git-annex/doc/design/assistant/blog/day_123__xmpp_insanity.mdwn

Spent about 5 hours the other night in XMPP hell. At every turn Google Talk
exhibited behavior that may meet the letter of the XMPP spec (or not), but
varies between highly annoying and insane.

By "insane", I mean this: If a presence message is directed from one client
to another client belonging to that same user, randomly leaking that message
out to other users who are subscribed is just a security hole waiting to
happen. 

Anyway, I came out of that with a collection of hacks that worked, but I
didn't like. I was using directed presence for buddy-to-buddy pairing, and
an IQ message hack for client-to-client pairing. 

Today I got chat messages working instead, for both sorts of pairing. These
chat messages have an empty body, which *should* prevent clients from
displaying them, but they're sent directed to only git-annex clients
anyway.

----

And XMPP pairing 100% works now! Of course, it doesn't know how to git pull
over XMPP yet, but everything else works.

Here's a real `.git/config` generated by the assistant after XMPP pairing.

	[remote "joey"]
	        url = 
	        fetch = +refs/heads/*:refs/remotes/joey/*
	        annex-uuid = 14f5e93e-1ed0-11e2-aa1c-f7a45e662d39
	        annex-xmppaddress = joey@kitenet.net 

----

Fixed a typo that led to an infinite loop when adding a ssh git repo with the
assistant. Only occurred when an absolute directory was specified, which 
is why I didn't notice it before.

----

Security fix: Added a `GIT_ANNEX_SHELL_DIRECTORY` environment variable that
locks down git-annex-shell to operating in only a single directory. The
assistant sets that in ssh `authorized_keys` lines it creates. This
prevents someone you pair with from being able to access any other git or
git-annex repositories you may have.

----

Next up, more craziness. But tomorrow is Nov 6th, so you in the US already
knew that..
blog for the day 2012-11-05 21:47:25 +00:00			`Spent about 5 hours the other night in XMPP hell. At every turn Google Talk`
			`exhibited behavior that may meet the letter of the XMPP spec (or not), but`
			`varies between highly annoying and insane.`

			`By "insane", I mean this: If a presence message is directed from one client`
			`to another client belonging to that same user, randomly leaking that message`
			`out to other users who are subscribed is just a security hole waiting to`
			`happen.`

			`Anyway, I came out of that with a collection of hacks that worked, but I`
			`didn't like. I was using directed presence for buddy-to-buddy pairing, and`
			`an IQ message hack for client-to-client pairing.`

			`Today I got chat messages working instead, for both sorts of pairing. These`
			`chat messages have an empty body, which should prevent clients from`
			`displaying them, but they're sent directed to only git-annex clients`
			`anyway.`

			`----`

			`And XMPP pairing 100% works now! Of course, it doesn't know how to git pull`
			`over XMPP yet, but everything else works.`

			Here's a real `.git/config` generated by the assistant after XMPP pairing.

			`[remote "joey"]`
			`url =`
			`fetch = +refs/heads/:refs/remotes/joey/`
			`annex-uuid = 14f5e93e-1ed0-11e2-aa1c-f7a45e662d39`
			`annex-xmppaddress = joey@kitenet.net`

			`----`

			`Fixed a typo that led to an infinite loop when adding a ssh git repo with the`
			`assistant. Only occurred when an absolute directory was specified, which`
			`is why I didn't notice it before.`

			`----`

			Security fix: Added a `GIT_ANNEX_SHELL_DIRECTORY` environment variable that
			`locks down git-annex-shell to operating in only a single directory. The`
			assistant sets that in ssh `authorized_keys` lines it creates. This
			`prevents someone you pair with from being able to access any other git or`
			`git-annex repositories you may have.`

			`----`

			`Next up, more craziness. But tomorrow is Nov 6th, so you in the US already`
			`knew that..`