Gajim - 2020-03-19


  1. Link Mauve mimi89999, it’s TLS, but on UDP.
  2. Link Mauve So for encryption.
  3. Link Mauve But on a transport layer which can be lossy.
  4. mimi89999 Link Mauve: I was asking in the context of SRTP. It seems that it is used for key exchange, but we could do that over XMPP that is already a secure channel.
  5. wurstsalat huh, seems Gajim master builds for windows don't build for 64 bits, only for 32
  6. mimi89999 srtp{enc,dec} could be added to the gstreamer pipeline with the correct properties (key, cipher, auth). They would be sent over XMPP as specified in the XEP. That's how I see it.
  7. mimi89999 There is one strange thing.
  8. mimi89999 SRTP RFC is very old. There are 3 ciphers: AES-ICM128, AES-ICM256 and AES-F8. They don't seem common in the TLS world and I couldn't find any modern cryptanalysis of them.
  9. mimi89999 Gstreamer does not support AES-F8. AES-F8 is optional, but AES-ICM is mandatory.
  10. mimi89999 Link Mauve: What do you think of my idea and do you know how secure those ciphers are?
  11. bot Daniel Brötzmann updated a merge request for _gajim-plugins/master_ < https://dev.gajim.org/gajim/gajim-plugins/-/merge_requests/188 >: WIP: [preview] Add preview widget
  12. bot Daniel Brötzmann updated a merge request for _gajim-plugins/master_ < https://dev.gajim.org/gajim/gajim-plugins/-/merge_requests/188 >: WIP: [preview] Add preview widget
  13. bot Daniel Brötzmann updated a merge request for _gajim-plugins/master_ < https://dev.gajim.org/gajim/gajim-plugins/-/merge_requests/188 >: WIP: [preview] Add preview widget
  14. hannibal asterix, could you check the flatpak build script, there seems to be an error with `flatpak-builder` commands; maybe remove pipe to /dev/null
  15. hannibal to see the log
  16. Link Mauve mimi89999, I don’t know anything about those, sorry.
  17. Link Mauve So far my experience with DTLS-SRTP has been to feed it to Gstreamer and get it back on the other side.
  18. asterix hannibal: I just ran it manually, seems ok
  19. mimi89999 Link Mauve: I think that feeding SRTP would be the best.
  20. Link Mauve mimi89999, don’t you need a bunch of additional stuff for WebRTC?
  21. Link Mauve Like SSRC, grouping, stuff like that.
  22. Link Mauve And dynamic rate.
  23. mimi89999 What are these for?
  24. Link Mauve Not sure.
  25. Link Mauve But they’re part of WebRTC.
  26. mimi89999 With Gstreamer and SRTP I can get an encrypted stream
  27. mimi89999 Isn't it what we want?
  28. hannibal asterix: could it be a permission issue as it was with `flatpak update`
  29. asterix I don't think so. Maybe the redirection ( I thought it was commented, but the # was maybe part of the command instead of start of comment)
  30. asterix I redirected to a file instead
  31. Link Mauve mimi89999, full WebRTC support allows communicating with web clients like Movim or Jitsi Meet.
  32. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _gajim-plugins_ < https://dev.gajim.org/gajim/gajim-plugins >: *9cac8d1c* < https://dev.gajim.org/gajim/gajim-plugins/-/commit/9cac8d1c1851554087f2af0e2f4173847fad672f > [preview] Update manifest.ini
  33. edhelas mimi89999 hey o/ I have implemented Jingle/WebRTC support in Movim, if you want some help or run some tests do not hesitate to ping me
  34. mimi89999 I am curious about the entire stack
  35. mimi89999 Gajim has a gstreamer pipeline
  36. mimi89999 I thought that piping it through SRTP would be the simplest option
  37. mimi89999 As described in https://xmpp.org/extensions/xep-0167.html#srtp
  38. mimi89999 I just pass that to Gstreamer srtp{enc,dec} and that's it.
