Published: 2015-06-28 15:59:47 by Daniele Ricci

You waited for it and finally here we are: version 3.0 is out.

On 2015-06-14, Kontalk 3.0 hit the Play Store (F-Droid a few days later). There are still a few rough edges, most of them fixed in today's new release 3.0.1, but XMPP is finally there.
I've decided to release maintenance releases every 15-20 days (at least I will try) and I'm already working at group chat which will be coming in version 3.1. I've set its milestone to August, 2nd, but I really doubt I'll make it for that exact date (maybe an alpha version).

In the meantime, Kontalk is now translated into 13 languages (!!!) and the Play Store listing have been translated into 7 languages. I want to thank all the translators — which have been properly credited of course in the new credits section of the app — for the hard work they are doing of improving our favourite app!

A nice news is our wiki, hosted at GitHub and reachable also from within the app by using the Help item in Kontalk settings. Many pages were born in the last week and, with the help of the translators, most of them are already translated into Italian, Dutch and German. Since it's a wiki, anyone can contribute to them. You are welcome to create a GitHub account and improve or fix any page.

The desktop client is also doing great lately: much has improved in the last two months and more is coming. You now have two ways of using Kontalk on your PC. If you have Linux, you can try our Pidgin plugin for limited functionality. Our official desktop client instead supports pretty much all the features of Kontalk.

Last but not least, our donors: their continued efforts and donations keep the Kontalk project running and shining. Thank you!!

Published: 2014-08-31 17:41:04 by Daniele Ricci
WARNING! Version 3.0 is not compatible with version 2.x, meaning that users from both versions will not be able to chat with each other. However, the upgrade from 2.2.9 to 3.0 will keep your messages intact.

You've been waiting for it for a very long time, here we are at last, announcing the first beta release of Kontalk 3.0. There was a lot of work behind this release and I hope it will work well enough and meet your expectations.

For people coming from the 2.x series, there is a lot of new stuff in this version:

  • new XMPP protocol
  • full PGP asymmetric encryption
  • invitation system and blocking users
  • media encryption
  • new full set of emojis by Emojicon

A complete changelog is available on the GitHub release page here (although this changelog is from version alpha7):

https://github.com/kontalk/androidclient/releases/tag/v3.0-beta1

This new release is already available on Google Play beta channel and will be available on F-Droid very soon. F-Droid users will need no special action, however Google Play users are required to either join the Kontalk Android client community1 on Google+ or subscribe to the kontalk-devel2 or kontalk-users3 groups. Once you've done that, go to this page:

https://play.google.com/apps/testing/org.kontalk

And click become a tester. Wait a few hours and you'll have the update straight on Google Play.

Published: 2014-02-26 18:41:50 by Daniele Ricci

WARNING this post is outdated. Please refer to this page.

It's been some weeks since I've been able to use Kontalk XMPP from my notebook, using a custom Python script to remedy for the lack of client certificate authentication in Pidgin. The code was very ugly (it still is) and had hard-coded values.
So I decided to fix it a bit and release it in the public domain. You can find the script in the xmppserver repository (download link). You'll need Twisted to run it.

user@host:~/kontalk/xmppserver/test$ ./ssl_bridge.py -h
usage: ssl_bridge.py [-h] [-d] [-p PORT] --domain DOMAIN -c CERTIFICATE -k
                     PRIVATEKEY
                     address

An XMPP bridge for clients not supporting SSL client certificate
authentication.

positional arguments:
  address               forward connections to this host (host:port)

optional arguments:
  -h, --help            show this help message and exit
  -d, --debug           enable debug output
  -p PORT, --port PORT  listen for local connections on this port (default:
                        5224)
  --domain DOMAIN       use this domain for stream initialization
  -c CERTIFICATE, --certificate CERTIFICATE
                        X.509 certificate file
  -k PRIVATEKEY, --privatekey PRIVATEKEY
                        X.509 private key file

ssl_bridge.py is basically a tunnel that masks the STARTTLS process by doing its own SSL handshake using a provided client certificate and private key.

