Gajim - 2017-04-24

18:43:40 mdosch When I activate the function to use file transfer proxies i get the following message everytime I start Gajim: [18:42:10] mdosch.de: Establishing a secure connection from mdosch.de to proxy.jabbim.cz failed. Certificate hash: 6f63ad6f89cb93a92407e0f72bd3295a9adf855f. Error with certificate 2: self signed certificate in certificate chain.
18:44:32 mdosch So it seems like Gajim is trying to use proxy.jabbim.cz which doesn't provide a valid certificate. I think it would be better to choose a proxy with a valid certificate.
18:49:18 SaltyBones mdosch, where does one activate that?
18:50:45 mdosch I don't use the english version so I'm not sure about the terms. It's in the account settings in common (second tab last option)
18:52:42 SaltyBones cool, never noticed this before
18:53:26 mdosch https://dev.gajim.org/gajim/gajim/blob/master/src/common/config.py#L383
18:53:32 mdosch Seems to habben here
18:54:57 mdosch It's also present in optparser.py and test_jingle.py
18:56:40 Link Mauve Ugh, that one is still there…
18:57:06 Link Mauve This option should be removed, and instead Gajim should discover which proxy the server is proposing.
18:57:31 mdosch If I deactivate it, it will discover it?
18:57:47 Link Mauve I don’t know if it can do that.
18:57:58 Link Mauve Make sure your server provides one already.
18:58:09 mdosch I also configured http-upload so no problem...
18:58:22 mdosch yeah it does, I'm running my own
19:00:17 Link Mauve As a workaround, you can change this option in the advanced configuration editor to point to your own proxy, for now.
19:00:42 mdosch Ah ok, thx
19:08:38 MattJ It's bad, as it leaks your JID to remote servers that you otherwise have nothing to do with
19:16:13 mdosch Is the wiki page linked in the topic left empty intentionally? https://dev.gajim.org/gajim/gajim/wikis/community/SpreadJabberAndGajim
21:01:20 RonUL_ hello, has anybody successfully used HttpUpload with set tor proxy?
21:10:26 lovetox RonUL_ you should not do that
21:10:45 RonUL_ lovetox: why?
21:10:51 lovetox Gajim is not a TOR save Application, you can use TOR Proxy but gajim will leak DNS requests
21:11:19 RonUL_ lovetox, my host has .onion address
21:11:22 lovetox and yeah httpupload does not work with TOR in gajim
21:12:07 lovetox if you know what you are doing i guess its ok, just a warning, only because you set TOR as a proxy in gajim it will not make dns requests over that proxy
21:12:57 RonUL_ lovetox, my box redirects all dns requests via tor
21:13:28 lovetox then i guess also httpupload should work
21:13:48 RonUL_ lovetox, i think so, but httpupload cannot work with proxy setting :(
21:13:49 lovetox what problem do you encounter?
21:14:14 RonUL_ lovetox, it doesn't work
21:14:21 lovetox what doesnt work
21:15:07 RonUL_ lovetox, it tryes to connect to domain via port 5028
21:15:27 RonUL_ proxy is set to 9050
21:15:56 lovetox maybe i missing something here
21:16:06 lovetox i thought you box reroutes all to a proxy
21:16:08 RonUL_ gajim connects via 9050 with account
21:16:16 lovetox why would you have to configure a port in gajim then
21:16:33 RonUL_ lovetox, yes, my box...
21:16:40 RonUL_ talk about gajim :)
21:16:53 RonUL_ i have checked netstat...
21:17:11 RonUL_ and I have seen that httpuplod try to use port 5028
21:17:19 lovetox when your box reroutes all internet traffic through a proxy, why would have to set the port in each application
21:17:47 lovetox maybe i dont understand how this works
21:18:09 lovetox setting a proxy i would only do if my box does not reroute all traffic
21:18:20 lovetox then i have to setup the application to connect to the proxy
21:19:05 lovetox if my box reroutes all traffic to the proxy, why would i have to tell my application?
21:19:48 RonUL_ lovetox, :) why does gajim use proxy if set and plugins try to bypass gajim settings
21:20:29 lovetox Because plugins are plugins and developed by other people often
21:20:43 lovetox also because python does not make it easy to use proxys
21:21:03 lovetox thats why i told you, Gajim is not a save Tor application
21:22:35 lovetox neither does the project have the human resources to make the application NSA save :)
21:22:40 RonUL_ lovetox, the question is why does gajim have tor settings(proxy) if it is not safe?