  39. mimi89999 edhelas
  40. bot Daniel Brötzmann proposed a new merge request for _gajim-plugins/master_ < https://dev.gajim.org/gajim/gajim-plugins/-/merge_requests/189 >: [length_notifier] Complete rework
  41. edhelas on my side I've simply used the webrtc stack from the browsers
  42. edhelas and extended the Jingle lib, also writing a SDP<->Jingle one
  43. bot Daniel Brötzmann updated a merge request for _gajim-plugins/master_ < https://dev.gajim.org/gajim/gajim-plugins/-/merge_requests/189 >: [length_notifier] Complete rework
  44. bot Daniel Brötzmann updated a merge request for _gajim-plugins/master_ < https://dev.gajim.org/gajim/gajim-plugins/-/merge_requests/188 >: WIP: [preview] Add preview widget
  45. bot Daniel Brötzmann updated a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/589 >: Features: Add gsound and geoclue detection
  46. mimi89999 It seems that the way to go is WebRTC with signaling over XMPP
  47. mimi89999 Others either go full WebRTC or SRTP with signaling over theri protocol
  48. mimi89999 https://scontent.whatsapp.net/v/t61.22868-34/68135620_760356657751682_6212997528851833559_n.pdf/WhatsApp-Security-Whitepaper.pdf?_nc_sid=41cc27&_nc_ohc=Vj_-3rbA3SsAX-r0AHY&_nc_ht=scontent.whatsapp.net&oh=530ded48e088d81057d9a532b756295e&oe=5E7530D3
  49. mimi89999 WA also does like that
  50. mimi89999 > Call Setup
  51. mimi89999 SRTP pipeline
  52. alex.hotoi Hello Guys
  53. alex.hotoi I have an issue with the last release from git
  54. alex.hotoi it suddently disconnects the server and in log I see the following messages
  55. alex.hotoi 03/19/2020 13:50:40 (W) nbxmpp.m.discovery Received malformed stanza from
  56. alex.hotoi also for the gajim.org server, I got the following errors in log
  57. alex.hotoi 03/19/2020 13:50:57 (E) nbxmpp.tcp Connect Error: g-resolver-error-quark: No DNS record of the requested type for “_xmpps-client._tcp.gajim.or https://conference.gajim.org:5281/pastebin/f9fb5f83-c604-4aa5-bf2c-1a45879bc7b9
  58. alex.hotoi can someone have a look ?
  59. alex.hotoi also also the @gajim.org server disconnects from 2 and 2 seconds
  60. mimi89999 I found a test: https://gitlab.freedesktop.org/farstream/farstream/-/commit/52e41e7324e3e8a54c5991e0bb3e6217a8ef46c0
  61. mimi89999 But I don't know how to use that code.
  62. mimi89999 Especially in Python.
  63. mimi89999 I have no clue how to set that.
  64. lovetox alex.hotoi, receiving a malformed stanza can lead to a disconnect
  65. lovetox but you should gather a full debug log
  66. lovetox start gajim with -v
  67. lovetox the resolving error is nothing critical
  68. lovetox i should lower the log level for that one
  69. bot Daniel Brötzmann proposed a new merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/591 >: WIP: Gajim Portable: Test paths
  70. mimi89999 OK. I found how to do that.
  71. wurstsalat mimi89999, nice!
  72. bot Daniel Brötzmann updated a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/591 >: WIP: Gajim Portable: Test paths
  73. mimi89999 ``` srtp = Gst.Structure.new_empty('FarstreamSRTP') buf = Gst.Buffer.new_allocate(None, 30, None) srtp.set_value('key', buf) srtp.set_value('auth', 'hmac-sha1-80') self.p2psession.set_encryption_parameters(srtp) ``
  74. mimi89999 Like
  75. mimi89999 ``` https://conference.gajim.org:5281/pastebin/faed81cf-e239-4247-80f3-3b73ebc66dbd
  76. mimi89999 Not sure if this works.
  77. mimi89999 https://dev.gajim.org/mimi89999/gajim/-/commit/fd66329575534ee1f1d3f959737278cdcf81813c
  78. mimi89999 Decryption is broken
  79. Link Mauve mimi89999, where do you set the <encryption><crypto/></encryption> tag on the encryption side?
  80. Link Mauve Also, in which XEP are those elements defined?
  81. Link Mauve You should probably also check their namespace.
  82. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _python-nbxmpp_ < https://dev.gajim.org/gajim/python-nbxmpp >: *ed696d06* < https://dev.gajim.org/gajim/python-nbxmpp/-/commit/ed696d06b2877040f372fb44043380046c660401 > PubSub: Don't expect IQ payload on publish
  83. mimi89999 https://xmpp.org/extensions/xep-0167.html#srtp
  84. Link Mauve mimi89999, the namespace is still urn:xmpp:jingle:apps:rtp:1, even if it wasn’t present in this one example.
