mirror of
https://codeberg.org/Mercury-IM/Smack
synced 2024-11-22 14:22:05 +01:00
Move TLS Required check at the end of connect()
It was a *very* bad idea to perform the SecurityMode.Required check in
the connection's reader thread and not at the end of
AbstractXMPPConnectin's connect(). :/
This behavior dates back to 8e750912a7
Fixes SMACK-739
This commit is contained in:
parent
fca2f59e08
commit
059ee99ba0
2 changed files with 11 additions and 10 deletions
|
@ -362,6 +362,7 @@ public abstract class AbstractXMPPConnection implements XMPPConnection {
|
||||||
|
|
||||||
// Perform the actual connection to the XMPP service
|
// Perform the actual connection to the XMPP service
|
||||||
connectInternal();
|
connectInternal();
|
||||||
|
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -28,10 +28,9 @@ import org.jivesoftware.smack.SmackException.AlreadyConnectedException;
|
||||||
import org.jivesoftware.smack.SmackException.AlreadyLoggedInException;
|
import org.jivesoftware.smack.SmackException.AlreadyLoggedInException;
|
||||||
import org.jivesoftware.smack.SmackException.NoResponseException;
|
import org.jivesoftware.smack.SmackException.NoResponseException;
|
||||||
import org.jivesoftware.smack.SmackException.NotConnectedException;
|
import org.jivesoftware.smack.SmackException.NotConnectedException;
|
||||||
import org.jivesoftware.smack.SmackException.ConnectionException;
|
|
||||||
import org.jivesoftware.smack.SmackException.SecurityRequiredByClientException;
|
import org.jivesoftware.smack.SmackException.SecurityRequiredByClientException;
|
||||||
|
import org.jivesoftware.smack.SmackException.ConnectionException;
|
||||||
import org.jivesoftware.smack.SmackException.SecurityRequiredByServerException;
|
import org.jivesoftware.smack.SmackException.SecurityRequiredByServerException;
|
||||||
import org.jivesoftware.smack.SmackException.SecurityRequiredException;
|
|
||||||
import org.jivesoftware.smack.SynchronizationPoint;
|
import org.jivesoftware.smack.SynchronizationPoint;
|
||||||
import org.jivesoftware.smack.XMPPException.StreamErrorException;
|
import org.jivesoftware.smack.XMPPException.StreamErrorException;
|
||||||
import org.jivesoftware.smack.XMPPConnection;
|
import org.jivesoftware.smack.XMPPConnection;
|
||||||
|
@ -857,6 +856,14 @@ public class XMPPTCPConnection extends AbstractXMPPConnection {
|
||||||
// Wait with SASL auth until the SASL mechanisms have been received
|
// Wait with SASL auth until the SASL mechanisms have been received
|
||||||
saslFeatureReceived.checkIfSuccessOrWaitOrThrow();
|
saslFeatureReceived.checkIfSuccessOrWaitOrThrow();
|
||||||
|
|
||||||
|
// If TLS is required but the server doesn't offer it, disconnect
|
||||||
|
// from the server and throw an error. First check if we've already negotiated TLS
|
||||||
|
// and are secure, however (features get parsed a second time after TLS is established).
|
||||||
|
if (!isSecureConnection() && getConfiguration().getSecurityMode() == SecurityMode.required) {
|
||||||
|
shutdown();
|
||||||
|
throw new SecurityRequiredByClientException();
|
||||||
|
}
|
||||||
|
|
||||||
// Make note of the fact that we're now connected.
|
// Make note of the fact that we're now connected.
|
||||||
connected = true;
|
connected = true;
|
||||||
callConnectionConnectedListener();
|
callConnectionConnectedListener();
|
||||||
|
@ -897,7 +904,7 @@ public class XMPPTCPConnection extends AbstractXMPPConnection {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void afterFeaturesReceived() throws SecurityRequiredException, NotConnectedException {
|
protected void afterFeaturesReceived() throws NotConnectedException {
|
||||||
StartTls startTlsFeature = getFeature(StartTls.ELEMENT, StartTls.NAMESPACE);
|
StartTls startTlsFeature = getFeature(StartTls.ELEMENT, StartTls.NAMESPACE);
|
||||||
if (startTlsFeature != null) {
|
if (startTlsFeature != null) {
|
||||||
if (startTlsFeature.required() && config.getSecurityMode() == SecurityMode.disabled) {
|
if (startTlsFeature.required() && config.getSecurityMode() == SecurityMode.disabled) {
|
||||||
|
@ -909,13 +916,6 @@ public class XMPPTCPConnection extends AbstractXMPPConnection {
|
||||||
send(new StartTls());
|
send(new StartTls());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// If TLS is required but the server doesn't offer it, disconnect
|
|
||||||
// from the server and throw an error. First check if we've already negotiated TLS
|
|
||||||
// and are secure, however (features get parsed a second time after TLS is established).
|
|
||||||
if (!isSecureConnection() && startTlsFeature == null
|
|
||||||
&& getConfiguration().getSecurityMode() == SecurityMode.required) {
|
|
||||||
throw new SecurityRequiredByClientException();
|
|
||||||
}
|
|
||||||
|
|
||||||
if (getSASLAuthentication().authenticationSuccessful()) {
|
if (getSASLAuthentication().authenticationSuccessful()) {
|
||||||
// If we have received features after the SASL has been successfully completed, then we
|
// If we have received features after the SASL has been successfully completed, then we
|
||||||
|
|
Loading…
Reference in a new issue