Not logged in. · Lost password · Register
Forum: agsXMPP RSS
SOCKS5 File Transfer
Page:  1  2  3  4  5  6  7  next
Avatar
Alan 2006-06-08, 17:13 #1
Member since May 2006 · 9 posts
Group memberships: Members
Show profile · Link to this post
Subject: SOCKS5 File Transfer
Hi, by reading the http://www.jabber.org/jeps/jep-0065.html I am not 100% sure how the SOCKS5 proxy works.

My understanding is,

1. For the Initiator, after activation of bytestream (Example 17 in the JEP 0065 spec), on receiving a good response to the activation from the socks5 file transfer proxy server(Example 18), it starts to write bytestream to the socket (which is the socket this SOCK5 runs on).

2. For the Target, after receiving Acknowledges Connection (Example 19), it starts to read bytestream from the socket (which is the socket where the target SOCKS5 connection was established).


Is my understanding correct?
Avatar
Alex 2006-06-08, 20:30 #2
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Hello Alan,

Yes i think you got it correct. But i try it to explain again.

There are 2 different scenarios which are both described in the JEP.

No. 1: client1 and client2 can establish a direct SOCKS5 connection to each other. This is possible if both clients are not behind NAT and or firewalls, or the firewall is configured with port forwarding to allow incoming connections. In this case a SOCKS5 socket is directly established between this 2 clients.

No. 2: If a direct connection is not possible because of NAT and Firewall issues then you can use a proxy. Because both clients were able to connect to the XMPP serve,r they will also be able to connect to a proxy server in the middle. In this case both clients create a SOCKS5 connection to the proxy. After both clients are connected and the bytestream is activated client1 sends the file/bytes to the proxy, and the proxy sends the data back to client2.
So 1 client is sending data to the proxy and the other client data is reading from the proxy.

Alex
Avatar
mayprog 2006-06-09, 23:14 #3
Member since Mar 2006 · 61 posts
Group memberships: Members
Show profile · Link to this post
So, Alex, in order to support ByteStreams, an application should both implement SOCKS5 client AND server side. Is that right?
This post was edited on 2006-06-09, 23:14 by mayprog.
Avatar
Alex 2006-06-09, 23:20 #4
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
You don't have to implement the server side. You only need a server with a SOCKS5 proxy. Wildfire has a build in SOCKS5 proxy.
This post was edited on 2013-03-06, 19:10 by Alex.
Avatar
mayprog 2006-06-09, 23:34 #5
Member since Mar 2006 · 61 posts
Group memberships: Members
Show profile · Link to this post
I am sorry Alex but maybe i didn't understand.
From what i understood, from this:
No. 1: client1 and client2 can establish a direct SOCKS5 connection to each other. This is possible if both clients are not behind NAT and or firewalls, or the firewall is configured with port forwarding to allow incoming connections. In this case a SOCKS5 socket is directly established between this 2 clients.
a SOCKS5 socket must be established from client 1 to client 2, so client 2 must parse the SOCKS5 commands that client 1 send to him (as client 1 doesn't know if client2 is a proxy server or a direct client and "talks" SOCKS5 to him) right?

The link you posted is on Python. Is there a way to use it from within .Net Framework 1.1?

Thanks Alex!
This post was edited on 2006-06-09, 23:37 by mayprog.
Avatar
Alex 2006-06-09, 23:41 #6
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
ok understand your question now.
Yes you have to implement a SOCKS5 server and a SOCKS5 client socket. With all different file transfers you have to do that, because the client which is sending the file acts as a server and the receiving client acts as a normal client. But this is pretty easy and normally there are no commands on the SOCKS5 connection except of the headers.

Alex
Avatar
mayprog 2006-06-09, 23:59 #7
Member since Mar 2006 · 61 posts
Group memberships: Members
Show profile · Link to this post
Ok, now you setted my hear at rest.
I was worried that i did something wrong.
Well, you are right  i have imlemented a Mini-SOCKS5 client-server socket, just by 1-2 reads and writes.
I just handle the no-authentication mechanism and the CONNECT command of SOCKS5 RFC.
Yes, it is simple enough.

But i still have problems with my Sockets and i can't understand why.

I create a c# Socket, connect to the ip, authenticate by "no-authentication" and send the CONNECT command to the "server" just as the JEP says.
The result "REPLY" of the SOCKS5 protocol is OK.
The rest must be plain Socket data transmition so,
I wait for the data of the file to come into my async NetworkStream i have set on the socket (just like you use it inside the SDK).
Nothing comes!
I have tryied it with Spark,Psi and Miranda (sending files from them and receiving from my app).
All these clients says "File accepted" but the transimtion does not start!
I cannot understand what i have done wrong!
I am shoore that there isn't needed a Listen command on the socket, but what else?