  85. Link Mauve Maybe I should add it, as to not confuse other people.
  86. mimi89999 For the time being i'm just trying to get that to work.
  87. mimi89999 Then I will implement sending and receiving keys.
  88. mimi89999 And cipher negociation.
  89. mimi89999 And put that in another function.
  90. mimi89999 You can see that my key is hardcoded.
  91. Link Mauve But given your check on line 317, this won’t happen if the element isn’t present.
  92. mimi89999 But now, I'm just trying to get that Farstream to work.
  93. mimi89999 I can hear something, but after several sec, I get a Gstreamer error.
  94. Link Mauve Maybe it’d make sense to have a look at the webrtc elements in Gstreamer?
  95. Link Mauve There, thanks for noticing! https://github.com/xsf/xeps/pull/910
  96. mimi89999 > Maybe it’d make sense to have a look at the webrtc elements in Gstreamer? Link Mauve: Like to use WebRTC?
  97. Link Mauve mimi89999, I don’t have any, try gst-inspect-1.0.
  98. Link Mauve Oh: https://duckduckgo.com/?q=gstreamer+webrtc&ia=web
  99. mimi89999 Link Mauve: You propose to use WebRTC in Gajim?
  100. Link Mauve Yes.
  101. alex.hotoi Hello lovetox
  102. alex.hotoi I just ran it with -v option
  103. alex.hotoi I will paste now the log
  104. alex.hotoi _____________ https://conference.gajim.org:5281/pastebin/36c2e1e7-34ae-4c97-afaa-3c5a1995799f
  105. Link Mauve mimi89999, do you think it’s a valid choice forward?
  106. Link Mauve I’d expect that to eventually make video calls with web clients possible, such as Movim or Jitsi Meet.
  107. lovetox alex.hotoi, do you have 2 instances of gajim running?
  108. alex.hotoi no, now I am on the stable version 1.1.3
  109. alex.hotoi it is only one
  110. alex.hotoi but the log is for the latest master version
  111. alex.hotoi I connect to the stable one to be able to talk with u here
  112. lovetox what server do you use?
  113. lovetox its a resource conflict, i try to fix this until the end of the weekend, right now current gajim does not deal with resource conflicts
  114. lovetox i ping you once its fixed
  115. alex.hotoi it is own server
  116. alex.hotoi thanks for help !
  117. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _python-nbxmpp_ < https://dev.gajim.org/gajim/python-nbxmpp >: *67d3fc77* < https://dev.gajim.org/gajim/python-nbxmpp/-/commit/67d3fc77bdb05c79f38e1c19b5aaf8cc294c41c2 > Connection: Use INFO log level for connection errors
  118. lovetox alex.hotoi, yeah i meant what software is running
  119. alex.hotoi https://www.ejabberd.im/
  120. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _python-nbxmpp_ < https://dev.gajim.org/gajim/python-nbxmpp >: *3bf389df* < https://dev.gajim.org/gajim/python-nbxmpp/-/commit/3bf389dfb00d085ff263dfea0b5cc64cbfa5d0cf > Resolver: Use INFO log level for resolver errors
  121. alex.hotoi lovetox, https://www.ejabberd.im/
  122. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _python-nbxmpp_ < https://dev.gajim.org/gajim/python-nbxmpp >: *0c7293b8* < https://dev.gajim.org/gajim/python-nbxmpp/-/commit/0c7293b8bb01f16a717e736727d7bcad4f888d57 > TCP: Don't use deprecated method
  123. mimi89999 > mimi89999, do you think it’s a valid choice forward? Link Mauve: As always, there are pros and cons.
  124. mimi89999 I will start with cons.
  125. Link Mauve I can see incompatibility with existing clients as a con.
  126. Link Mauve Such as Gajim 0.14-0.16, Pidgin or Empathy.
  127. mimi89999 2. There are only 2 libs for WebRTC
  128. Link Mauve Although I’m not sure anybody uses any of them nowadays.
  129. Link Mauve Gstreamer, libwebrtc and libjingle?
  130. mimi89999 3. There is added complexity and overhead.
  131. Link Mauve That’s the only three I know of.
  132. Link Mauve Which ones?
  133. Link Mauve Especially overhead, compared to what?
  134. Link Mauve For instance WebRTC natively includes simulcast negociation, so that if you view a thumbnail of the remote participant you can tell them not to send you the full 720p video.
