Name: Neha Langhe

Roll No:4238
ELECTIVE III:IOT LAB

ASSIGNMENT NO. 7

Problem Statement:
Install, configure XMPP server and deployed an application on Raspberry Pi/Beagle
board/Arduino. Write client applications to get services from the server application.

Hardware Requirements:
Raspberry-pi

Software Requirements:

Rasbian operating system

Objectives:

To learn how to configure XMPP server on Raspberry Pi.

Theory:

WHAT IS XMPP?

XMPP is an open protocol that chat clients and servers use to communicate to each other, the
equivalent of SMTP (the open protocol for email) but for instant messaging.

Ports and communication model

Like SMTP, it is based on a federated client-server model: anyone can run their own server,
clients communicate with the server and the servers pass messages to each other.

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 1

 ELECTIVE III:IOT LAB

Client to server communication uses port 5222.

Server to server communication uses port 5269.

The actual data transfer for XMPP messages is achieved using XML (that's the plain text format
where everything is nested in loads of < and >).

A typical message sent in XML looks something like this:

2 <messagefrom='juliet@example.com' to='romeo@example.net' xml:lang='en'>

3 <body>Art thou not Romeo, and a Montague?</body>

4 </message>

Pros and Cons

XMPP has some strengths, but it also has weaknesses:

Pros

 Many free providers: you can choose to run your own XMPP server, which gives you total
control.
 XMPP is Decentralised: unlike proprietary services like WhatsApp and Blackberry Messenger,
there isn't one single provider in control of the whole network. This ensures that XMPP
continues to serve the needs of its users, since providers cannot introduce anti-features without
users switching to another service.
 Large selection Client and Server software: every platform I can think of has at least one
XMPP and there is a healthy selection of server software to choose from too. You really can

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 2

 ELECTIVE III:IOT LAB

send messages from every device, without arbitrary restrictions imposed for non-technical
reasons (e.g. WhatsApp's decision not to allow installation on tablets).
 Stability of service: XMPP has endured the boom and bust of many proprietary services, and is
likely to endure whatever the next decade throws at it. No company can decide to end XMPP, or
make it paid, or start including adverts in it. When Blackberries were popular, it seemed like
"everyone" used Blackberry Messenger, but then they went out of fashion and everyone switched
to a different platform, with new accounts etc... why bother with all this when you can use one
account that isn't tied to a particular platform or service?
 Flexibility: due to its extensible nature, you can use the XEPs you want to add the features you
want.

Cons

 Not all features are supported everywhere: this is the downside of having an extensible
protocol - for some features to work, your contact has to have a client/server that supports the
XEPs you are trying to use. This is most noticeable in photo sharing; there are many different
ways of sending images, as we will discuss later. However, the XMPP standards foundation does
publish some minimum requirements for compliance in an effort to ensure the most widely used
features are supported by most clients.
 Ensuring message delivery is problematic: there is no mechanism for ensuring messages have
been delivered built in to XMPP. This is probably due in part to the fact that when it was
devised, people using it were on desktop computers with reasonably steady internet connections.
Either the person was online and you talked to them, or they were offline and you didn't. Now
that more and more clients are on smartphones, internet connectivity is less steady and it is easy
to miss messages if your signal comes and goes. Some proprietary IM services like Facebook
chat apparently echo every message back to the server to prove delivery (how wasteful!); XMPP
has solved the problem with various XEPs, but they are not part of the basic standard. The good
news here is that message delivery is mostly a client-server problem, so it can be dealt with in
your prosody configuration.

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 3

 ELECTIVE III:IOT LAB

 Not popular: it's unlikely that your friends already use XMPP or even know what it is. A good
rule of thumb is that the more someone knows about Free Software, the more likely they are to
use it. Whether you can persuade them to use it or not is down to you.
 Volatile relationship with for-profit organisations: Google and Facebook both supported
XMPP, once upon a time, but they have since dropped (or are dropping) that support. In fact,
Google Hangouts and Facebook Messenger are both based on XMPP. Recommending XMPP
because "company X provides an XMPP gateway to their proprietary service" is a dangerous
game - it seems like this is only something that companies do when they are trying to attract
users. Once they have enough users, the financial incentive always favours the vendor-lockin
approach, and XMPP support is dumped or not updated.
 Development can be slow: while proprietary messaging services have a strong incentive to
innovate and add new features to attract users, the inter-operability problem with XMPP clients
and servers means new features are added slowly, often only when a few popular projects get
organised and decide to support it together. The Android client Conversations is an exception
here, continually pushing the boundaries by supporting new XEPs that benefit mobile users -
more on that later.

