Hi,
first off; great to see somebody else using XMPP with php :D (there's a
> great xmpp lib for AS3 from ignite realitime that makes openfire) but no
> nice ones for php yet as far as I know - was always one of those projects I
> really wanted to do but couldn't justify without getting a client to part
> fund :p
>
that's just a small program which I do. It is a plugin for the wordpress
publication system which publishes tickets on a pubsub node (replacing RSS
by pubsub through XMPP for realtime notification so! :-).
I don't use any external XMPP-specific library for this. Fortunately you
have many stuffs in PHP and it is really easy to implement XMPP. I think my
small program does already quite enough for me (I can connect, using SRV
Records when possible, encrypt Digest-MD5/CramMD5/PLAIN, I create container
nodes and leaf nodes, add and remove items in them, and soon so I will have
TLS support... :p I don't need to be able to do more for my program's
purpose :-).
>
>
> Then I see the stream_socket_client () which can then switch to TLS with
>> stream_socket_enable_crypto (). But this is only above PHP 5.1.0. Can
>> anyone
>> confirm me this is the right solution, and also only solution? (I mean
>> "already made" one, I am not going to implement TLS myself! :p)
>>
>>
> IMHO this is the best way; using sockets gives you far more control which
> you'll be needing later.
>
> you can also simply stream_socket_client("tls://whatever.com:6548", ....
>
But in XMPP, the new way of doing stuff with TLS is to open a normal socket,
then switch to TLS with the <starttls /> at authentication time (answered
into <proceed /> by the server). Opening directly an encrypted channel was
the old way of doing encryption stuff and is now deprecated (this is why now
we use only one port, 5222, which can switch into TLS before authentication,
whereas the old time were using another port, 5223, dedicated to SSL).
I am not very used to this function, but if I understand well what you
propose here, it is to open directly a socket with ssl encryption, hence it
is the old way. I was thinking about using stream_socket_enable_crypto (),
because it looks to be more like what I want, which is a socket which is
plain text at the beginning, then which I can switch to TLS after.
Is it it, or am I wrong? And then I would be happy to learn what your
proposition is doing.
> surely socket_create is the other way around (ie opens a server socket not
> a client connection)? are you trying to create an XMPP server in php? :o
>
No as I said, I am making a client. ;-) But socket_create works also as a
client socket. I am sure of it, because in my current (and working!) version
of the plugin, I already use a socket this way. :p
Anyway I was more especially hoping to find a way to switch a socket to TLS
without forcing users to use the lattest php version (> 5.1) and also
without having to change too much stuffs in my code (I think it won't be too
difficult because I already encapsulated the socket creation in a personal
class. But I am lazy and it is easier to make the less possible changes to
avoid unexpected bugs! :-D )
Thanks.
Jehan
