1
0
Fork 0
mirror of https://github.com/vanitasvitae/Smack.git synced 2024-11-16 01:02:06 +01:00
Commit graph

16 commits

Author SHA1 Message Date
Florian Schmaus
92f4aadfdc [sasl] Avoid mechanisms that need a password when none is available 2021-03-25 15:01:15 +01:00
Florian Schmaus
35cf094386 sasl-javax: Do not set system properties in SASLGSSAPIMechanism
Smack did this for a long time, since eb56f8a55 ("GSSAPI work by Jay
Kline (SMACK-218)."). Not always in a static block though. But
irregardless this is bad practice as it causes side-effects and may
overrides settings.

For example, one users reports:

java.lang.SecurityException: java.io.IOException: gss.conf (No such file or directory)
    at sun.security.provider.ConfigFile$Spi.<init>(ConfigFile.java:137)
    at sun.security.provider.ConfigFile.<init>(ConfigFile.java:102)
    at sun.reflect.GeneratedConstructorAccessor119.newInstance(Unknown Source)
2019-09-25 23:36:21 +02:00
Florian Schmaus
f7762c5db7 Add "whitespace after comma" checkstyle rule 2019-05-17 21:56:46 +02:00
Florian Schmaus
b51a6c54e8 Introduce SmackSaslException 2019-02-10 21:50:39 +01:00
Florian Schmaus
e8923b9d16 Enable trailing whitespace checkstyle check
for all source code regions, including javadoc.
2018-05-09 23:26:39 +02:00
9f47daa7ad
Add missing package-info descriptions. 2018-02-21 16:47:11 +01:00
cb18056613 Fix minor codestyle issues 2017-12-17 11:03:46 +01:00
Florian Schmaus
4c646436a5 Bump "Error Prone" to 2.0.15
and fix a few things :)
2017-02-11 16:16:41 +01:00
Dave Cridland
9c772add93 SASL Proxy Auth support
This adds the ability to provide a distinct authorization identifier for use
by SASL mechanisms. Not all SASL mechanisms support this operation, in
particular CRAM-MD5.

Both the javax and provided SASL implementations are extended, and an authzid
parameter added to the authenticate method.

The authorization identifier is passed as a EntityBareJid in order to assure the
correct form.

Resolves SMACK-677.

Minor-Modifications-By: Florian Schmaus <flo@geekplace.eu>
2015-09-21 20:39:23 +02:00
Florian Schmaus
de528eee67 Add JavadocPackage checkstyle
change from package.html to package-info.java. Add missing
package-info.java with a placeholder description.
2015-04-04 17:16:47 +02:00
Florian Schmaus
64d134052d Enable javadoc checkstyle
and fix violations.
2015-03-29 12:29:32 +02:00
Florian Schmaus
5bb4727c57 Use Jid (and subclasses) from jxmpp-jid
Fixes SMACK-634
2015-02-17 16:07:16 +01:00
Christoph Fiehe
665e7914f2 Enable OSGi compliance via 'DynamicImport-Package: *'
on package layer instead of Declarative Service (DS) approach.
Restructuring and cleanup of initialization process to ensure that all
internal config files are found by the corresponding bundle
classloaders.

SMACK-343
2015-01-03 13:14:02 +01:00
Florian Schmaus
403ecff2b2 Add SCRAM-SHA1 support
Thanks to Stefan Karlsson for helping with the implementation.

Also add SASLMechanism.checkIfSuccessfulOrThrow(), to increase the
security by verifying the mechanisms state at the end of SASL
authentication.

SASLMechanism now has a SASLPrep StringTransformer.

Refactor SHA1 functions out of StringUtils into SHA1 utility class.

Add MAC utility class.

Make DummyConnection getSentpacket() methods use generics to make unit
testing SCRAM-SHA1 easier.

Fixes SMACK-398
2014-10-21 15:03:48 +02:00
Florian Schmaus
f37682d980 Make SASLMechanism.getAuthenticationText() return byte[]
every SASL Mechanism is designed as a byte array based protocol. XMPP
adds the constraint that the challenges and responses are send base64
encoded. It's therefore better API design to let getAuthenticationText()
return byte[] instead of String.
2014-08-12 21:52:56 +02:00
Florian Schmaus
89dc3a0e85 Add smack-android and redesign SASL authentication
This commit marks an important milestone with the addition of the
smack-android subproject. Smack is now able to run native on Android
without requiring any modifications, which makes the aSmack build
environment obsolete.

It was necessary to redesign the code for SASL authentication to achieve
this. Smack now comes with smack-sasl-provided for SASL implementations
that do not rely on additional APIs like javax for platforms where those
APIs are not available like Android.
2014-08-01 10:34:47 +02:00