No longer possible to use a non-TLS connection with Twisted 19.7.0+

ralphm / wokkel

Wokkel is collection of enhancements on top of the Twisted networking framework, written in Python. It mostly provides a testing ground for enhancements to the Jabber/XMPP protocol implementation as found in Twisted Words, that are meant to eventually move there.

http://wokkel.ik.nu/

MIT License

136 stars 37 forks source link

No longer possible to use a non-TLS connection with Twisted 19.7.0+ #28

Open Juhaz opened 5 years ago

Juhaz commented 5 years ago

As of Twisted 19.7.0, xmlstream.TLSInitiatingInitializer is required by default (as I'm sure you know since you pushed the changes yourself)

Unfortunately Wokkel doesn't expose the functionality in XMPPClient so it's no longer possible to make non-TLS connections at all.

ralphm commented 3 years ago

@juhaz: looking into this, I seem to remember that was more or less intentional. In what circumstances would it be reasonable to have XMPPClient not use TLS?

Juhaz commented 3 years ago

@ralphm we are running a bunch of microservices that are perhaps semantically more like components than "normal" clients but for one reason or another didn't quite fit that mold either. They're running in same internal network as the XMPP server itself so TLS is necessary or helpful.

I understand that this is probably not a very common use-case.

ralphm commented 3 years ago

I guess the use-case itself is not that uncommon. However, for a while now, best practice is to have interconnecting (micro)services use transport encryption. Usually for regulatory compliance and privacy reasons. So I assumed nobody really did that anymore.