Thanks Alex,
you are the most valuable and helpfull person on the planet for me now!
This post was edited on 2006-06-10, 00:04 by mayprog.
Avatar
Alex 2006-06-10, 11:59 #8
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Hello,

did you activate the bytestream?
If both parties are ready for the data you have to acknowledge this over the XMPP protocol and activate the bytestream. Without activating the stream no data is sent.

Alex
Avatar
mayprog 2006-06-10, 15:37 #9
Member since Mar 2006 · 61 posts
Group memberships: Members
Show profile · Link to this post
The scenario I described to you is having my App as the RECEIVER and psi,spark or miranda as the SENDER, so i suppose the sender should activate the stream.
Is that right?
Avatar
Alex 2006-06-10, 20:18 #10
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Quote by from JEP-0065 3.1:
1. Initiator sends IQ-set to Target specifying the full JID and network address of StreamHost/Initiator as well as the StreamID (SID) of the proposed bytestream.
2. Target opens a TCP socket to the specified network address.
3. Target requests connection via SOCKS5, with the DST.ADDR and DST.PORT parameters set to the values defined below.
4. StreamHost/Initiator sends acknowledgement of successful connection to Target via SOCKS5.
5. Target sends IQ-result to Initiator, preserving the 'id' of the initial IQ-set.
6. StreamHost/Initiator activates the bytestream.
7. Initiator and Target may begin using the bytestream.

i think you are stuck at point 4 or 5 which sais that the initiator sends the acknowledgement. And the target which is the receiver sends also the IQ which activates the stream then.
If you don't get it working you can post your code and we will take a look at it. You could also add your code to the MiniClient sample and we will take a look at it.

Alex
Avatar
mayprog 2006-06-10, 22:04 #11
Member since Mar 2006 · 61 posts
Group memberships: Members
Show profile · Link to this post
Alex, thanks for helping me.
Following are the Xmpp messages from the Spark Debug Window.
User1 is on the Spark client and is sending a file (pdf) to user2 which is on my app.
Hope you find out something wrong here....

Send from User1 (initiator-spark) to user2(target-my app):

  1. <iq id="URtgX-47" to="user2@hcigr/MM" from="user1@hcigr/spark" type="set">
  2.  <si xmlns="http://jabber.org/protocol/si" id="jsi_1397783821792838953" mime-type="application/pdf" profile="http://jabber.org/protocol/si/profile/file-transfer">
  3.     <file xmlns="http://jabber.org/protocol/si/profile/file-transfer" name="0130461326.pdf" size="512316">
  4.       <desc>Sending file</desc>
  5.     </file>
  6.     <feature xmlns="http://jabber.org/protocol/feature-neg">
  7.       <x xmlns="jabber:x:data" type="form">
  8.         <field var="stream-method" type="list-multi">
  9.           <option>
  10.             <value>http://jabber.org/protocol/bytestreams</value>
  11.           </option>
  12.           <option>
  13.             <value>http://jabber.org/protocol/ibb</value>
  14.           </option>
  15.         </field>
  16.       </x>
  17.     </feature>
  18.  </si>
  19. </iq>

Send from user2(target-my app) to User1(initiator-spark):

  1. <iq id="URtgX-47" to="user1@hcigr/spark" from="user2@hcigr/MM" type="result">
  2.  <si xmlns="http://jabber.org/protocol/si">
  3.     <feature xmlns="http://jabber.org/protocol/feature-neg">
  4.       <x xmlns="jabber:x:data" type="submit">
  5.         <field var="stream-method">
  6.           <value>http://jabber.org/protocol/bytestreams</value>
  7.         </field>
  8.       </x>
  9.     </feature>
  10.  </si>
  11. </iq>

Send from User1 (initiator-spark) to user2(target-my app):

  1. <iq id="URtgX-48" to="user2@hcigr/MM" from="user1@hcigr/spark" type="set">
  2.  <query xmlns="http://jabber.org/protocol/bytestreams" sid="jsi_1397783821792838953" mode="tcp">
  3.     <streamhost jid="user1@hcigr/spark" host="150.140.removed" port="7777"/>
  4.     <streamhost jid="proxy.hcigr" host="150.140.removed" port="7777"/>
  5.  </query>
  6. </iq>

Send from user2(target-my app) to User1(initiator-spark):

  1. <iq id="URtgX-48" to="user1@hcigr/spark" from="user2@hcigr/MM" type="result">
  2.  <query xmlns="http://jabber.org/protocol/bytestreams">
  3.     <streamhost-used jid="user1@hcigr/spark"/>
  4.  </query>
  5. </iq>

When i sent the final reply where I indicate the streamhost-used i have been authorized with the StreamHost, where in this case is the same the Initiator.
I tryied to custom select the second streamhost that Spark offered me that is the proxy server, but the result was the same.

