Quick summary of last week

Last week I was refactoring TLS code in gajim to fit the new architecture. Debugging of XMPP over TLS on 5223 and 5222 (with negotiation) wasn't difficult because wrappers for python stdlib ssl and pyopenssl are well designed (by dkirov I think). Now I'm on securing the HTTP connections which can be non-persistent and thus more prone to error occurrence. Good handling of various TCP and SSL errors is needed.

As for the persistent connections, it's hard to categorize Connection Manager implementations because there can be different types of HTTP server on the other end - Connection Manager, proxy or port forwarding HTTP server. This calls for robust implementation of HTTP connections and for separating the HTTP from XMPP stream.

Also, I have fixing a bug Asterix discovered - authentication to ejabberd hangs when it doesn't follow immediately after init response. More info here. I believe it's an ejabberd issue because the traffic scenario is consistent with the XEP and it works with Openfire. For now I supressed sending empty bodies until some authentication module is plugged, which will result in inactivity timeout when the delay is too long. I will check with Tigase and Punjab as soon as I manage to install them.