mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-11-29 23:42:06 +01:00
Compare commits
5 commits
11775ed6b0
...
f60e4055ec
Author | SHA1 | Date | |
---|---|---|---|
|
f60e4055ec | ||
|
381190a45c | ||
|
edcde28ecd | ||
|
7980e2cedb | ||
|
dd903bec95 |
4 changed files with 61 additions and 4 deletions
|
@ -294,6 +294,12 @@ public abstract class AbstractXMPPConnection implements XMPPConnection {
|
||||||
Thread thread = new Thread(runnable);
|
Thread thread = new Thread(runnable);
|
||||||
thread.setName("Smack Cached Executor");
|
thread.setName("Smack Cached Executor");
|
||||||
thread.setDaemon(true);
|
thread.setDaemon(true);
|
||||||
|
thread.setUncaughtExceptionHandler(new Thread.UncaughtExceptionHandler() {
|
||||||
|
@Override
|
||||||
|
public void uncaughtException(Thread t, Throwable e) {
|
||||||
|
LOGGER.log(Level.WARNING, t + " encountered uncaught exception", e);
|
||||||
|
}
|
||||||
|
});
|
||||||
return thread;
|
return thread;
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Copyright 2003-2007 Jive Software, 2017-2018 Florian Schmaus.
|
* Copyright 2003-2007 Jive Software, 2017-2019 Florian Schmaus.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -25,6 +25,8 @@ import java.util.Collection;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
import java.util.logging.Level;
|
||||||
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
import javax.net.SocketFactory;
|
import javax.net.SocketFactory;
|
||||||
import javax.net.ssl.HostnameVerifier;
|
import javax.net.ssl.HostnameVerifier;
|
||||||
|
@ -46,6 +48,7 @@ import org.jxmpp.jid.impl.JidCreate;
|
||||||
import org.jxmpp.jid.parts.Resourcepart;
|
import org.jxmpp.jid.parts.Resourcepart;
|
||||||
import org.jxmpp.stringprep.XmppStringprepException;
|
import org.jxmpp.stringprep.XmppStringprepException;
|
||||||
import org.minidns.dnsname.DnsName;
|
import org.minidns.dnsname.DnsName;
|
||||||
|
import org.minidns.dnsname.InvalidDnsNameException;
|
||||||
import org.minidns.util.InetAddressUtil;
|
import org.minidns.util.InetAddressUtil;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -61,6 +64,8 @@ public abstract class ConnectionConfiguration {
|
||||||
SmackConfiguration.getVersion();
|
SmackConfiguration.getVersion();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static final Logger LOGGER = Logger.getLogger(ConnectionConfiguration.class.getName());
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The XMPP domain of the XMPP Service. Usually servers use the same service name as the name
|
* The XMPP domain of the XMPP Service. Usually servers use the same service name as the name
|
||||||
* of the server. However, there are some servers like google where host would be
|
* of the server. However, there are some servers like google where host would be
|
||||||
|
@ -68,6 +73,8 @@ public abstract class ConnectionConfiguration {
|
||||||
*/
|
*/
|
||||||
protected final DomainBareJid xmppServiceDomain;
|
protected final DomainBareJid xmppServiceDomain;
|
||||||
|
|
||||||
|
protected final DnsName xmppServiceDomainDnsName;
|
||||||
|
|
||||||
protected final InetAddress hostAddress;
|
protected final InetAddress hostAddress;
|
||||||
protected final DnsName host;
|
protected final DnsName host;
|
||||||
protected final int port;
|
protected final int port;
|
||||||
|
@ -140,6 +147,19 @@ public abstract class ConnectionConfiguration {
|
||||||
if (xmppServiceDomain == null) {
|
if (xmppServiceDomain == null) {
|
||||||
throw new IllegalArgumentException("Must define the XMPP domain");
|
throw new IllegalArgumentException("Must define the XMPP domain");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
DnsName xmppServiceDomainDnsName;
|
||||||
|
try {
|
||||||
|
xmppServiceDomainDnsName = DnsName.from(xmppServiceDomain);
|
||||||
|
} catch (InvalidDnsNameException e) {
|
||||||
|
LOGGER.log(Level.INFO,
|
||||||
|
"Could not transform XMPP service domain '" + xmppServiceDomain
|
||||||
|
+ "' to a DNS name. TLS X.509 certificate validiation may not be possible.",
|
||||||
|
e);
|
||||||
|
xmppServiceDomainDnsName = null;
|
||||||
|
}
|
||||||
|
this.xmppServiceDomainDnsName = xmppServiceDomainDnsName;
|
||||||
|
|
||||||
hostAddress = builder.hostAddress;
|
hostAddress = builder.hostAddress;
|
||||||
host = builder.host;
|
host = builder.host;
|
||||||
port = builder.port;
|
port = builder.port;
|
||||||
|
@ -201,6 +221,17 @@ public abstract class ConnectionConfiguration {
|
||||||
return xmppServiceDomain;
|
return xmppServiceDomain;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the XMPP service domain as DNS name if possible. Note that since not every XMPP address domainpart is a
|
||||||
|
* valid DNS name, this method may return <code>null</code>.
