[Telepathy] telepathy-gabble and authenticated SOCKS5 proxy
Simon McVittie
simon.mcvittie at collabora.co.uk
Mon Jun 29 06:38:41 PDT 2009
On Mon, 29 Jun 2009 at 12:22:13 +0000, webm0nk3y at gmail.com wrote:
> >Main reason is because http://xmpp.org/extensions/xep-0065.html doesn't
> >mention proxy authentication and I have no idea how we are suppose to
> >manage that (is that even possible in that context?).
>
> >Furthermore, I don't know any proxy requiring authentification.
>
> Does anyone know of a way to provide s5b proxies that are limited to
> specific jabber
> users without using SOCKS5 username/password authentication?
As I understand it, you need a specialized S5B server that integrates with the
XMPP server; the protocol's "syntax" is the same as SOCKS5, but the semantics
are different (XMPP users using XEP-0065 send a request to connect to
port 0 on a nonexistent host, which wouldn't make any sense at all in normal
SOCKS5).
As a result, the S5B server can reject all normal SOCKS5 connections, and only
allow the connections required by XEP-0065 (which are handed out by the
XEP-0065 Stream Host - in practice, that's also the S5B server - so the
Stream Host has control over how many connections there are and who is
allowed to start one).
I believe XMPP servers generally have an integrated S5B proxy for this reason,
and can be configured to only allow the users of that server to make
connections through it; you don't need to (and can't) recycle a
general-purpose SOCKS5 proxy.
Simon
More information about the telepathy
mailing list