1
0
Fork 0
mirror of https://github.com/vanitasvitae/Smack.git synced 2024-11-30 07:52:06 +01:00

1. Allow to perform SASL authentication over plain connections. SMACK-83

2. Added support for ANONYMOUS SASL authentication. SMACK-84
3. Fixed isSecureConnection to return true when using TLS.

git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@2785 b35dd754-fafc-0310-a699-88a17e54d16e
This commit is contained in:
Gaston Dombiak 2005-09-05 22:06:40 +00:00 committed by gato
parent 391e7269e6
commit 2303fa33c9

View file

@ -22,23 +22,25 @@ package org.jivesoftware.smack;
import org.jivesoftware.smack.debugger.SmackDebugger; import org.jivesoftware.smack.debugger.SmackDebugger;
import org.jivesoftware.smack.filter.PacketFilter; import org.jivesoftware.smack.filter.PacketFilter;
import org.jivesoftware.smack.filter.PacketIDFilter;
import org.jivesoftware.smack.filter.PacketTypeFilter; import org.jivesoftware.smack.filter.PacketTypeFilter;
import org.jivesoftware.smack.packet.*; import org.jivesoftware.smack.packet.Message;
import org.jivesoftware.smack.packet.Packet;
import org.jivesoftware.smack.packet.Presence;
import org.jivesoftware.smack.packet.XMPPError;
import org.jivesoftware.smack.util.StringUtils; import org.jivesoftware.smack.util.StringUtils;
import javax.net.SocketFactory; import javax.net.SocketFactory;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocket;
import java.io.*; import java.io.*;
import java.lang.reflect.Constructor;
import java.lang.ref.WeakReference; import java.lang.ref.WeakReference;
import java.lang.reflect.Constructor;
import java.net.Socket; import java.net.Socket;
import java.net.UnknownHostException; import java.net.UnknownHostException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.HashMap;
/** /**
* Creates a connection to a XMPP server. A simple use of this API might * Creates a connection to a XMPP server. A simple use of this API might
@ -334,7 +336,9 @@ public class XMPPConnection {
/** /**
* Logs in to the server using the strongest authentication mode supported by * Logs in to the server using the strongest authentication mode supported by
* the server. An available presence may optionally be sent. If <tt>sendPresence</tt> * the server. If the server supports SASL authentication then the user will be
* authenticated using SASL if not Non-SASL authentication will be tried. An available
* presence may optionally be sent. If <tt>sendPresence</tt>
* is false, a presence packet must be sent manually later. If more than five seconds * is false, a presence packet must be sent manually later. If more than five seconds
* (default timeout) elapses in each step of the authentication process without a * (default timeout) elapses in each step of the authentication process without a
* response from the server, or if an error occurs, a XMPPException will be thrown. * response from the server, or if an error occurs, a XMPPException will be thrown.
@ -361,7 +365,7 @@ public class XMPPConnection {
username = username.toLowerCase().trim(); username = username.toLowerCase().trim();
String response = null; String response = null;
if (usingTLS) { if (saslAuthentication.hasNonAnonymousAuthentication()) {
// Authenticate using SASL // Authenticate using SASL
response = saslAuthentication.authenticate(username, password, resource); response = saslAuthentication.authenticate(username, password, resource);
} }
@ -423,30 +427,19 @@ public class XMPPConnection {
throw new IllegalStateException("Already logged in to server."); throw new IllegalStateException("Already logged in to server.");
} }
// Create the authentication packet we'll send to the server. String response = null;
Authentication auth = new Authentication(); if (saslAuthentication.hasAnonymousAuthentication()) {
response = saslAuthentication.authenticateAnonymously();
PacketCollector collector =
packetReader.createPacketCollector(new PacketIDFilter(auth.getPacketID()));
// Send the packet.
packetWriter.sendPacket(auth);
// Wait up to a certain number of seconds for a response from the server.
IQ response = (IQ) collector.nextResult(SmackConfiguration.getPacketReplyTimeout());
if (response == null) {
throw new XMPPException("Anonymous login failed.");
}
else if (response.getType() == IQ.Type.ERROR) {
throw new XMPPException(response.getError());
}
// Set the user value.
if (response.getTo() != null) {
this.user = response.getTo();
} }
else { else {
this.user = this.serviceName + "/" + ((Authentication) response).getResource(); // Authenticate using Non-SASL
response = new NonSASLAuthentication(this).authenticateAnonymously();
} }
// We're done with the collector, so explicitly cancel it.
collector.cancel(); // Set the user value.
this.user = response;
// Update the serviceName with the one returned by the server
this.serviceName = StringUtils.parseServer(response);
// Anonymous users can't have a roster. // Anonymous users can't have a roster.
roster = null; roster = null;
@ -563,12 +556,13 @@ public class XMPPConnection {
} }
/** /**
* Returns true if the connection is a secured one, such as an SSL connection. * Returns true if the connection is a secured one, such as an SSL connection or
* if TLS was negotiated successfully.
* *
* @return true if a secure connection to the server. * @return true if a secure connection to the server.
*/ */
public boolean isSecureConnection() { public boolean isSecureConnection() {
return false; return isUsingTLS();
} }
/** /**
@ -975,35 +969,30 @@ public class XMPPConnection {
* existing plain connection and perform a handshake. This method won't return until the * existing plain connection and perform a handshake. This method won't return until the
* connection has finished the handshake or an error occured while securing the connection. * connection has finished the handshake or an error occured while securing the connection.
*/ */
void proceedTLSReceived() { void proceedTLSReceived() throws Exception {
try { SSLContext context = SSLContext.getInstance("TLS");
SSLContext context = SSLContext.getInstance("TLS"); // Accept any certificate presented by the server
// Accept any certificate presented by the server context.init(null, // KeyManager not required
context.init(null, // KeyManager not required new javax.net.ssl.TrustManager[]{new OpenTrustManager()},
new javax.net.ssl.TrustManager[] { new OpenTrustManager() }, new java.security.SecureRandom());
new java.security.SecureRandom()); Socket plain = socket;
Socket plain = socket; // Secure the plain connection
// Secure the plain connection socket = context.getSocketFactory().createSocket(plain,
socket = context.getSocketFactory().createSocket(plain, plain.getInetAddress().getHostName(), plain.getPort(), true);
plain.getInetAddress().getHostName(), plain.getPort(), true); socket.setSoTimeout(0);
socket.setSoTimeout(0); socket.setKeepAlive(true);
socket.setKeepAlive(true); // Initialize the reader and writer with the new secured version
// Initialize the reader and writer with the new secured version initReaderAndWriter();
initReaderAndWriter(); // Proceed to do the handshake
// Proceed to do the handshake ((SSLSocket) socket).startHandshake();
((SSLSocket)socket).startHandshake();
// Set that TLS was successful // Set that TLS was successful
usingTLS = true; usingTLS = true;
// Set the new writer to use // Set the new writer to use
packetWriter.setWriter(writer); packetWriter.setWriter(writer);
// Send a new opening stream to the server // Send a new opening stream to the server
packetWriter.openStream(); packetWriter.openStream();
}
catch (Exception e) {
packetReader.notifyConnectionError(e);
}
} }
} }