Ignite Realtime: XIFF, TLS, Google Talk, SecureSocket -...

Up to Discussions in XIFF

9197 Views 47 Replies Latest reply: Nov 3, 2011 10:18 AM by varmando

Branched to a new discussion.

gretel

24 posts since
Apr 13, 2010

Currently Being Moderated

Sep 7, 2010 8:05 AM

XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers

dear staff and developers,

it is frustrating to read through all the (outdated) threads, collect the various patches, apply them correctly, mess around with as3crypto and still not be able to connect to Google Talk or other servers requiring TLS.

please, start to merge the patches into svn head. then we will be able to test things properly and support not-so-hardcore as3 developers in this forum. let us work together to make your release of XIFF 3.0.0 a success - including proper support for TLS on all major xmpp server implementations including Google Talk.

in addition, i'm working on an extension of XMPPConnection that utilizes SecureSocket (http://help.adobe.com/en_US/FlashPlatform/beta/reference/actionscript/3/flash/ne t/SecureSocket.html) of AIR 2.0 which is going to be released soon as a part of Adobe CS5. i'm willing to contribute this class but it still needs lots of testing.

my suggestion of next steps to take:

- contact authors of the patches, agree on contribution

- merge patches into svn head

- write a tutorial on how to get XIFF running with TLS/Google Talk (including a how-to patch and compile as3crypto)

- release another beta of XIFF

- start testing, include feedback

- progress and continue

thank you very much - i'm looking forward to your comments!

Like (0)

Tags: flex, google, talk, actionscript, xiff, air, testing, as3, beta, tls, support, cs5, as3crypto, swc

Mark Walters
144 posts since
Feb 5, 2009

Currently Being Moderated

Apr 13, 2010 6:47 PM (in response to gretel)
Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers

Are you working off of the SVN trunk or the last beta release? It kind of seems like you're still on the beta.

We try to commit patches as they are submitted and tested and as3crypto is included as a compiled swc in the trunk.

Report Abuse

Like (0)
- gretel
  24 posts since
  Apr 13, 2010
  
  Currently Being Moderated
  
  Apr 14, 2010 3:51 AM (in response to Mark Walters)
  Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
  
  i'm working off the svn trunk. i would be very helpful to know which patches are included in both xiff and the bundled as3crypto.
  
  Report Abuse
  
  Like (0)
- gretel
  24 posts since
  Apr 13, 2010
  
  Currently Being Moderated
  
  Apr 15, 2010 2:35 AM (in response to Mark Walters)
  Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
  
  i've spent some days to fix a whole bunch of issues and submit patches accordingly - please have a look at my recent posts. due to the lack of any replies from staff i'm starting to wonder if it makes sense to feed my work back to this community.
  
  Report Abuse
  
  Like (0)
  - Daryl Herzmann
    1,060 posts since
    Mar 12, 2005
    
    Currently Being Moderated
    
    Apr 15, 2010 5:43 AM (in response to gretel)
    Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
    
    Hello,
    
    Why not just become a SVN committer yourself? I can get you setup with Jira permissions to start creating tickets and attaching patches there. What is your Jira username?
    
    daryl
    
    Report Abuse
    
    Like (0)
    - gretel
      24 posts since
      Apr 13, 2010
      
      Currently Being Moderated
      
      Apr 15, 2010 5:46 AM (in response to Daryl Herzmann)
      Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
      
      of course, why not. username is gretel.
      
      Report Abuse
      
      Like (0)
      - Daryl Herzmann
        1,060 posts since
        Mar 12, 2005
        
        Currently Being Moderated
        
        Apr 15, 2010 5:50 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Great, thanks! I added you to xiff-developers on Jira. I don't have the power to get you SVN committer rights yet, but will ping the necessary folks on that.
        
        daryl
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        Apr 17, 2010 7:17 AM (in response to Daryl Herzmann)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        ok, i'm standing by.
        
