The XMPP protocol is analyzed through Wireshark packet capture. The following uses the Renren desktop version to demonstrate the XMPP client's process from logging on to getting new things. It is easier to understand the Protocol by analyzing specific data packets.
Step1.tcpEstablish a connection using a three-way handshake
Figure 1. XMPP client uses port 5222 to set SYN request connection
Figure 2. The server returns ACK, confirms the request, and sets the SYN request connection.
Figure 3. The client confirms the server connection request and the connection is established.
Step2.Client request, server response.
Figure 4. The client sends a Jabber/X Request request,
The client initializes the stream to the server.
Figure 5. The server returns Jabber/X response, and the server sends a stream tag to the client as a response
Figure 5.5 the server sends the starttls range to the client (including the authentication mechanism and any other stream features)
Figure 6. Send a request from the client Request to use transport layer encryption protocol [TLS]
Figure 7. Server Response, return Element, confirm transmission Encryption
Figure 8. Subsequent requests, data encrypted
Figure 9. After the response, the returned data is encrypted.
In this packet capture analysis, we can see that the security of XML documents is guaranteed, and encrypted data cannot be seen. , , Next time, we will analyze the open-source Jabber Client.