incubator-wave-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yuri Z <vega...@gmail.com>
Subject Re: Federation: Failed to verify signer info & Unknown signer for waveinabox.net
Date Sun, 31 Aug 2014 20:35:23 GMT
Yeah, federation is not something we ever worked on, it's more or less as
it was in fedone. Anyway, wave is not ready enterprise use yet for more
reasons.


On Sun, Aug 31, 2014 at 11:31 PM, Yuri Z <vega113@gmail.com> wrote:

> The certificates for waveinabox.net are outdated, so no wonder there's
> problem. Even if you hacked your server, there's still verification on
> waveinabox.net which probably causes problems.
> I'm  in the process of re-structuring the wave server deployment for
> waveinabox.net so don't have the time to fix it right now. Hopefully,
> when I ll get finished I ll have fully automatic script that sets up wave
> with solr/mongodb/gadgets server/prosody/fedearation config and supervisor
> to start all these as daemons. Btw, right now I already have rundeck job
> that sets up wave server with supervisor/solr/mongo from scratch on debian.
> I can share it if anyone interested.
>
>
> On Sun, Aug 31, 2014 at 11:17 PM, Silicon Dragon <sdrinf@gmail.com> wrote:
>
>> Having federation up&running (see previous email), I'm currently running
>> tests federating with the other 2 wave servers.... with varying results.
>> Specifically:
>>
>> * Federating with waveinabox.net: upon first delta, I received a failure
>> to
>> validate cert info; this seems to be either due to lack of SSL, or lack of
>> cert caching. Full stackdump at http://pastebin.com/S71UXg4V .
>> * Hacking WaveSignatureVerifier.java  & removing all signature verifying
>> operation resulted in successful(!) federation IF, and only IF the wave
>> resides on waveinabox.net, but not vica versa. Deltas go both way,
>> though,
>> and I can access waves to which I was added to on WIAB from local server.
>>
>> Relevant questions:
>> * What's the security policy on accessing "public" waves (ie those shared
>> with @waveinabox.net) remotely? Is there a way to query for that?
>>
>> * Federating with wave-dev.alown.co.uk was met with zero success;
>> specifically, it fails to discover the relevant wave service:
>>
>> Aug 31, 2014 8:13:02 PM org.waveprotocol.wave.federation.xmpp.RemoteDisco
>> finish
>> INFO: Could not discover remote JID: error_code: UNDEFINED_CONDITION
>>  for wave-dev.alown.co.uk
>> Aug 31, 2014 8:13:02 PM
>> org.waveprotocol.box.server.waveserver.WaveletNotificationDispatcher$2
>> onFailure
>> WARNING: delta update failure: error_code: RESOURCE_CONSTRAINT
>> error_message: "error_code: UNDEFINED_CONDITION\n"
>>
>> Relevant question: What's the policy on servers federating, in general? To
>> give an analogy, what good is an SMTP service, if you can only send emails
>> to host-local users with it?
>>
>>
>> -SDr
>>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message