        Report Abuse
        
        Like (0)
        
        Daryl Herzmann
        1,060 posts since
        Mar 12, 2005
        
        Currently Being Moderated
        
        Apr 20, 2010 11:42 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Gretel,
        
        Sorry for the delays, I have not been able to get a hold of the guy who can get you access. Still trying.
        
        daryl
        
        Report Abuse
        
        Like (0)
        
        Daryl Herzmann
        1,060 posts since
        Mar 12, 2005
        
        Currently Being Moderated
        
        Apr 28, 2010 10:45 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Gretel,
        
        Are you all set now?
        
        daryl
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 1, 2010 10:19 AM (in response to Daryl Herzmann)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        yes, i've been busy but just commited my changes to XMPPTLSConnection.as - regards
        
        Report Abuse
        
        Like (0)
        
        oanguenot
        7 posts since
        May 6, 2010
        
        Currently Being Moderated
        
        May 6, 2010 12:48 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Hi Gretel,
        
        Is the XIFF library working with GTalk with your modification ?
        
        I try to connect to GTalk using XIFF and the XMPPTLSConnection class. Is it the right class to use (I have downloaded the latest version of the source code yesterday) ?
        
        What parameters must I use concerning the domain, the tlsconfig ?
        
        Thanks in advance for your help.
        
        Regards,
        Olivier
        
        Report Abuse
        
        Like (0)
        
        oanguenot
        7 posts since
        May 6, 2010
        
        Currently Being Moderated
        
        May 6, 2010 1:06 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Regarding the trace I received from the GTalk server, I have :
        
        <mechanism>X-GOOGLE-TOKEN</mechanism>
        
        This mechanism seems to be not taken into account in the XIFF library.
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 6, 2010 3:48 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Google Talk offers SASL PLAIN which is supported by the XIFF library. google's token based authentication is announced, but just skipped.
        
        Report Abuse
        
        Like (1)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 6, 2010 3:46 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        yes it does work with Google Talk, XMPPTLSConnection is the way to go.
        you have to check out the source from the subversion respository instead of downloading the release.
        the TLS configuration needs to be adjusted to accept commonCertificateMismatchs.
        set the domain property according to your account, i.e. 'googlemail.com'.
        
        Report Abuse
        
        Like (0)
        
        oanguenot
        7 posts since
        May 6, 2010
        
        Currently Being Moderated
        
        May 6, 2010 4:45 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Thanks for your response Gretel!
        
        I have downloaded the last version from SVN with your modification (11692).
        
        I have created a little application (AIR) with 2 libraries in reference:
        - xiff
        - as3crypto
        
        I use the FB4 framework to build my application.
        
        When trying to connect to Google, I have the following error:
        
        [IM&PR] :: <infos> - Sent:<?xml version="1.0" encoding="UTF-8"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="googlemail.com" xml:lang="en" version="1.0">
        [IM&PR] :: <infos> - Connected to Presence and IM Server
        [IM&PR] :: <infos> - Received:<stream:stream from="googlemail.com" id="C05F97AE99882553" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client"><stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>X-GOOGLE-TOKEN</mechanism>< /mechanisms></stream:features>
        [IM&PR] :: <infos> - Sent:<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls' />
        [IM&PR] :: <error> - Code:-1 The server is not configured to support any available SASL mechanisms
        [IM&PR] :: <infos> - Received:<proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
        [IM&PR] :: <infos> - Sent:<?xml version="1.0" encoding="UTF-8"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="googlemail.com" xml:lang="en" version="1.0">
        Error: pure virtual function call: fromDERContent
        
        Here is how I have configured my connection:
        
        tlsConnection = new XMPPTLSConnection();
        tlsConnection.port = 5222;
        tlsConnection.password = "...";
        tlsConnection.username = "...";
        tlsConnection.domain = "googlemail.com";
        tlsConnection.resource = "xiff";
        tlsConnection.server = "talk.google.com";
        tlsConnection.useAnonymousLogin = false;
        
        I don't know how to configure the tlsConnection.config object and what is the option to accept "commonCertificateMismatchs".
        
