[gnutls-devel] gnutls-cli vs service name

James Cloos cloos at jhcloos.com
Sun May 7 17:05:38 CEST 2017

>>>>> "NM" == Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

JC>> I tried to use gnutls-cli to test out my xmpp server, but was unable to
JC>> do so because the --starttls-proto=xmpp support uses the server name in
JC>> the jabber:client bit of xml rather than a service name.

JC>> And the server vs service issue is more generic.  All of the SRV protos
JC>> of course require supplying both service and server, but even https can
JC>> need both, such as when testing a new server before switching the A RRs.

JC>> How do you feel about a --service-name option?  Or maybe just --service?

NM> Would that be useful on any other option than xmpp? If it is only
NM> related with xmpp, would the option of using
NM> --starttls-proto=xmpp:service work?

I see startls support for sip is missing (as are postgres and rfc2817),
so for now xmpp is the only SRV protocol.  But as I (and a followup)
mentioned, there are times when one needs to pass a different name for
tls than one needs for dns.

For xmpp, --starttls-proto=xmpp:service is enough.

But a more general option remains welcome.

James Cloos <cloos at jhcloos.com>         OpenPGP: 0x997A9F17ED7DAEA6

More information about the Gnutls-devel mailing list