Am 01.07.19 um 10:08 schrieb Dave Cridland:
[...]
Do you know which server implementations currently support both TLS and
non-TLS (with STARTLS) on the same port?
I have a vague recollection that Fippo mentioned this trick years ago -
perhaps Psyc, perhaps even the original Jabberd?
psyced supports that, as well as good old jabberd14.
Servers can do this by trying a (non-destructive) XML parse on the data,
and if that fails (with any error other than EOF), try interpreting it as a
TLS ClientHello handshake message. I think you could probably make some
heuristic based on the first character, too, and I think that's what Fippo
mentioned.
the heuristic works the other way round. You peek the first byte (i.e.
call recv with MSG_PEEK) .
0x16 means a TLSv1 record (and I think newer versions too), 0x80 or 0x00
indicate the evil SSLv2 (skip this), 0x3c ('<') is actually xml you can
feed into your xml parser. You can also demultiplex this on port 80 or
443 and run your web server along with your xmpp server.
If I say "Fippo" a third time, I think it summons him and he might
comment...
it does :-)
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: [email protected]
_______________________________________________