Installing Prosody:

There are a few different branches of prosody. The current stable branch is 0.9 and the
development branch is 0.10. If you install straight from the repository in Raspbian or Ubuntu
you'll get 0.9, but some of the modules required to support newer XEPs that are important for
mobile require version 0.10.

So, the first thing we need to do is add the Prosody repository to get v0.10. The repository
contains packages for many different release codenames of Debian and Ubuntu. You can find out
which one you need by running:

Now update the packages list:

$sudo apt-get update

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 4

 ELECTIVE III:IOT LAB

$sudo apt-get install prosody-0.10

Initial Testing

Verify that Prosody is running

The default prosody configuration should "just work" - the server should be running, but we
haven't added any users yet. Verify it's running using systemctl:

$sudo systemctl status prosody

Prosody also comes with its own utility for controlling the XMPP server,
called prosodyctl (similar to Apache's apachectl). You can also check the status of prosody
using this tool like so:

$sudo prosody ctl status

Prosody is running with PID 30482

When I wrote this tutorial originally, I used prosodyctl to start, stop and restart prosody
throughout the tutorial. Thanks to some feedback and advice from Prosody developer Zash, I
have changed the tutorial to use the command service, which abstracts the relevant command for
whichever init system you are using (e.g. systemctl for systems running systemd). Apparently
mixing the two is a bad idea, because they control the service in different (and somewhat
incompatible) ways.

Make a simple client to server connection

As mentioned previously, XMPP servers listen for client to server connections on port 5222 and
server to server connections on port 5269. If you used the mail server tutorial I wrote, you'll
remember we tested the server by sending commands using telnet. I found some useful XMPP
tests here.

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 5

 ELECTIVE III:IOT LAB

Here's a simple connection request using XML, which requests a client-to-server (C2S)
connection for the hostname 'localhost':

<?xmlversion="1.0"?>
1
<stream:streamxmlns:stream="http://etherx.jabber.org/streams"version="1.0"xmlns="jabber:client"to="localhost"xml:lang="en"
2
xmlns:xml="http://www.w3.org/XML/1998/namespace">

Open a C2S connection to prosody using telnet:

$telnet localhost 5222

<?xmlversion='1.0'?>
1
<stream:streamxmlns:stream='http://etherx.jabber.org/streams'xml:lang='en'from='localhost'id='9ea2578f-
2
c696-49fd-bc70-f51d05a2e444'version='1.0'xmlns='jabber:client'>
3
<stream:features>
4
<starttlsxmlns='urn:ietf:params:xml:ns:xmpp-tls'>
5
<required/>
6
</starttls>
7
</stream:features>

Here the server is declaring that all connections must use STARTTLS, a method of upgrading
plaintext connections to encrypted connections using SSL/TLS - more on that later!

The default prosody config file is set up to serve requests on the local server (localhost) only. If
you change the to="localhost" part of the data you send to something like to="foo.com", you will
get a different response from the server similar to this:

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 6

 ELECTIVE III:IOT LAB
<?xmlversion='1.0'?>
1
<stream:streamxmlns:stream='http://etherx.jabber.org/streams'xml:lang='en'from='ya.ru'id='2f42fd30-
2
034e-4c1e-9d0e-c2bef7da0e27'version='1.0'xmlns='jabber:client'>
3
<stream:error>
4
<host-unknownxmlns='urn:ietf:params:xml:ns:xmpp-streams'/>
5
<textxmlns='urn:ietf:params:xml:ns:xmpp-streams'>This server does not serve foo.com</text>
6
</stream:error>
7
</stream:stream>

One of the things we will do in the course of this tutorial is to add a virtualhost (again,
terminology that will be familiar to apache users) to the prosody configuration, allowing it to
have multiple configurations for different domains.

VirtualHost "yourdomain.com"

enabled = true

Connecting with XMPP clients

There are a number of things we need to do before we can connect with a proper XMPP client.

Create some real users and add yourself as an admin

Create a username for yourself, and possibly another username if you want to test sending
messages to yourself using two different clients:

$sudoprosodyctladduser you@yourdomain.com

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 7

 ELECTIVE III:IOT LAB

In the prosody config file, find the admins block and change it so that your username is added as
an admin for the server e.g.:

admins = { "you@yourdomain.com" }

Being an administrator allows you to do certain things from a XMPP client like create new chat
rooms, set a message of the day etc, if your XMPP client supports this.