  135. Link Mauve That’s a much lower overhead compared to traditional RTP without this negociation.
  136. mimi89999 Link Mauve: Right. Forgot libjingle.
  137. Link Mauve mimi89999, but Gajim already uses Gstreamer, so is there a good reason to switch?
  138. mimi89999 I thought about the pure protocol.
  139. mimi89999 Link Mauve: Switch to what?
  140. Link Mauve mimi89999, ah, the Jingle part?
  141. Link Mauve mimi89999, why would 2. be a con?
  142. Link Mauve Oh, libjitsi is another implementation, forgot about it.
  143. mimi89999 On the other hand Movim is using WebRTC and WebRTC is maybe easier there than plain RTP.
  144. Link Mauve Plain RTP is downright impossible in a web client.
  145. jubalh gajim guys! you save the logs in an sqlite db, right? when do you insert it? checking if the ID is already present? always? checking several fields?
  146. Link Mauve Which is the main reason I think we should aim to be compatible with WebRTC-only clients.
  147. mimi89999 OK. That's a vaild reason.
  148. Link Mauve mimi89999, in which parts of the protocol is there additional overhead btw? I’m not aware of much differences.
  149. bot Daniel Brötzmann created an issue in _gajim-plugins_ < https://dev.gajim.org/gajim/gajim-plugins/issues/488 >: #488: < Gajim 1.2 Release - Plugin List >
  150. jubalh lovetox: ^
  151. lovetox depends jubalh
  152. lovetox if your server uses mam:2
  153. lovetox then we just check for the ID
  154. pep. lovetox, what if no mama
  155. pep. lovetox, what if no mam
  156. jubalh lovetox: why it that case only?
  157. pep. mam;2 added a requirement on stanza-id
  158. pep. being added to messages
  159. jubalh ah I see
  160. jubalh lovetox: so if there is no ID? what do you do then? Profanity doesnt support MAM yet but I want to start storing messages in an sql db. But I can't be sure there is an ID I think
  161. pep. Before that you'd rely on possibly origin-id, or id (maybe mangled by MUCs, unless #stable-id), and datetime
  162. pep. /content of the message
  163. jubalh what a nice world.. :)
  164. lovetox jubalh, if there is mam:2 you depend on the stanza-id added by the mam server
  165. lovetox if there is no mam, gajim does not check for duplicates
  166. lovetox but i think if there is no mam there is not really much cases where there even could be duplicates
  167. lovetox the only thing come to mind is old MUC history
  168. lovetox and i simply would not request MUC history in that case
  169. pep. how do you know
  170. lovetox how do i know what?
  171. pep. that you should not request
  172. lovetox disco info
  173. lovetox before join
  174. pep. what do you mean by "old" btw
  175. lovetox i mean muc history as described in 0045
  176. pep. ah, you mean if the muc doesn't do mam you don't request
  177. lovetox yeah
  178. pep. hmm
  179. lovetox if server admin doesnt bother to add a real archive, im not sure the last 20 messages make any difference
  180. pep. well it might to users :/
  181. lovetox search a better server
  182. jubalh ok but we cant fix everything wokring around all problems :)
  183. jubalh ok lovetox, thanks. I think thats quite good enough
  184. lovetox jubalh, in previous version when Gajim did use MUC history, and supported mam:1
  185. lovetox we did a id, message body, timestamp duplicate check
  186. lovetox but timestamp is always hard
  187. lovetox because of timezone differences, and server time is not user time
  188. lovetox etc
  189. lovetox and also MUC was previously allowed to rewrite message IDs
  190. lovetox which basically made it impossible
  191. pep. lovetox, I wish that were an easy thing to do :)
  192. lovetox so im in favor, either server uses a protocol like mam:2 which makes a 100% deduplication possible
  193. pep. finding another server
  194. lovetox or you do no dedup at all
  195. stp Hello, today there is a portable Windows snap, *but* no 64 bit Gajim versions.
  196. jubalh ok, then i'll try to do that when i have another timeslot to work on it
  197. lovetox stp yeah build failed
  198. lovetox look tomorrow again
  199. bot Philipp Hörist pushed 2 commits to branch _refs/heads/master_ of _gajim_ < https://dev.gajim.org/gajim/gajim >: *21a9088e* < https://dev.gajim.org/gajim/gajim/-/commit/21a9088e24883d488eb58e977fb310dc27393a09 > Fix pylint error *ad3e2103* < https://dev.gajim.org/gajim/gajim/-/commit/ad3e2103a8c3e6fd8e2e0270b676200be1027b32 > Refactor A/V dependency imports
  200. mimi89999 Link Mauve: OK. I agree that WebRTC is the way to go.
