="my.domain.com"
id="19ED6D56E951A5A6"
type="valid">cB+dfJ5ba8zJgOiIapniecsxAO8BdijQmjQCtYc6K28=</
db:verify>
</stream:stream>
On Mar 26, 12:38 pm, "John C." <[EMAIL PROTECTED]> wrote:
> First things first, I am not using jabberd or any of its variants.
> This is a custom development project I am doing as part of an effort
> to understand the ins and outs of XMPP development.
>
> However, I have created a server-to-server library that federates well
> with jabberd and its variants. I support dialback, TLS, manage the
> two sockets you need for S2S communication, and as I said...it works
> with jabberd.
>
> When I try to send a message to GoogleTalk, however, it starts the
> dialback process by connecting to my domain using DNS to find it
> (normal for the dialback process). It then makes one connection that
> doesn't seem to do anyting at all (though I try to talk to it as if it
> was a normal incoming XML stream), followed a 100 ms (max) later by a
> connection that actually starts the dialback process.
>
> GoogleTalk's servers opens a stream and sends me a db:result and
> db:verify element immediately. I figure what Google is trying to do
> is both verify my incoming dialback request (via the verify element)
> as well as allow me to verify the google connection so I will accept
> stanzas from it in future (via the result element).
>
> So, I verify the google connection using the db:result element by
> doing the normal dialback thing using DNS lookup, and then verify the
> verify element, telling google that the other incoming connection
> really is me, and write back my response elements.
>
> This is when Google responds with a not-authorized stream error. What
> in the heck is going on?
>
> Here is the full XML stream incoming from Google (with the not-
> authorized element at the end):
>
> <stream:stream
> id="4BBB3E63FB05661B"
> xmlns:stream="http://etherx.jabber.org/streams";
> xmlns="jabber:server"
> xmlns:db="jabber:server:dialback">
> <db:result
> to="my.domain.com"
> from="gmail.com">CAESBxCWg8TjjiMaEEUZTjPAUAKvUSNY2PV32OY=</
> db:result>
> <db:verify
> to="my.domain.com"
> from="gmail.com"
>
> id="47159FD4ACBA40F5">PHoU2uzNyspmgvF6LYBzbBiifEGUi91j74FjHHot4PU=</
> db:verify>
> <stream:error>
> <not-authorized xmlns="urn:ietf:params:xml:ns:xmpp-streams"/>
> </stream:error>
> </stream:stream>
>
> ...and here is what I sent to Google. It looks like garden-variety
> XMPP to me, unless I am missing something:
>
> <?xml version="1.0" encoding="utf-8"?>
> <stream:stream
> xmlns="jabber:server"
> xmlns:db="jabber:server:dialback"
> version="1.0"
> from="my.domain.com"
> id="2008-03-26T11:53:58_rsHhQU3dFYfJvkcK"
> xmlns:stream="http://etherx.jabber.org/streams";>
> <stream:features>
> <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls" />
> </stream:features>
> <db:result
> to="gmail.com"
> from="my.domain.com"
>
> type="valid">CAESBxCWg8TjjiMaEEUZTjPAUAKvUSNY2PV32OY=</db:result>
> <db:verify
> to="gmail.com"
> from="my.domain.com"
> id="47159FD4ACBA40F5"
> type="valid">PHoU2uzNyspmgvF6LYBzbBiifEGUi91j74FjHHot4PU=</
> db:verify>
> </stream:stream>
>
> All help would be greatly appreciated. I seem to be really close to
> breaking through the wall with GoogleTalk, as I know my library will
> communicate with other XMPP servers. I just can't get GoogleTalk to
> accept my dialback responses.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"google-talk-open" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/google-talk-open?hl=en
-~----------~----~----~----~------~----~------~--~---
