Subject: IM and File Transfer to Google Talk with SSL and port 443
AG-Software has just helped us with a technical issue, and I thought the least I can do is post the solution here on this forum, so that other agsXMPP SDK users could benefit from it.
Problem:
Our corporate network does not allow XMPP clients to connect to Google Talk on ports 5222 or 5223.
Using port 80 is an option, but I needed a better (more secure) option, which is SSL via port # 443.
This way, your login credentials, instant messages, and transferred files are encrypted, and - as far as I know - only a network administrator with access to the XMPP server and to the currently used SSL certificate, would be able to decrypt your IM/FileTransfer traffic.
That is, only Google folks, and no one else.
Of course, if you're using your own XMPP server (such as Openfire, ejabberd, etc.), and it's you who controls your private XMPP network, then your traffic is as secure as it can possibly be nowadays.
Using code snippets from some other posts on this forum,
and with help from AG-Software (by the way, their responsiveness is incredible!.. and it took them only a few minutes to figure out what the heck was wrong with the non-working code I sent to them, and provide a working solution; that's freakin' AWESOME!),
here's exactly what I had to do to ensure that the sample MiniClient (included in the agsXMPP SDK) does the following:
1. Connects to GTalk on port 443 with SSL.
2. Sends file transfers to another MiniClient or Spark Jabber client...
3. ...and file transfer is also done via port # 443.
--------------
1. In MiniClient, open frmLogin.cs, cmdLogin_Click event method, here are the changes:
#region Original settings
/*
_connection.Port = int.Parse(txtPort.Text);
_connection.UseSSL = chkSSL.Checked;
_connection.AutoResolveConnectServer = true;
_connection.UseCompression = false;
*/
#endregion
#region New settings
_connection.AutoResolveConnectServer = false;
_connection.Port = 443;
_connection.ConnectServer = "talk.google.com";
_connection.UseStartTLS = false;
_connection.UseSSL = true;
#endregion
2. In frmFileTransfer.cs:
(a)
//Original: const string PROXY = "proxy.ag-software.de";
const string PROXY = "talk.google.com";
(b) SendStreamHosts()
for (int i = 0; i < iphe.AddressList.Length; i++)
{
Console.WriteLine("IP address: {0}", iphe.AddressList[ i ].ToString());
//TODO: note the next line:
bsIq.Query.AddStreamHost(m_XmppCon.MyJID, iphe.AddressList[ i ].ToString(), 1000 /*you might want to change the port here, too*/);
}
//Original: bsIq.Query.AddStreamHost(new Jid(PROXY), PROXY, 7777);
bsIq.Query.AddStreamHost(new Jid(PROXY), PROXY, 443);
(c) SendStreamHostsResult method:
//Original: _p2pSocks5Socket.Port = 7777;
_p2pSocks5Socket.Port = 443;
----------------
I hope this helps someone who comes across the same task/issue.
Problem:
Our corporate network does not allow XMPP clients to connect to Google Talk on ports 5222 or 5223.
Using port 80 is an option, but I needed a better (more secure) option, which is SSL via port # 443.
This way, your login credentials, instant messages, and transferred files are encrypted, and - as far as I know - only a network administrator with access to the XMPP server and to the currently used SSL certificate, would be able to decrypt your IM/FileTransfer traffic.
That is, only Google folks, and no one else.
Of course, if you're using your own XMPP server (such as Openfire, ejabberd, etc.), and it's you who controls your private XMPP network, then your traffic is as secure as it can possibly be nowadays.
Using code snippets from some other posts on this forum,
and with help from AG-Software (by the way, their responsiveness is incredible!.. and it took them only a few minutes to figure out what the heck was wrong with the non-working code I sent to them, and provide a working solution; that's freakin' AWESOME!),
here's exactly what I had to do to ensure that the sample MiniClient (included in the agsXMPP SDK) does the following:
1. Connects to GTalk on port 443 with SSL.
2. Sends file transfers to another MiniClient or Spark Jabber client...
3. ...and file transfer is also done via port # 443.
--------------
1. In MiniClient, open frmLogin.cs, cmdLogin_Click event method, here are the changes:
#region Original settings
/*
_connection.Port = int.Parse(txtPort.Text);
_connection.UseSSL = chkSSL.Checked;
_connection.AutoResolveConnectServer = true;
_connection.UseCompression = false;
*/
#endregion
#region New settings
_connection.AutoResolveConnectServer = false;
_connection.Port = 443;
_connection.ConnectServer = "talk.google.com";
_connection.UseStartTLS = false;
_connection.UseSSL = true;
#endregion
2. In frmFileTransfer.cs:
(a)
//Original: const string PROXY = "proxy.ag-software.de";
const string PROXY = "talk.google.com";
(b) SendStreamHosts()
for (int i = 0; i < iphe.AddressList.Length; i++)
{
Console.WriteLine("IP address: {0}", iphe.AddressList[ i ].ToString());
//TODO: note the next line:
bsIq.Query.AddStreamHost(m_XmppCon.MyJID, iphe.AddressList[ i ].ToString(), 1000 /*you might want to change the port here, too*/);
}
//Original: bsIq.Query.AddStreamHost(new Jid(PROXY), PROXY, 7777);
bsIq.Query.AddStreamHost(new Jid(PROXY), PROXY, 443);
(c) SendStreamHostsResult method:
//Original: _p2pSocks5Socket.Port = 7777;
_p2pSocks5Socket.Port = 443;
----------------
I hope this helps someone who comes across the same task/issue.
This post was edited on 2009-02-20, 20:16 by Dmitriy.