Tuesday, July 08, 2008

Tunneling Eclipse Communication Framework and GTalk with proxytunnel

This article explains how you can use the GTalk connectivity of the Eclipse Communication Framework (ECF) via a HTTP tunnel (e.g. proxytunnel). This might come in handy in case you are behind a proxy that does not allow connections to talk.google.com, port 5222. Furthermore, ECF uses the Smack API, which does not support the use of a network proxy (yet). The article is targeted at a Unix audience.

Let us assume that our remote host to which we will connect using ssh on port 443 in order to setup the tunnel is called tunneltarget (e.g. IP address 1.2.3.4) and that the network proxy is called yourproxy and runs on port 80. Now our ~/.ssh/config would look like this:

host tunneltarget
    ProtocolKeepAlives 30
    ProxyCommand /location/of/proxytunnel -p yourproxy:80 -d 1.2.3.4:443
    LocalForward 5222 talk.google.com:5222

Obviously you will have to replace tunneltarget with whatever alias you would like, /location/of with the true location where you have installed proxytunnel and yourproxy:80 with the true hostname/ IP address and port number of you HTTP proxy. The LocalForward directive opens a socket on localhost that listens on port 5222 and forwards to talk.google.com, port 5222, via the tunneltarget (your ssh server). You can now start the tunnel (where userid is your user on your ssh server):

ssh userid@tunneltarget

Unfortunately this is not enough to be able to sign in to GTalk with ECF. ECF requires you to enter your GMail ID (e.g. youruser@gmail.com) and I think it uses this single string for both authentication and the GTalk server's hostname to connect to. This means that if you enter youruser@gmail.com, you will not be able to connect, and if you use youruser@localhost, you will not be able to sign in to GTalk. I could not get any combination (@localhost, @gmail.com, @talk.google.com) to work.

The only way I got it to work was by pointing talk.google.com to 127.0.0.1 in /etc/hosts. One could setup a "Location" (as it is called in Ubuntu) with specific network settings such as specific hosts file contents for that location. Once talk.google.com is rerouted to localhost, you can use the following connect string to connect ECF with GTalk:

youruser@gmail.com

This is a bit of a kludge, so lets hope the Smack API will have proxy support very soon.


Posted by at
Labels: , , ,

1 comment:

Anonymous said...

Interesting story you got here. It would be great to read more concerning this theme. The only thing that blog misses is a few photos of some gizmos.
Alex Kripke
Phone Blocker

5:35 AM

Post a Comment

Subscribe to: Post Comments (Atom)