Comments (22)
It shouldn't be, I think I tested a jabber.org login and it worked, but I'll have to look into it more. XMPPFramework supports custom servers to my knowledge and if I recall correctly I even enabled the option to accept self signed SSL Certs.
from chatsecure-ios.
Already works with custom server
from chatsecure-ios.
@mkai have you been able to get it working with a custom server? You should be able to just type in [email protected] for the username field. Not sure whether I should mark this issue as closed or not because vitalyster says he has had success with his custom server.
from chatsecure-ios.
I'm not familiar neither Off-the-Record, nor xmppframework code, but proper xmpp client should get hostname to connect via dns SRV query - http://tools.ietf.org/html/rfc6120#section-3.2.1
I'm using xmpp.ru, which hostname equals to domain name, so I'm able to connect, but if hostname and domain are differ - it may fail.
from chatsecure-ios.
I think XMPPFramework only works with hostname/domain differences for Google Talk via a hardcoded function, so that could explain the problem.
from chatsecure-ios.
I've set up my XMPP server with the relevant SRV DNS entries, so the resolving is not the problem. Rather it fails because I'm using a self-signed SSL cert. I can only connect if I change in OTRXMPPManager.m:
- allowSelfSignedCertificates = NO;
- allowSSLHostNameMismatch = NO;
+ allowSelfSignedCertificates = YES;
+ allowSSLHostNameMismatch = YES;
OTR key exchange and chatting works nicely, then. Only problem is the SSL cert.
from chatsecure-ios.
I have been working on a new Settings view and will now plan to make these options user-configurable in the next release.
from chatsecure-ios.
EDIT: I wrote that before your answer came in - great news! Thanks!
I guess just changing that in upstream would compromise security for Google Talk users for no good reason - so I'd suggest adding a "Custom" tab to add a custom XMPP server, with a setting to allow self-signed SSL certs. My ObjC skills are very rusty, though. So I'll leave it up to you depending on if you think it would benefit the app.
from chatsecure-ios.
Good call. I was going to overhaul the way accounts were added as well and,
you're right, it seems better to allow on a per-server basis than on a
global level.
On Thu, Apr 12, 2012 at 12:43 PM, Markus Kaiserswerth <
[email protected]
wrote:
I guess just changing that in upstream would compromise security for
Google Talk users for no good reason - so I'd suggest adding a "Custom" tab
to add a custom XMPP server, with a setting to allow self-signed SSL certs.
My ObjC skills are very rusty, though. So I'll leave it up to you depending
on if you think it would benefit the app.
Reply to this email directly or view it on GitHub:
from chatsecure-ios.
@mkai: I added a rudimentary UI for changing those settings in this commit: c25b03c
Let me know what you think!
from chatsecure-ios.
Hi Chris,
I need to disable ARC in the project's settings to be able to compile OTRSettingsManager.m and OTRSetting.m:
Off-the-Record-iOS/Off the Record/OTRSettingsManager.m:19:13: error: ARC forbids synthesizing a property of an Objective-C object with unspecified ownership or storage attribute [4]
Off-the-Record-iOS/Off the Record/OTRSettingsManager.m:31:10: error: receiver type 'OTRSettingsManager' for instance message does not declare a method with selector 'populateSettings' [4]
Off-the-Record-iOS/Off the Record/OTRSetting.m:12:13: error: ARC forbids synthesizing a property of an Objective-C object with unspecified ownership or storage attribute [4]
Off-the-Record-iOS/Off the Record/OTRSetting.m:12:20: error: ARC forbids synthesizing a property of an Objective-C object with unspecified ownership or storage attribute [4]
If I disable ARC, I get the following exception when I tap "Settings" in the simulator:
2012-04-13 13:37:55.304 ChatSecure[7463:fb03] -[__NSMallocBlock__ count]: unrecognized selector sent to instance 0x7995ad0
2012-04-13 13:37:55.306 ChatSecure[7463:fb03] *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[__NSMallocBlock__ count]: unrecognized selector sent to instance 0x7995ad0'
On a similar note, I also got this error when compiling (solved it for testing by uncommenting the line until now):
Off-the-Record-iOS/Off the Record/OTRChatViewController.m:302:6: error: receiver type 'OTRChatViewController' for instance message does not declare a method with selector 'refreshView' [4]
Using Xcode Version 4.2.1
from chatsecure-ios.
