How can I connect to XMPP server over TLS? I've read both the book and the RFC doc about it and the instructions are clear on the high overview, but I'm missing details.
I am constructing my own XMPP library and once I open the socket to the client on port 5222 I am sending initial XML to start the conversation followed by:
<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
Server responds with:
<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
After this it get's unclear about what should I do, as supposedly somehow the TLS magic should happen here, getting the server to send the certificate to the client. How is that done, and how do I know it is received?
After that the documents say that the stream should be terminated, and another one started...does that mean that I need to disconnect the socket or just close the stream by sending </stream:stream>?
I have found out the solution to the problem. My mistake was that after I got the <proceed> I was closing the socket in order to switch it to port 443, change the protocol, and other similar stuff.
The solution was not to close the connection, but rather enabling crypto on existing connection by using:
stream_socket_enable_crypto($this->socket->connection,
true, STREAM_CRYPTO_METHOD_SSLv23_CLIENT);
And then opening the communication once again with
<?xml version='1.0' encoding='UTF-8'?>
<stream:stream to=.....
After that you will get back the "real" response about how you can authenticate (i.e. PLAIN).
It is all implemented within my library so you can check it out.