|
||||||
|
*
|
||||||
|
* @return the XMPP service domain as DNS name or <code>null</code>.
|
||||||
|
* @since 4.3.4
|
||||||
|
*/
|
||||||
|
public DnsName getXmppServiceDomainAsDnsNameIfPossible() {
|
||||||
|
return xmppServiceDomainDnsName;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the TLS security mode used when making the connection. By default,
|
* Returns the TLS security mode used when making the connection. By default,
|
||||||
* the mode is {@link SecurityMode#ifpossible}.
|
* the mode is {@link SecurityMode#ifpossible}.
|
||||||
|
|
|
@ -105,7 +105,7 @@ public class XHTMLText {
|
||||||
private XHTMLText appendOpenBodyTag(String style, String lang) {
|
private XHTMLText appendOpenBodyTag(String style, String lang) {
|
||||||
text.halfOpenElement(Message.BODY);
|
text.halfOpenElement(Message.BODY);
|
||||||
text.xmlnsAttribute(NAMESPACE);
|
text.xmlnsAttribute(NAMESPACE);
|
||||||
text.optElement(STYLE, style);
|
text.optAttribute(STYLE, style);
|
||||||
text.xmllangAttribute(lang);
|
text.xmllangAttribute(lang);
|
||||||
text.rightAngleBracket();
|
text.rightAngleBracket();
|
||||||
return this;
|
return this;
|
||||||
|
|
|
@ -141,6 +141,7 @@ import org.jxmpp.jid.impl.JidCreate;
|
||||||
import org.jxmpp.jid.parts.Resourcepart;
|
import org.jxmpp.jid.parts.Resourcepart;
|
||||||
import org.jxmpp.stringprep.XmppStringprepException;
|
import org.jxmpp.stringprep.XmppStringprepException;
|
||||||
import org.jxmpp.util.XmppStringUtils;
|
import org.jxmpp.util.XmppStringUtils;
|
||||||
|
import org.minidns.dnsname.DnsName;
|
||||||
import org.xmlpull.v1.XmlPullParser;
|
import org.xmlpull.v1.XmlPullParser;
|
||||||
import org.xmlpull.v1.XmlPullParserException;
|
import org.xmlpull.v1.XmlPullParserException;
|
||||||
|
|
||||||
|
@ -861,8 +862,27 @@ public class XMPPTCPConnection extends AbstractXMPPConnection {
|
||||||
final HostnameVerifier verifier = getConfiguration().getHostnameVerifier();
|
final HostnameVerifier verifier = getConfiguration().getHostnameVerifier();
|
||||||
if (verifier == null) {
|
if (verifier == null) {
|
||||||
throw new IllegalStateException("No HostnameVerifier set. Use connectionConfiguration.setHostnameVerifier() to configure.");
|
throw new IllegalStateException("No HostnameVerifier set. Use connectionConfiguration.setHostnameVerifier() to configure.");
|
||||||
} else if (!verifier.verify(getXMPPServiceDomain().toString(), sslSocket.getSession())) {
|
}
|
||||||
throw new CertificateException("Hostname verification of certificate failed. Certificate does not authenticate " + getXMPPServiceDomain());
|
|
||||||
|
final String verifierHostname;
|
||||||
|
{
|
||||||
|
DnsName xmppServiceDomainDnsName = getConfiguration().getXmppServiceDomainAsDnsNameIfPossible();
|
||||||
|
// Try to convert the XMPP service domain, which potentially includes Unicode characters, into ASCII
|
||||||
|
// Compatible Encoding (ACE) to match RFC3280 dNSname IA5String constraint.
|
||||||
|
// See also: https://bugzilla.mozilla.org/show_bug.cgi?id=280839#c1
|
||||||
|
if (xmppServiceDomainDnsName != null) {
|
||||||
|
verifierHostname = xmppServiceDomainDnsName.ace;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
LOGGER.log(Level.WARNING, "XMPP service domain name '" + getXMPPServiceDomain()
|
||||||
|
+ "' can not be represented as DNS name. TLS X.509 certificate validiation may fail.");
|
||||||
|
verifierHostname = getXMPPServiceDomain().toString();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!verifier.verify(verifierHostname, sslSocket.getSession())) {
|
||||||
|
throw new CertificateException(
|
||||||
|
"Hostname verification of certificate failed. Certificate does not authenticate "
|
||||||
|
+ getXMPPServiceDomain());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set that TLS was successful
|
// Set that TLS was successful
|
||||||
|
|
Loading…
Reference in a new issue