On 9/7/11, Christopher Orr <[email protected]> wrote: > Hi all, > > Does anybody know if there is any XMPP proxy software out there, > specifically that can act as a man-in-the-middle for debug purposes? > > Something like: > - Client attempts connection to Server > - Connection is re-routed to Proxy > - Proxy forwards stanzas to Server > - Proxy doesn't advertise <starttls> to Client > - Proxy handles TLS with the Server > - Traffic between Client and Proxy is plaintext and can be observed > > This would be useful with proprietary clients, where there isn't a > chance to access the server or to disable TLS for a given account. > > Or for clients that insist on TLS, more advanced would be to allow TLS > between Client and Proxy (assuming the Client trusts the certificate the > Proxy provides), similar to the awesome Charles Proxy (for HTTP) [1]. > > Anyway, any pointers would be appreciated.
How about stunnel? Or if clients want to insist on ssl (I don't think it supports TLS), two stunnels: client<-ssl->stunnel<-plaintext->stunnel<-ssl->server I've done that at least once, though not for xmpp traffic. > Thanks, > Chris > > [1]: http://charlesproxy.com/documentation/proxying/ssl-proxying/ > _______________________________________________ > JDev mailing list > Info: http://mail.jabber.org/mailman/listinfo/jdev > Unsubscribe: [email protected] > _______________________________________________ > -- viq _______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
