Prior to this change, Smack processes each RosterPacket (which is not of
type IQ.Type.RESULT) as a roster result.
Any other client on the XMPP network can send such a packet (not only
our server). This allows a malicious party to overwrite our Roster.
This patch changes smack so that a RosterPacket is discarded if it is
not a reply to a roster request.
In the absence of checks on the from address, it is possible for other
clients to fake an answer to an IQ request.
This commit adds an IQReplyFilter, which drops all packets which are not
a valid reply to an IQ request. In particular, it checks for packet id,
from address and packet type.
Most(?) places waiting for a reply to an IQ request are converted to use
the IQReplyFilter.
For a discussion of the issues, see the thread "Spoofing of iq ids and
misbehaving servers" from 2014-01 on the jdev@jabber.org mailing list
and following discussion in February and March.
Smack contains two PacketFilters to filter on the from address.
FromContainsFilter simply does a substring match, which is problematic
as explained in SMACK-71. FromMatchesFilter partially fixes this
weakness, but it still uses String#startsWith to filter on bare
addresses. For example, when setup to match all JIDs with bare JID
"foo@example.co", it will still match "foo@example.com".
This commit changes FromMatchesFilter to test equality with the bare
from instead of startsWith with the full from.
Moreover, we convert all uses of FromContainsFilter to FromMatchesFilter
and remove FromContainsFilter. Additionally, the unused ToContainsFilter
(which as the same weaknesses) is removed, too.
Move extension relevant configuration options from SmackConfiguration to
the extension. Introduced disabledSmackClasses that can be configured
via a system property or configuration file.
Not all platforms support this API (e.g. Android). Strip the
prettyPrint() method since it wasn't used anyway.
Also move XmlUtil in a more appropriate package.
This makes Smack more portable, as there are platforms that support the
XmlPullParser interface, but not MXParser (e.g. Android).
Also enable checkstyle check that MXParser is not used.
The jingle subproject builds now. This doesn't change that the code is
outdated with regard to the specification and unmaintained for
years. But hopefully this is the first step to change that. :)
The integration tests have been moved into SourceSets of 'core' and
'extensions'.
Instead of repeating the same pattern, when sending an IQ get/set packet
and collecting the response
PacketFilter filter = new PacketIDFilter(request.getPacketID()),
PacketCollector collector = connection.createPacketCollector(filter);
connection.sendPacket(reg);
IQ result = (IQ)collector.nextResult(SmackConfiguration.getPacketReplyTimeout());
// Stop queuing results
collector.cancel();
if (result == null) {
throw new XMPPException("No response from server.");
}
else if (result.getType() == IQ.Type.ERROR) {
throw new XMPPException(result.getError());
}
the API got redesigned, so that the above code block can be replaced
with
Packet result = connection.createPacketCollectorAndSend(request).nextResultOrThrow();
Also move ProviderConfigTest into core, since it tests core
functionality, nothing provided by extensions. Found the reason the test
was failing since the gradle migration (provider entry test.providers),
and activated it again. \o/
New API design as of SMACK-545
Change all \r\n into unix style newlines. Add missing newlines at the
end of a file and activate the newline checkstyle module, that enforces
'\n' as newline and a newline at the end of every file.
The initializer tests verify that every non-optional initializer, this
includes Providers, is loadable.
Creating files under META-INF is not considered best practice. Smack's
configuration and provider files reside now in classpath directory
qualified by Smack's package namespace.
The implementation of ServerTrustManger contains a security
vulnerability, which could lead to unauthorized certificates being
erroneously trusted. SMACK-410
If a Manager is strong referenced from a gc root, usually the instances
map, it should not hold itself a strong reference the connection in
order to avoid a cycle that prevents the Connection instance from being
gc'ed.
SMACK-383