  201. bot Philipp Hörist updated a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/589 >: Features: Add gsound and geoclue detection
  202. bot Philipp Hörist pushed 2 commits to branch _refs/heads/master_ of _gajim_ < https://dev.gajim.org/gajim/gajim >: *432f6d6b* < https://dev.gajim.org/gajim/gajim/-/commit/432f6d6bf4d841fa1683028ebe14002b7949bdaf > Features: Add gsound and geoclue detection *fab86bfc* < https://dev.gajim.org/gajim/gajim/-/commit/fab86bfc32e2a8594a18b0e06210e7c878884a84 > FeaturesDialog: Convert to Gtk.ApplicationWindow
  203. bot Philipp Hörist closed an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/10023 >: #10023: < Add gsound dependency check in Features dialog >
  204. bot Philipp Hörist merged a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/589 >: Features: Add gsound and geoclue detection
  205. stp lovetox, ok, I'll check back tomorrow.
  206. bot Daniel Brötzmann updated a merge request for _gajim-plugins/master_ < https://dev.gajim.org/gajim/gajim-plugins/-/merge_requests/189 >: [length_notifier] Complete rework
  207. bot Daniel Brötzmann updated a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/590 >: Preferences: Add infobar for missing A/V dependencies
  208. bot Daniel Brötzmann closed an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/9986 >: #9986: < Account window options dialog throws AttributeError: 'NoneType' object has no attribute 'get_boolean' >
  209. bot Daniel Brötzmann modified an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/9986 >: #9986: < Account window options dialog throws AttributeError: 'NoneType' object has no attribute 'get_boolean' >
  210. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _gajim_ < https://dev.gajim.org/gajim/gajim >: *1bc90e22* < https://dev.gajim.org/gajim/gajim/-/commit/1bc90e224d63a0d8926fb4753a9a5e07358273b7 > Preferences: Add infobar for missing A/V dependencies
  211. bot Philipp Hörist closed an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/9839 >: #9839: < Audio/Video: Add hint on preferences page pointing out missing dependencies >
  212. bot Philipp Hörist merged a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/590 >: Preferences: Add infobar for missing A/V dependencies
  213. bot Daniel Brötzmann modified an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/9839 >: #9839: < Audio/Video: Add hint on preferences page pointing out missing dependencies >
  214. Link Mauve wurstsalat, why “or the user is running Windows” in !590?
  215. wurstsalat because at the moment the dependencies are not packaged for windows, I think
  216. Link Mauve I’d expect that to work too, if the user has the relevant dependencies.
  217. Link Mauve Ah.
  218. Link Mauve I thought we did that with asterix some time ago.
  219. wurstsalat I'm not sure
  220. wurstsalat https://dev.gajim.org/gajim/gajim/issues/6030#note_188882
  221. bot Daniel Brötzmann proposed a new merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/592 >: Don't fail hard if we cannot get icon
  222. bot Daniel Brötzmann updated a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/592 >: Don't fail hard if we cannot get icon
  223. bot Daniel Brötzmann updated a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/592 >: Don't fail hard if we cannot get icon
  224. bot Daniel Brötzmann updated a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/592 >: Don't fail hard if we cannot get icon
  225. bot Daniel Brötzmann modified an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/9756 >: #9756: < Gajim 1.2.0 Release - Overview >
  226. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _gajim_ < https://dev.gajim.org/gajim/gajim >: *eebc393f* < https://dev.gajim.org/gajim/gajim/-/commit/eebc393f6ded9a9ccae9416209d3126a152496c9 > Don't fail hard if we cannot get icon
  227. bot Philipp Hörist closed an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/9769 >: #9769: < AttributeError: 'NoneType' object has no attribute 'load_icon' prevents gajim from starting >
  228. bot Philipp Hörist merged a merge request for _gajim/master_ < https://dev.gajim.org/gajim/gajim/-/merge_requests/592 >: Don't fail hard if we cannot get icon
  229. bot Daniel Brötzmann modified an issue in _gajim_ < https://dev.gajim.org/gajim/gajim/issues/9769 >: #9769: < AttributeError: 'NoneType' object has no attribute 'load_icon' prevents gajim from starting >