DNS records

The only record you really need for DNS to work is a DNS A record for whichever hostname
your Jabber ID is using (i.e. example.com for foo@example.com), which maps that domain
name to the WAN IP address of your server.

If you already have a DNS A record for example.com pointing to a server at a different IP
address, you can use SRV records (XMPP's equivalent of MX records for SMTP) to tell clients
and servers to use a subdomain for XMPP. SRV records can be created with your DNS provider.
You may want to create SRV records even if you have a very simple setup, because it's good
practice.

Here are some example SRV records that tell clients and servers wanting to connect to the
XMPP server responsible for @yourdomain.comaddresses to the
subdomain xmpp.yourdomain.com. In this case, the subdomain xmpp.yourdomain.com would
need its own DNS A record.

_xmpp-client._tcp.example.com. 18000 IN SRV 0 5 5222 xmpp.yourdomain.com.

_xmpp-server._tcp.example.com. 18000 IN SRV 0 5 5269 xmpp.yourdomain.com.

To test retrieving these records, we can use a commandline tool called dig, which is in
the dnsutils package. First, install dig:

sudo apt-get update

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 8

 ELECTIVE III:IOT LAB

sudo apt-get install dnsutils

To retrieve a DNS A record, use:

dig yourdomain.com

If you want a more compact answer from dig that removes all of the extra information returned
in a query, then use:

dig +noall +answer yourdomain.com

The +noall option turns off all of the sections in the query result, and the +answer option turns
the answer back on.

You should see something like this:

$ dig +noall +answer samhobbs.co.uk

samhobbs.co.uk. 32195 IN A 195.166.151.235

To retrieve a SRV record, use:

dig +noall +answer srv _xmpp-client._tcp.yourdomain.com

You should see something like this:

$ dig +noall +answer srv _xmpp-client._tcp.samhobbs.co.uk

_xmpp-client._tcp.samhobbs.co.uk. 1369 IN SRV 10 5 5222 samhobbs.co.uk.

Enabling WAN access

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 9

 ELECTIVE III:IOT LAB

So far, we have been connecting locally to test the server. Before youcan start connecting some
real client applications, you need to forward some ports on your router to make the server
accessible from the internet.

Navigate to your router's control panel (usually at 192.168.1.1 or 192.168.0.1). If you don't know
your router's IP address, use the route command:

$ route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eno1

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1

The G in flags tells us that the first line is the gateway. Add the following port forwards to your
server:

 Port 5222 for client to server connections

 Port 5269 for server to server connections (you can skip this if you don't want to be able to send
messages to users on different servers).

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 10

 ELECTIVE III:IOT LAB

Install an XMPP client

Jabber Client

On other device install some Jabber client and try to connect to this account. Everything should
work. It is not common to use admin account for messaging, create another account, for example
via Pidgin.

Creating new Jabber account

If you choose to not allow registration of new acconts, you will have to create all accounts in
command line. use this commands, they are quite self-explanationary.
prosodyctladduser user@domain.com # adds a new user
prosodyctldeluser user@domain.com # deletes an existing account
prosodyctlpasswd user@domain.com # change password to existing account
Now you should be able to send messages to people from other domains, not only yours .
NOTE: If you are using standard ports for Jabber server you do not have to set this. If you
changed default ports, you will have to set SRV DNS records.

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 11

 ELECTIVE III:IOT LAB

_xmpp-server._tcp.domain.com. IN SRV 0 0 5269 hostname.

_xmpp-client._tcp.domain.com. IN SRV 0 0 5222 hostname.
_jabber._tcp.domain.com. IN SRV 0 0 5269 hostname.

There are 3 records, first is port for server to server communication, second is for client to server
communication. Third is only for backwards compatibility, set there the same port as in server to
server statement.
NOTE2: In client to server communication is used asymetric certificate. Its keys are
automaticaly generated at installation, but you can also get validated certificates for your Jabber
server from StartSSL for free.

Users and Passwords

Prosody users
Admins - bnj@192.168.1.7 bnj@123
test test1234

Conclusion:

We have studied installation and configuration XMPP Server on Raspberry Pi.

JSPM’s BSIOTR,Wagholi IT DEPARTMENT 12