Services:Chat

From Kosmos Wiki
Revision as of 17:09, 14 February 2020 by Greg (talk | contribs) (Add section about SASL being disabled once we switch to auth using LDAP)
Jump to navigation Jump to search

What is XMPP?

XMPP is an open standard for instant messages as well as voice and video chat. With XMPP, you can send and receive messages between users on thousands of different chat providers.

How to connect

Usually, you only need your user address and password to configure your chat application.

Your user address is your-username@kosmos.org.

Details

For advanced users and/or troubleshooting:

Server/host
xmpp.kosmos.org
C2S port
5222 (StartTLS), 5223 (TLS)
S2S port
5269
Bosh URL
xmpp.kosmos.org:5443/bosh
In-band Registration
Closed

Caveats

No SASL with LDAP

We are going to switch over the accounts to use LDAP. This has no happened yet, you will receive an email when that happens with a unique generated password and instructions to change it.

The LDAP implementation in ejabberd doesn't support SASL authentication.

You can authenticate users against an LDAP directory. Note that current LDAP implementation does not support SASL authentication.[1]:

The implication is that the user does not send a salted & hashed password to ejabberd, so the ejabberd process has access to a user's password and sends it over to the LDAP server to authenticate. This is considered PLAIN auth, even when both the XMPP c2s connection and the LDAP connect using TLS

There is an RFC, "Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted Challenge Response Authentication Mechanism (SCRAM) Secrets"[2]).

Impact

Some clients will display a warning because they detect that the auth used to be done with SASL, but not any longer. The most common one is Conversations, the Android client, so we are including instructions for it.

How to accept the warning in Conversations

In Conversations you can accept the warning by pressing "Accept" in the account details, that appears where the "Save" button is normally. [3]

Multi-user Chat (MUC)

The server is host to a variety of chat rooms. The server's MUC domain is kosmos.chat. Thus, room addresses look like chatroom-name@kosmos.chat. Only local users (with a kosmos.org address) are currently allowed to create chat rooms on kosmos.chat.

Come talk to us in kosmos@kosmos.chat!

Tor hidden service

You can connect to the XMPP server directly from the Tor network. The configuration is the same as for clearnet, except for the server to connect to:

Server/host
ht6eqe754p3m2gif.onion