        Thanks in advance for your help,
        Regards,
        Olivier
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 6, 2010 4:50 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        everything seems fine, except your version of as3crypto fails. you don't need to change the TLS configuration - XIFF sets the property i've mentioned by itself (which is not a good idea. though).
        as3crypto release 1.3, svn (google code) and the one included with XIFF are all flawed.
        try using my patched one available at github:
        http://github.com/gretel/as3crypto_patched/raw/master/bin/as3crypto_patched.swc
        
        Report Abuse
        
        Like (0)
        
        oanguenot
        7 posts since
        May 6, 2010
        
        Currently Being Moderated
        
        May 6, 2010 5:21 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Hi Gretel,
        
        I have tried with your patched library.
        
        using domain="google.com", the connection goes ahead but I have still an error:
        
        Received:<stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism >X-GOOGLE-TOKEN</mechanism></mechanisms></stream:features>
        Sent:<auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">b2FuZ3Vlbm90QGdtYWlsLmNvbUBnb29nbGUuY2 9tAG9hbmd1ZW5vdEBnbWFpbC5jb20AamFiYmFoNzU=</auth>
        Received:<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><invalid-authzid/></failure>
        Code:401
        
        Using domain="gmail.com", I have the following error:
        
        TLSEngine shutdown triggered by Error: Invalid common name: gmail.com, expected talk.google.com
        
        Have you an idea of the problem ?
        
        Thanks in advance,
        Olivier
        
        PS: What is the difference with your lib as3xmppclient ?
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 6, 2010 5:29 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        seems like i have been wrong, you need to configure TLS to accept the certificates common name mismatch, set ignoreCommonNameMismatch to true.
        
        <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><invalid-authzid/></failure>
        
        your authentication request is rejected.
        as i said, use 'googlemail.com' as domain as long as you do not use a Google Apps account to authenticate.
        
        Report Abuse
        
        Like (0)
        
        oanguenot
        7 posts since
        May 6, 2010
        
        Currently Being Moderated
        
        May 6, 2010 6:07 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Hi Gretel,
        
        Here is my configuration:
        
        tlsConnection.domain = "googlemail.com";
        tlsConnection.resource = "test";
        tlsConnection.server = "talk.google.com";
        tlsConnection.username = "olivier.anguenot";
        
        But I still have the error:
        TLSEngine shutdown triggered by Error: Invalid common name: googlemail.com, expected talk.google.com
        
        So if I understood, it's my tlsConfig that is not configured correctly:
        
        Here is what I have:
        
        tlsConnection.config = new TLSConfig(0);
        tlsConnection.config.ignoreCommonNameMismatch = true;
        tlsConnection.connect();
        
        I don't know what must be the entity parameter in the TLSConfig.
        
        Thanks in advance for your help,
        Olivier
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 6, 2010 6:08 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        dunno what's wrong, i'm very busy at the moment. try getting the source of as3crypto (from my git) and compile it with that property set to true as default.
        
        Report Abuse
        
        Like (0)
        
        oanguenot
        7 posts since
        May 6, 2010
        
        Currently Being Moderated
        
        May 6, 2010 6:42 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Hi Gretel,
        
        Sorry if I have disturbing you...
        
        I have successfully connected to Google Talk (good news!), but with the following strange modifications:
        
        - in TLSEngine (line 816), the _config.ignoreCommonNameMismatch was always to false, so, like you said, I have hard coded the ignoreCommonNameMismatch to true in the TLSConfig file.
        - I must use domain="gmail.com" instead of "googlemail.com" perhaps because my account is linked to two address (one in gmail.com and one in free.fr) else I receive an <not-authorized/> error.
        
        So I think, I don't have success to configure my TLSConfig. If you have time to check this point later...
        