Try updating Xcode to 4.3.2 (only available for 10.7+ and through the Mac App Store), but I'll see if I can fix it for you.
from chatsecure-ios.
See if this fixes your issue: 1fa3d3f
from chatsecure-ios.
4.2.1 still complained about a missing storage attribute on some properties, so I googled a bit and did the following changes in order to compile ('strong' is nothing but a guess, so I'm not really up to sending a real pull request - hope it's helpful anyway):
diff --git a/Off the Record/OTRSettingsGroup.h b/Off the Record/OTRSettingsGroup.h
index ed2f0c6..42cc7ad 100644
--- a/Off the Record/OTRSettingsGroup.h
+++ b/Off the Record/OTRSettingsGroup.h
@@ -10,8 +10,8 @@
@interface OTRSettingsGroup : NSObject
-@property (nonatomic, readonly) NSArray *settings;
-@property (nonatomic, readonly) NSString *title;
+@property (strong, nonatomic, readonly) NSArray *settings;
+@property (strong, nonatomic, readonly) NSString *title;
- (id) initWithTitle:(NSString*)newTitle settings:(NSArray*)newSettings;
diff --git a/Off the Record/OTRValueSetting.h b/Off the Record/OTRValueSetting.h
index ac07280..599d94e 100644
--- a/Off the Record/OTRValueSetting.h
+++ b/Off the Record/OTRValueSetting.h
@@ -10,7 +10,7 @@
@interface OTRValueSetting : OTRSetting
-@property (nonatomic, readonly) NSString *key;
+@property (strong, nonatomic, readonly) NSString *key;
@property (nonatomic) id value;
- (id) initWithTitle:(NSString*)newTitle description:(NSString*)newDescription settingsKey:(NSString*)newSettingsKey;
diff --git a/Off the Record/OTRViewSetting.h b/Off the Record/OTRViewSetting.h
index 99c61a5..3dd73f4 100644
--- a/Off the Record/OTRViewSetting.h
+++ b/Off the Record/OTRViewSetting.h
@@ -15,7 +15,7 @@
@interface OTRViewSetting : OTRSetting
-@property (nonatomic, readonly) Class viewControllerClass;
+@property (strong, nonatomic, readonly) Class viewControllerClass;
@property (nonatomic, retain) id<OTRViewSettingDelegate> delegate;
from chatsecure-ios.
Yeah, I need to read a little bit more about ARC conventions, but it seems
like that is the right thing to do. I don't know why Apple relaxed the
compiler errors and warnings in 4.3.2, it would have been nice to catch
these problems in the later version as well. From what I've read "strong"
is essentially equivalent to "retain".