21:23:11 lovetox because you might want to reroute your xmpp traffic through a tor proxy
21:23:36 lovetox and because someone at somepoint in time thought thats something he wants to implement in gajim
21:23:46 RonUL_ lovetox, ok, but you claim that it is not safe... weird
21:25:37 lovetox its not safe if you are depending, that gajim reroutes ALL traffic it generates through TOR
21:26:32 RonUL_ lovetox, maybe gajim should inform users: You can set tor proxy but it is not safe :)
21:27:16 RonUL_ lovetox, what kind of traffic it reroutes?
21:27:22 lovetox xmpp
21:27:52 RonUL_ ok, but httpuploads is the part of xmpp
21:28:40 lovetox only partly, over xmpp the server is asked for a upload slot
21:29:07 lovetox the file upload is a standard file upload between client and server, and has nothing to do with xmpp
21:30:09 lovetox so if you tell me you box reroutes all traffic through a proxy
21:30:17 lovetox then it also would reroute this file upload
21:30:24 RonUL_ lovetox, ok, thank you
21:30:26 lovetox you would not need to set a port or configure it
21:30:56 RonUL_ but I think GAJIM should inform that proxy doesn't work with plugins
21:31:59 RonUL_ lovetox, my box has open only port 443
22:52:10 lovetox Link Mauve, https://dev.gajim.org/gajim/gajim/commit/7b673eaf12c6f8e00703231cb5e9771a2d56758b
22:52:20 lovetox also gajim chooses the server provided proxy
22:52:36 lovetox only if you specifically set gajim in the account details to another proxy, it uses that
23:08:11 Link Mauve lovetox, oh?
23:08:29 Link Mauve So mdosch shouldn’t have any issue?
23:09:30 lovetox it seems his server provides no proxy
23:09:33 Link Mauve lovetox, shouldn’t you add an updater for old values?
23:10:29 lovetox actually its not true what i said
23:10:41 lovetox you can only activate/deactive proxy use
23:11:04 lovetox but it uses your server proxy if one is there
23:11:14 lovetox otherwise it checks the others
23:11:24 lovetox yeah i should do that before release
23:11:41 lovetox problem is
23:11:48 lovetox people may have set other things there
23:11:59 Link Mauve You can check for this current value.
23:12:04 Link Mauve And if it’s different, do nothing.
23:12:05 lovetox true
23:12:17 Link Mauve I remember Asterix doing that for some other config option, check the history.
23:33:52 mdosch > ‎lovetox‎: it seems his server provides no proxy Actually I have set up a proxy
23:34:34 lovetox then its not advertised correctly
23:34:45 lovetox or it doesnt let itself resolve
23:34:46 mdosch Hmm, will have to try if it works. So far I always used the http upload
23:34:50 lovetox or something else is wrong
23:35:31 mdosch The conversations compatibility test shows proxy support and in my prosody logs I don't see any warnings
23:36:43 lovetox did you actually transfer a file?
23:37:02 mdosch Not yet, as I always use the http upload
23:37:19 lovetox gajim resolves all possible proxys at start
23:37:34 lovetox so i think the certificate error was about that resolve
23:37:52 lovetox gajim will use your server one when transfering a file
23:38:03 lovetox if not please tell me :)
23:38:17 lovetox in any case you should delete these old proxys
23:38:41 lovetox search for file_transfer_proxies
23:38:48 lovetox in the advanced config and delete everything
23:39:41 mdosch already replaced them with my own one as suggested here by Link Mauve ;)
23:40:11 mdosch When transferring a file will i be able to see in the xml console which proxy is used?
23:40:54 lovetox mdosch dont set any proxy in this config setting
23:41:05 lovetox this is only for alternative proxys
23:41:25 lovetox your proxy should be discovered on login, and added automatically to an internal list you cant modify
23:41:47 lovetox and yes you can see that in the xml console
23:41:54 lovetox and on your serverlogs i guess
23:42:42 mdosch ok removed. and the setting in account settings? should i tick the box for using proxies or will it also detect the proxy automatically
23:43:17 lovetox no let it ticked
23:43:31 lovetox or else we will not use proxys at all
23:43:39 mdosch alright
23:43:55 mdosch may i try sending you a file?
23:44:07 lovetox yeah add me lovetox@conversations.im
23:53:08 jere The History Manager doesn't work on Linux (cloned repo, gajim_0.16 branch)
23:57:55 jere The problem is the last commit (Start HistoryManager with confug path argument) But "git checkout" to the previous commit (of the same day) is a workaround.