        Thanks for your help and for making Google Talk accessible from Flex
        
        Regards,
        Olivier
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 6, 2010 6:45 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        great news! XIFF is still far from being perfect or at least easily usable with servers requiring TLS. thanks for testing and providing feeback.
        
        Report Abuse
        
        Like (0)
        
        oanguenot
        7 posts since
        May 6, 2010
        
        Currently Being Moderated
        
        May 7, 2010 6:02 AM (in response to gretel)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Hi Gretel,
        
        My new problem is that when I'm in my office desk, I'm behind a proxy. I have the following trace:
        
        <?xml version="1.0" encoding="UTF-8"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" to="gmail.com" xml:lang="en" version="1.0">
        <stream:stream from="gmail.com" id="011B96E2E321A9A6" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
        <stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>X-GOOGLE-TOKEN</mechanism>< /mechanisms></stream:features>
        Code:-1 The server is not configured to support any available SASL mechanisms
        
        I was expecting rather to not get any answer. It look like yesterday the problem with the old version of as3crypto.
        
        Is there a way to work with proxy (only host and port, no authentication) ?
        
        I have tried to compile the as3crypto and the xiff library using the RFC2817Socket class and adding a setProxyInfo(...) each before the connect() but without succes.
        
        Have you an other idea to go through the proxy ?
        
        Thanks in advance,
        Olivier
        
        Report Abuse
        
        Like (0)
        
        gretel
        24 posts since
        Apr 13, 2010
        
        Currently Being Moderated
        
        May 7, 2010 6:08 AM (in response to oanguenot)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        no, sorry. i guess i depends on the type of proxy - never tried it with any proxy, though. you could try using BOSH instead.
        
        Report Abuse
        
        Like (0)
Nipponeter
7 posts since
Jan 29, 2010

Currently Being Moderated

Apr 14, 2010 1:02 AM (in response to gretel)
Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers

If you are referring to the code I posted on the forum which i have not submitted, it is because I do not have the resources to test it on every server and I am developing on an older codebase, which means I am not really in a position to submit it.

If you are testing it and having trouble on other platforms I would be happy to help. If the kinks have been worked out and it works on the latest version we could then submit it.

Cheers

Report Abuse

Like (0)
- gretel
  24 posts since
  Apr 13, 2010
  
  Currently Being Moderated
  
  Apr 14, 2010 3:53 AM (in response to Nipponeter)
  Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
  
  thanks, i'm going to try a vanilla svn trunk again and diff that to your patches as soon as possible.
  
  Report Abuse
  
  Like (0)
- gretel
  24 posts since
  Apr 13, 2010
  
  Currently Being Moderated
  
  Apr 14, 2010 7:20 AM (in response to Nipponeter)
  Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
  
  please see http://www.igniterealtime.org/community/message/202513#202513
  
  Report Abuse
  
  Like (0)
Anshul
12 posts since
Aug 25, 2010

Currently Being Moderated

Aug 25, 2010 5:19 AM (in response to gretel)
Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers

I was using XMPPTLSConenction to connect to an Openfire server using TLS.
However, I kept getting the error : " Can not verify certificate"!.

Openfire generates self signed certificates, so I made config.trustselfsignedcertificates=true;
However the error persisted.

After some debugging, I found the error to be at Line 224 in XMPPTLSConnection.as, which did not send the TLSConfig object to startTLS(), which took default value as null and passed that to init() which created a new TLSConfig object, thereby ignoring my chage to config.trustSelfSignedCertificates.

The error can be resolved by simply changing line 224 to:
_tlsSocket.startTLS(socket, this.server,_config);

Cheers

Report Abuse

Like (0)
- Mark Walters
  144 posts since
  Feb 5, 2009
  
  Currently Being Moderated
  
  Aug 26, 2010 5:31 PM (in response to Anshul)
  Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
  
  You're right Anshul... I was actually already in the process of updating this class for this reason. It'll be up soon.
  
