Establecimiento de conexión Jabber
Sáb, 01/12/2007 - 12:11 — bytecoders
Me ha picado la curiosidad por el funcionamiento del conjunto de protocolos abiertos para mensajería instantánea Jabber / XMPP, este es por ejemplo el que usa Google para su servicio Gtalk.
Para ver el funcionamiento del protocolo se ha usado el siguiente material:
- Un cliente Jabber como por ejemplo Pidgin (aka Gaim)
- Una cuenta de Jabber (nos puede servir la de Gmail)
- Un sniffer de red, p.e. Wireshark (aka Ethereal)
Empezamos la captura con Wireshark y nos conectamos a nuestra cuenta de Jabber.
El primer paso es realizar una consulta SRV al DNS para localizar los servicios:
No. Time Source Destination Protocol Info
5 12.660878 192.168.1.5 192.168.1.1 DNS Standard query SRV _xmpp-client._tcp.gmail.com
Frame 5 (87 bytes on wire, 87 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 192.168.1.1 (192.168.1.1)
User Datagram Protocol, Src Port: 32921 (32921), Dst Port: domain (53)
Domain Name System (query)Acto seguido recibimos una respuesta con los servidores donde esta alojado el servicio:
No. Time Source Destination Protocol Info
6 12.695397 192.168.1.1 192.168.1.5 DNS Standard query response SRV 20 0 5222 talk4.l.google.com SRV 5 0 5222 talk.l.google.com SRV 20 0 5222 talk1.l.google.com SRV 20 0 5222 talk2.l.google.com SRV 20 0 5222 talk3.l.google.com
Frame 6 (292 bytes on wire, 292 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.5 (192.168.1.5)
User Datagram Protocol, Src Port: domain (53), Dst Port: 32921 (32921)
Domain Name System (response)Se envían una serie de peticiones AAAA al DNS para seleccionar un servidor y obtener su dirección IP:
No. Time Source Destination Protocol Info
7 12.793957 192.168.1.5 192.168.1.1 DNS Standard query AAAA talk.l.google.com
Frame 7 (77 bytes on wire, 77 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 192.168.1.1 (192.168.1.1)
User Datagram Protocol, Src Port: 32921 (32921), Dst Port: domain (53)
Domain Name System (query)
No. Time Source Destination Protocol Info
8 12.880628 192.168.1.1 192.168.1.5 DNS Standard query response
Frame 8 (125 bytes on wire, 125 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.5 (192.168.1.5)
User Datagram Protocol, Src Port: domain (53), Dst Port: 32921 (32921)
Domain Name System (response)
No. Time Source Destination Protocol Info
9 12.880840 192.168.1.5 192.168.1.1 DNS Standard query AAAA talk.l.google.com
Frame 9 (77 bytes on wire, 77 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 192.168.1.1 (192.168.1.1)
User Datagram Protocol, Src Port: 32921 (32921), Dst Port: domain (53)
Domain Name System (query)
No. Time Source Destination Protocol Info
10 12.914805 192.168.1.1 192.168.1.5 DNS Standard query response
Frame 10 (125 bytes on wire, 125 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.5 (192.168.1.5)
User Datagram Protocol, Src Port: domain (53), Dst Port: 32921 (32921)
Domain Name System (response)
No. Time Source Destination Protocol Info
11 12.914877 192.168.1.5 192.168.1.1 DNS Standard query A talk.l.google.com
Frame 11 (77 bytes on wire, 77 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 192.168.1.1 (192.168.1.1)
User Datagram Protocol, Src Port: 32921 (32921), Dst Port: domain (53)
Domain Name System (query)
No. Time Source Destination Protocol Info
12 12.947622 192.168.1.1 192.168.1.5 DNS Standard query response A 216.239.51.125
Frame 12 (93 bytes on wire, 93 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.5 (192.168.1.5)
User Datagram Protocol, Src Port: domain (53), Dst Port: 32921 (32921)