In both cases the result is that Spark is writting in the UI "Negotiating File Tranfer With user2" and nothing happens, no data is coming to my socket (user2 socket).
This post was edited 2 times, last on 2013-03-06, 19:07 by Alex.
Avatar
Alex 2006-06-10, 22:20 #12
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
your XML looks ok to me, i think you do everything correct here. So i assume the error must be on the SOCKS5 connection.

Do you connect to the streamhost correct? Is your Hash correct?

Quote by JEP-0065:
Example 14. Target Connects to StreamHost

CMD = X'01'
ATYP = X'03'
DST.ADDR = SHA1 Hash of: (SID + Initiator JID + Target JID)
DST.PORT = 0
Avatar
mayprog 2006-06-10, 22:51 #13
Member since Mar 2006 · 61 posts
Group memberships: Members
Show profile · Link to this post
For the hashing i use the following code:
    string sToHash = sId+sInitiatorJid+sTargetJid;
   
    SHA1 sha = SHA1.Create();
    return sha.ComputeHash(System.Text.Encoding.UTF8.GetBytes(sToHash));

The only problem is i did not understand when the jep0065 says:
..furthermore, in order to ensure proper results, the appropriate stringprep profiles (as specified in XMPP Core [9]) MUST be applied to the JIDs before application of the SHA1 hashing algorithm.
What are the stringprep profiles?
In my code sInitiator is something like "user1/car" and sTargetJis is like "user2/home" so the finaly string is like "sid_12319231user1/caruser2/home" on which i create the hash.
Anyway, I test the result (REP) of the CONNECT command and it is 0, which means that i succeded.

The strange think is that even if i use a wrong hash, the reply again is that I succeded!
This post was edited on 2006-06-10, 22:52 by mayprog.
Avatar
Alex 2006-06-10, 23:03 #14
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Stringprep is part of the XMPP RFCs. Stringprep describes a framework for preparing Unicode text strings in order to increase the likelihood that string input and string comparison work in ways that make sense for typical users throughout the world. But this is not important for your Jids because the don't change when you apply the stringprep profiles.

Alex
Avatar
Alan 2006-06-12, 08:12 #15
Member since May 2006 · 9 posts
Group memberships: Members
Show profile · Link to this post
In reply to post #1
Hi, Thanks Alex.

I've established SOCKS5 Connection with StreamHost from both initiator and target (with all the SHA1 hash and get a correct resposne from proxy server), then according to http://www.jabber.org/jeps/jep-0065.html Example 17. Initiator Requests Activation of Bytestream, I do the following


send :
  1. <iq type="set" to="proxy.ag-software.de" from="initiator@jabber.com/agsXMPP" id="activate">
  2.     <query xmlns="http://jabber.org/protocol/bytestreams" sid="mySID">
  3.         <activate>target@jabber.com/agsXMPP</activate>
  4.             </query>
  5. </iq>

receive :
  1. <iq xmlns='jabber:client' to='initiator@jabber.com/agsXMPP' from='proxy.ag-software.de' id='activate' type='error'>
  2.     <error type='cancel' code='405'>
  3.         <not-allowed xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
  4.     </error>
  5. </iq>

Does that mean I made some mistake in the socks5 connection? I've checked the SHA1 hash, both initiator and target are sending the same hash value and I've validated the SHA1 hash result generated by my IM program are actually the same using other SHA1 implementation in Java.

What I havent done here is, I assume the proxy host is known to both initiator and target. So I ommit the Jabber handshake processes and start my file transfer session from http://www.jabber.org/jeps/jep-0065.html Example 11. Initiation of Interaction, which I think wouldnt affect the socks5 connection establishment. Am I wrong here?

Thanks
The author has attached one file to this post:
FTChangedFiles.zip 48.1 kBytes
You have no permission to open this file.
This post was edited 2 times, last on 2013-03-06, 19:06 by Alex.
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Page:  1  2  3  4  5  6  7  next

Forum: agsXMPP RSS