  Report Abuse
  
  Like (0)
  - Mark Walters
    144 posts since
    Feb 5, 2009
    
    Currently Being Moderated
    
    Aug 27, 2010 12:28 PM (in response to Mark Walters)
    Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
    
    ~~XIFF-74~~ was created to reference this issue and has now been resolved.
    
    Report Abuse
    
    Like (0)
Mark Walters
144 posts since
Feb 5, 2009

Currently Being Moderated

Aug 27, 2010 1:34 PM (in response to gretel)
Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers

XIFF has been updated so that TLS is now successfully working to connect to Google Talk (at least in my tests) with the default classes in the trunk without any patches necessary for the end user.
Please test as well, these updates will be included in the 3.0.1 release.

Note: When connecting with Google Talk, you will need to ignore common name mismatches in the config.

Example code:

var connection:XMPPTLSConnection = new XMPPTLSConnection(); var config:TLSConfig = new TLSConfig( TLSEngine.CLIENT ); config.ignoreCommonNameMismatch = true; connection.config = config;

Server should be: talk.google.com

Report Abuse

Like (0)
- Anshul
  12 posts since
  Aug 25, 2010
  
  Currently Being Moderated
  
  Sep 1, 2010 12:27 AM (in response to Mark Walters)
  Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
  
  Hi Mark,
  
  I am not able to log on to Google Talk. How are we handling the X-Google-Token Mechanism?
  
  Report Abuse
  
  Like (0)
  - Mark Walters
    144 posts since
    Feb 5, 2009
    
    Currently Being Moderated
    
    Sep 1, 2010 2:12 AM (in response to Anshul)
    Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
    
    Just to verify, you are using the latest trunk?
    Google Talk also offers SASL PLAIN. X-Google-Token is skipped for PLAIN.
    My connection was setup with domain = gmail.com and server = talk.google.com.
    Any details you can provide?
    
    Report Abuse
    
    Like (1)
    - Anshul
      12 posts since
      Aug 25, 2010
      
      Currently Being Moderated
      
      Sep 1, 2010 3:13 AM (in response to Mark Walters)
      Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
      
      The trace output I am getting :
      
      IncomingDataEvent
      Error :The server is not configured to support any available SASL mechanisms
      
      Type 2 method: 1ms
      PKCS#1 unpad: i=1, expected b[i]==1, got b[i]=8f
      TLSEngine shutdown triggered by Error: Decrypt error - padding function returned null!
      
      Report Abuse
      
      Like (0)
    - Anshul
      12 posts since
      Aug 25, 2010
      
      Currently Being Moderated
      
      Sep 1, 2010 3:15 AM (in response to Mark Walters)
      Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
      
      From: Anshul Goel
      Sent: Wednesday, September 01, 2010 3:44 PM
      To: Anshul Goel
      Subject: RE: Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers - Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
      
      I also added “X-GOOGLE-TOKEN” to saslMechanisms but still get the error. Which version of as3crypto are you using?
      
      Report Abuse
      
      Like (0)
      - Mark Walters
        144 posts since
        Feb 5, 2009
        
        Currently Being Moderated
        
        Sep 1, 2010 7:14 AM (in response to Anshul)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        You should be using the as3crypto that is included in the trunk.
        That crypto version is patched correctly to handle Google Talk.
        And again, you should not need X_GOOGLE_TOKEN.
        If you want to PM me a link to your code, I can verify what you have.
        
        Report Abuse
        
        Like (0)
        
        Anshul
        12 posts since
        Aug 25, 2010
        
        Currently Being Moderated
        
        Sep 1, 2010 7:56 AM (in response to Mark Walters)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        After syncing the latest XIFF code I am getting this error :
        
        IncomingDataEvent
        Error :Unknown Error
        
        Report Abuse
        
        Like (0)
        
        Mark Walters
        144 posts since
        Feb 5, 2009
        
        Currently Being Moderated
        
        Sep 1, 2010 8:03 AM (in response to Anshul)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Not much to go on there.
        Can you share some code?
        