Domain Name System (response)Ya tenemos la ip del servidor, vamos a conectarnos. Para ello se utiliza el procedimiento de establecimiento de tres fases (3 way handshake), entonces lógicamente el primer paso es que nuestro cliente envie un bit de control SYN para sincronizar los números de secuencia iniciales ISN:
No. Time Source Destination Protocol Info
13 12.947931 192.168.1.5 216.239.51.125 TCP 39712 > xmpp-client [SYN] Seq=0 Len=0 MSS=1460 TSV=1009531 TSER=0 WS=5
Frame 13 (74 bytes on wire, 74 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 0, Len: 0Si no hay ningún problema, el servidor nos responderá al SYN con su correspondiente ACK:
No. Time Source Destination Protocol Info
14 13.101193 216.239.51.125 192.168.1.5 TCP xmpp-client > 39712 [SYN, ACK] Seq=0 Ack=1 Win=8190 Len=0 MSS=1452
Frame 14 (58 bytes on wire, 58 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 216.239.51.125 (216.239.51.125), Dst: 192.168.1.5 (192.168.1.5)
Transmission Control Protocol, Src Port: xmpp-client (5222), Dst Port: 39712 (39712), Seq: 0, Ack: 1, Len: 0Nuestro cliente responderá con otro ACK al servidor y entonces habremos establecido la conexión al estilo 3 way handshake:
No. Time Source Destination Protocol Info
15 13.101254 192.168.1.5 216.239.51.125 TCP 39712 > xmpp-client [ACK] Seq=1 Ack=1 Win=5840 Len=0
Frame 15 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 1, Ack: 1, Len: 0Una vez establecida la conexión se inicia la comunicación Jabber/XML, se acordarán aspectos como la versión de XML, de los streams, si se va a usar o no encriptación TLS:
No. Time Source Destination Protocol Info
16 13.101477 192.168.1.5 216.239.51.125 Jabber/XML Request: <?xml version='1.0' ?>
Frame 16 (76 bytes on wire, 76 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 1, Ack: 1, Len: 22
Jabber XML Messaging
No. Time Source Destination Protocol Info
17 13.254867 216.239.51.125 192.168.1.5 TCP xmpp-client > 39712 [ACK] Seq=1 Ack=23 Win=5720 Len=0
Frame 17 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 216.239.51.125 (216.239.51.125), Dst: 192.168.1.5 (192.168.1.5)
Transmission Control Protocol, Src Port: xmpp-client (5222), Dst Port: 39712 (39712), Seq: 1, Ack: 23, Len: 0
No. Time Source Destination Protocol Info
18 13.254911 192.168.1.5 216.239.51.125 Jabber/XML Request: <stream:stream to='gmail.com' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
Frame 18 (168 bytes on wire, 168 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 23, Ack: 1, Len: 114
Jabber XML Messaging
No. Time Source Destination Protocol Info
19 13.409056 216.239.51.125 192.168.1.5 TCP xmpp-client > 39712 [ACK] Seq=1 Ack=137 Win=5720 Len=0
Frame 19 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 216.239.51.125 (216.239.51.125), Dst: 192.168.1.5 (192.168.1.5)
Transmission Control Protocol, Src Port: xmpp-client (5222), Dst Port: 39712 (39712), Seq: 1, Ack: 137, Len: 0
No. Time Source Destination Protocol Info
20 13.410343 216.239.51.125 192.168.1.5 Jabber/XML Response: <?xml version="1.0" encoding="UTF-8"?><stream:stream from="gmail.com" id="D8FAEF2C941E0139" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
Frame 20 (230 bytes on wire, 230 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 216.239.51.125 (216.239.51.125), Dst: 192.168.1.5 (192.168.1.5)
Transmission Control Protocol, Src Port: xmpp-client (5222), Dst Port: 39712 (39712), Seq: 1, Ack: 137, Len: 176
Jabber XML Messaging
No. Time Source Destination Protocol Info
21 13.410358 192.168.1.5 216.239.51.125 TCP 39712 > xmpp-client [ACK] Seq=137 Ack=177 Win=6432 Len=0