The first thing you have to do is to export the client certificate and private key from your device. Of course you have to register to Kontalk first if you haven't done it yet. Open Kontalk, press menu > Settings > Export personal key. This will create four files on your SD card:

  • kontalk-login.crt
  • kontalk-login.key
  • kontalk-private.pgp
  • kontalk-public.pgp

Transfer the two highlighted files to your computer. Then you'll need to convert them to an appropriate format using the following commands:

openssl x509 -inform der -outform pem -in kontalk-login.crt -out kontalk-login.pem
openssl rsa -inform der -outform pem -in kontalk-login.key -out kontalk-login.rsa

Your certificate and private key are ready for use!

Start the SSL bridge script:

./ssl_bridge.py -p 5224 --domain kontalk.net -c kontalk-login.pem -k kontalk-login.rsa beta.kontalk.net:5222

This will start to listen on port 5224 which will be forwarded to beta.kontalk.net:5222 after STARTTLS have been negotiated.

Now it's time to configure your favourite XMPP client. We will take Pidgin as an example but the configuration is pretty much the same.
Create a new XMPP account using these parameters:

  • username: dummy (doesn't matter actually)
  • domain: kontalk.net
  • password: dummy (doesn't matter)
  • check Remember password
  • connection security: Use encryption if available
  • check Allow plaintext auth over unencrypted streams
  • connect port: 5224
  • connect server: localhost

And there you go!!! Connect your account and you will see buddies with strange codes. Those are your buddies hashed phone numbers. You'll have to recognize each one by talking to them, sorry. You can then rename your buddies accordingly, Pidgin will keep track of the names.

Please note that encrypted messages are not supported by Pidgin and you'll have to tell your buddies to disable encryption when they talk to you (you won't receive anything otherwise).
Also delivery confirmations are not supported, so your buddy will not see his/her messages confirmed. The only way to confirm them is to open Kontalk from Android. You will receive all the unconfirmed messages again and the app will confirm them.

The SSL bridge script is still not perfect, if you have any problem please report them to the Kontalk issue tracker.

Published: 2014-02-12 10:22:23 by Daniele Ricci

We are glad to announce that we've just entered alpha testing! Click here for the announcement on kontalk-devel. Being this an initial alpha release, it contains a lot of new features but also a lot of bugs. It might also blow up your phone.
Alpha release is public, but please note that some skills are required for being a good tester: you might be asked to generate system log dumps, possibly extract system files and stuff like that. Please wait for beta if you think you don't have time to spare or some basic Android skills.

This alpha introduces the use of XMPP with the original package name org.kontalk. Some highlights:

  • you will not be able to chat with Kontalk 2.x users until they upgrade
  • invitation system: no more automatic subscriptions. Although there is a privacy setting regulating this, XMPP normal presence subscription flow is used
  • XMPP compression is not enabled yet, so this version will require more bandwidth than "normal" thus more energy
  • you will be asked for your name at the first chance you open the new app. That will be the name that will be used in your PGP key uid

A lot of stuff is still missing: media messages (e.g. images) are not available yet. You can see a list of changes planned for alpha2 here.

I want to thank Christian Braun which has kindly donated a mirror for Kontalk releases and other stuff: https://kontalk.raunz.name/files/.
Despite of what I said in the release announcement, we are not hosting releases on Google Drive any more. Mirrors are listed in the downloads page on Google Code.

Published: 2014-01-31 14:56:21 by Daniele Ricci

We are almost there. There are still a few more things left, but the big tasks have been completed. As you can see from the git log these last days have been very full of work for me.

In the last two weeks Kontalk XMPP client has grown really fast, still I'm not yet sure what the date of the first alpha release will be. I'd like to say the 9th, but there is still a big open point about a possible bug on Android versions 2.x in its SSL implementation which is quite critical for successful login to the XMPP server1.

The first alpha version will have a basic invitation system, enhanced PGP encryption featuring 2048-bit RSA keys (GnuPG not ready for ECC yet, sorry), typing notifications, a new Emoji input mode, a lot of other performance improvements and bugfixes not found in the 2.x series.

The only thing missing will be attachments: there are still some things left to do server-side, so the "buttons" will be available but they will not work at first. Also blocking a user will not be available in this first alpha release.

In the mean time, I'm working together with the XMPP standards team to write a push notifications XEP draft which is being discussed these days also at the XMPP summit at FOSDEM (which I unfortunately couldn't attempt to).

Stay tuned.


  1. after recent tests I can confirm that the issue can't be reproduced.