        Report Abuse
        
        Like (0)
        
        Anshul
        12 posts since
        Aug 25, 2010
        
        Currently Being Moderated
        
        Sep 1, 2010 8:08 AM (in response to Mark Walters)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        _connection = new XMPPTLSConnection();
                          _connection.username = username;
                          _connection.password = password;
                          _connection.server = server;
                          _connection.port = 5222;
        
                          if(server=="talk.google.com")_connection.domain= "gmail.com";
                          if(useTLS)
                          {_connection.tls=true;
                          _connection.config=new TLSConfig(TLSEngine.CLIENT);
                          _connection.config.trustSelfSignedCertificates=true;
                          _connection.config.ignoreCommonNameMismatch=true;
                          }
        
                          return connection.connect(XMPPConnection.STREAMTYPE_FLASH);
        
        Report Abuse
        
        Like (0)
        
        Mark Walters
        144 posts since
        Feb 5, 2009
        
        Currently Being Moderated
        
        Sep 1, 2010 8:27 AM (in response to Anshul)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Remove:
        _connection.config.trustSelfSignedCertificates=true;
        
        Report Abuse
        
        Like (0)
        
        Anshul
        12 posts since
        Aug 25, 2010
        
        Currently Being Moderated
        
        Sep 1, 2010 8:43 AM (in response to Mark Walters)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        It works now..
        Thanks.
        Why was this causing a problem??
        
        Report Abuse
        
        Like (0)
        
        Mark Walters
        144 posts since
        Feb 5, 2009
        
        Currently Being Moderated
        
        Sep 1, 2010 8:29 PM (in response to Anshul)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        as3crypto has a known bug regarding the RSAKey class returning null in a padding function.
        Unfortunately, as3crypto has not been touched in a while and I haven't found anyone that has successfully patched this issue.
        So, at least for Google Talk, you can just set trustSelfSignedCertificates to false and it works.
        
        Report Abuse
        
        Like (0)
        
        Anshul
        12 posts since
        Aug 25, 2010
        
        Currently Being Moderated
        
        Sep 1, 2010 10:43 PM (in response to Mark Walters)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        But then why does it work with trustSelfSignedCertificates set to true, with servers like Openfire? Shouldn’t the as3crypto bug cause a crash then too?
        
        Report Abuse
        
        Like (0)
        
        Anshul
        12 posts since
        Aug 25, 2010
        
        Currently Being Moderated
        
        Sep 2, 2010 3:57 AM (in response to Mark Walters)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        I am trying to connect to a Jabber XCP server.
        The connection proceeds to this stage and then stops. I don’t get any LOGIN event.
        
        Report Abuse
        
        Like (0)
        
        Mark Walters
        144 posts since
        Feb 5, 2009
        
        Currently Being Moderated
        
        Sep 2, 2010 4:51 AM (in response to Anshul)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Feel free to work through the code and submit patches.
        
        Report Abuse
        
        Like (0)
        
        Anshul
        12 posts since
        Aug 25, 2010
        
        Currently Being Moderated
        
        Sep 20, 2010 8:03 AM (in response to Mark Walters)
        Re: XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        I am having problems connecting to a Jabber XCP server.
        In the trace I notice, that the server is sending me an empty list of authentication mechanisms and thus my connection stalls.
        However, other XMPP clients such as pidgin, psi are able to connect to the server.
        
        Do you have any idea, what the problem might be?
        
        Report Abuse
        
        Like (0)
        
        varmando
        1 posts since
        Nov 3, 2011
        
        Currently Being Moderated
        
        Nov 3, 2011 10:18 AM (in response to Mark Walters)
        XIFF, TLS, Google Talk, SecureSocket - PLEASE support the developers
        
        Hi!
        
        It seems that this guy has created a fork of as3crypto and has patched it a great deal.
        
        https://github.com/timkurvers/as3-crypto/
        
        Report Abuse
        
        Like (0)