Frame 21 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 137, Ack: 177, Len: 0El servidor responde indicando las funcionalidades disponibles, nos avisa que el TLS es requerido en este servidor y los mecanismos usados:
No. Time Source Destination Protocol Info
22 13.411482 216.239.51.125 192.168.1.5 Jabber/XML Response: <stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>X-GOOGLE-TOKEN</mechanism></mechanisms></stream:features>
Frame 22 (264 bytes on wire, 264 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 216.239.51.125 (216.239.51.125), Dst: 192.168.1.5 (192.168.1.5)
Transmission Control Protocol, Src Port: xmpp-client (5222), Dst Port: 39712 (39712), Seq: 177, Ack: 137, Len: 210
Jabber XML MessagingNuestro cliente responde con un ACK y envía la solicitud para iniciar TLS con todos los parámetros disponbles del cliente:
No. Time Source Destination Protocol Info
23 13.411525 192.168.1.5 216.239.51.125 TCP 39712 > xmpp-client [ACK] Seq=137 Ack=387 Win=7504 Len=0
Frame 23 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 137, Ack: 387, Len: 0
No. Time Source Destination Protocol Info
24 13.413895 192.168.1.5 216.239.51.125 Jabber/XML Request: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
Frame 24 (105 bytes on wire, 105 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 137, Ack: 387, Len: 51
Jabber XML MessagingEl servidor nos responde y nos indica que podemos proceder con la conexión TLS:
No. Time Source Destination Protocol Info
25 13.570752 216.239.51.125 192.168.1.5 Jabber/XML Response: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
Frame 25 (104 bytes on wire, 104 bytes captured)
Ethernet II, Src: Comtrend_53:fe:4d (00:30:da:53:fe:4d), Dst: CnetTech_72:eb:78 (00:08:a1:72:eb:78)
Internet Protocol, Src: 216.239.51.125 (216.239.51.125), Dst: 192.168.1.5 (192.168.1.5)
Transmission Control Protocol, Src Port: xmpp-client (5222), Dst Port: 39712 (39712), Seq: 387, Ack: 188, Len: 50
Jabber XML MessagingA partir de aquí viene la autenticación, ver cual de nuestros compañeros está conectado,... Pero como ya os habréis imaginado la conexión segura TLS evitará que nos enteremos de lo que se están contando nuestro cliente y el servidor Jabber:
No. Time Source Destination Protocol Info
26 13.571256 192.168.1.5 216.239.51.125 Jabber/XML Request: \200F\001\003\001\000-\000\000\000\020\001\000\200\003\000\200\a\000\300\006\000@\002\000\200\004\000\200\000\000\004\000\376\377\000\000
Frame 26 (126 bytes on wire, 126 bytes captured)
Ethernet II, Src: CnetTech_72:eb:78 (00:08:a1:72:eb:78), Dst: Comtrend_53:fe:4d (00:30:da:53:fe:4d)
Internet Protocol, Src: 192.168.1.5 (192.168.1.5), Dst: 216.239.51.125 (216.239.51.125)
Transmission Control Protocol, Src Port: 39712 (39712), Dst Port: xmpp-client (5222), Seq: 188, Ack: 437, Len: 72
Jabber XML MessagingAsí que el próximo día continuaremos en este punto sin la conexión TLS, para ver que nos depara Jabber/XMPP.
Marcar/Buscar este post con:
- Añadir nuevo comentario
- 648 lecturas
Entradas similares
Lo más visto
Todas las noticias, comentarios y artículos son publicados bajo licencia Creative Commons y son responsabilidad absoluta del editor que los realice. La comunidad Bytecoders no se responsabilizará del contenido escrito por los usuarios. El uso de nuestro sitio web implica la aceptación de los Términos y Condiciones. Bytecoders es posible gracias a Debian, Drupal, Apache, MySQL, PHP y a nuestro servidor
fortune informatica.fortunes -a
qUIEN mE sACO lA tECLA cAPSLOCK/