On Fri, Apr 13, 2012 at 10:14 AM, Markus Kaiserswerth <
[email protected]
wrote:
4.2.1 still complained about a missing storage attribute on some
properties, so I googled a bit and did the following changes in order to
compile ('strong' is nothing but a guess, so I'm not really up to sending a
real pull request - hope it's helpful anyway):diff --git a/Off the Record/OTRSettingsGroup.h b/Off the Record/OTRSettingsGroup.h index ed2f0c6..42cc7ad 100644 --- a/Off the Record/OTRSettingsGroup.h +++ b/Off the Record/OTRSettingsGroup.h @@ -10,8 +10,8 @@ @interface OTRSettingsGroup : NSObject -@property (nonatomic, readonly) NSArray *settings; -@property (nonatomic, readonly) NSString *title; +@property (strong, nonatomic, readonly) NSArray *settings; +@property (strong, nonatomic, readonly) NSString *title; - (id) initWithTitle:(NSString*)newTitle settings:(NSArray*)newSettings; diff --git a/Off the Record/OTRValueSetting.h b/Off the Record/OTRValueSetting.h index ac07280..599d94e 100644 --- a/Off the Record/OTRValueSetting.h +++ b/Off the Record/OTRValueSetting.h @@ -10,7 +10,7 @@ @interface OTRValueSetting : OTRSetting -@property (nonatomic, readonly) NSString *key; +@property (strong, nonatomic, readonly) NSString *key; @property (nonatomic) id value; - (id) initWithTitle:(NSString*)newTitle description:(NSString*)newDescription settingsKey:(NSString*)newSettingsKey; diff --git a/Off the Record/OTRViewSetting.h b/Off the Record/OTRViewSetting.h index 99c61a5..3dd73f4 100644 --- a/Off the Record/OTRViewSetting.h +++ b/Off the Record/OTRViewSetting.h @@ -15,7 +15,7 @@ @interface OTRViewSetting : OTRSetting -@property (nonatomic, readonly) Class viewControllerClass; +@property (strong, nonatomic, readonly) Class viewControllerClass; @property (nonatomic, retain) id<OTRViewSettingDelegate> delegate;
Reply to this email directly or view it on GitHub:
from chatsecure-ios.
As for the runtime behaviour: it works and I can connect using the new options!
There's a small bug, however: if I enable the option and then try to connect directly afterwards, it doesn't work. I have to restart the app in order for it to pickup the setting. I guess the setting's just not updated or not read from UserDefaults.
After that initial hiccup, it always works.
from chatsecure-ios.
And please don't bother spending time on supporting 4.2.1 on my account :) I've just upgraded to 4.3.2.
from chatsecure-ios.
Oh sweet! I'm glad it works for you. It looks like I forgot to "synchronize" the NSUserDefaults somewhere, I'll look into that. Thanks!
from chatsecure-ios.
Ok I'm gonna close this issue, feel free to reopen it if you have any other problems. Thanks!
from chatsecure-ios.
Just a small point on security. Once multiple xmpp accounts are supported, self-signing needs to be a per-account setting, otherwise services like gtalk will be open to man-in-the-middle attacks.
Also important is to notify the user whenever the self-signed certificate changes - again, to make MitM attacks visible.
from chatsecure-ios.
(mitm attacks are much more likely on mobile devices, which connect to a lot of open wifi networks. :)
from chatsecure-ios.
This is a very good catch. I'll make it a priority to make those options per-account. I'll see if I can implement a notification when the self-signed certificate changes as well, although this might require some hacking on XMPPFramework.
from chatsecure-ios.
Related Issues (20)
- Website is not up-to-date
- Why public/open access level specified with swift classes?
- Push notification problem with pubsub.chatsecure.cat - prosody 0.11.9 (SASL EXTERNAL failed) HOT 18
- Push notifications not working anymore with Let'sEncrypt server certificate after Sept 30 HOT 5
- Some unstability issues on iOS 15.1 HOT 3
- regarding creating new account in chat secure HOT 1
- Secure HOT 2
- Broke OTR session on folding ChatSecure Messenger HOT 1
- trying to understand why push notifications is failing HOT 5
- README doesn't explain that this isn't maintained any more
- Hope to better protect privacy HOT 1
- Pending Approval on recipient chat HOT 1
- Secure hijacked iphone se
- Push notification / ejabberd 23.04 to chatsecure 5.0.4 (171) HOT 2
- How can we enable logs for yap db queries
- unable to open configuration settings file HOT 1
- There is no XCFramework found HOT 2
- Omemo Message Delivery failed HOT 1
- iOS OTR encryption failure
- ChatSecure installation issue HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chatsecure-ios.