mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-09-27 18:19:33 +02:00
cc636fff21
This is a complete redesign of what was previously XmppNioTcpConnection. The new architecture allows to extend an XMPP client to server (c2s) connection with new transport bindings and other extensions.
224 lines
8.1 KiB
Java
224 lines
8.1 KiB
Java
/**
|
|
*
|
|
* Copyright 2014-2020 Florian Schmaus
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
package org.jivesoftware.smack.util.dns.minidns;
|
|
|
|
import java.io.IOException;
|
|
import java.net.InetAddress;
|
|
import java.net.UnknownHostException;
|
|
import java.util.ArrayList;
|
|
import java.util.Collections;
|
|
import java.util.List;
|
|
import java.util.Set;
|
|
|
|
import org.jivesoftware.smack.ConnectionConfiguration.DnssecMode;
|
|
import org.jivesoftware.smack.initializer.SmackInitializer;
|
|
import org.jivesoftware.smack.util.DNSUtil;
|
|
import org.jivesoftware.smack.util.dns.DNSResolver;
|
|
import org.jivesoftware.smack.util.rce.RemoteConnectionEndpointLookupFailure;
|
|
|
|
import org.minidns.dnsmessage.DnsMessage.RESPONSE_CODE;
|
|
import org.minidns.dnsmessage.Question;
|
|
import org.minidns.dnsname.DnsName;
|
|
import org.minidns.dnssec.DnssecResultNotAuthenticException;
|
|
import org.minidns.hla.DnssecResolverApi;
|
|
import org.minidns.hla.ResolutionUnsuccessfulException;
|
|
import org.minidns.hla.ResolverApi;
|
|
import org.minidns.hla.ResolverResult;
|
|
import org.minidns.hla.SrvResolverResult;
|
|
import org.minidns.record.A;
|
|
import org.minidns.record.AAAA;
|
|
import org.minidns.record.SRV;
|
|
|
|
|
|
/**
|
|
* This implementation uses the <a href="https://github.com/rtreffer/minidns/">MiniDNS</a> implementation for
|
|
* resolving DNS addresses.
|
|
*/
|
|
public class MiniDnsResolver extends DNSResolver implements SmackInitializer {
|
|
|
|
private static final MiniDnsResolver INSTANCE = new MiniDnsResolver();
|
|
|
|
private static final ResolverApi DNSSEC_RESOLVER = DnssecResolverApi.INSTANCE;
|
|
|
|
private static final ResolverApi NON_DNSSEC_RESOLVER = ResolverApi.INSTANCE;
|
|
|
|
public static DNSResolver getInstance() {
|
|
return INSTANCE;
|
|
}
|
|
|
|
public MiniDnsResolver() {
|
|
super(true);
|
|
}
|
|
|
|
@Override
|
|
protected Set<SRV> lookupSrvRecords0(final DnsName name, List<RemoteConnectionEndpointLookupFailure> lookupFailures,
|
|
DnssecMode dnssecMode) {
|
|
final ResolverApi resolver = getResolver(dnssecMode);
|
|
|
|
SrvResolverResult result;
|
|
try {
|
|
result = resolver.resolveSrv(name);
|
|
} catch (IOException e) {
|
|
RemoteConnectionEndpointLookupFailure failure = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(
|
|
name, e);
|
|
lookupFailures.add(failure);
|
|
return null;
|
|
}
|
|
|
|
ResolutionUnsuccessfulException resolutionUnsuccessfulException = result.getResolutionUnsuccessfulException();
|
|
if (resolutionUnsuccessfulException != null) {
|
|
RemoteConnectionEndpointLookupFailure failure = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(
|
|
name, resolutionUnsuccessfulException);
|
|
lookupFailures.add(failure);
|
|
return null;
|
|
}
|
|
|
|
if (shouldAbortIfNotAuthentic(name, dnssecMode, result, lookupFailures)) {
|
|
return null;
|
|
}
|
|
|
|
return result.getAnswers();
|
|
}
|
|
|
|
@Override
|
|
protected List<InetAddress> lookupHostAddress0(final DnsName name,
|
|
List<RemoteConnectionEndpointLookupFailure> lookupFailures, DnssecMode dnssecMode) {
|
|
final ResolverApi resolver = getResolver(dnssecMode);
|
|
|
|
final ResolverResult<A> aResult;
|
|
final ResolverResult<AAAA> aaaaResult;
|
|
|
|
try {
|
|
aResult = resolver.resolve(name, A.class);
|
|
aaaaResult = resolver.resolve(name, AAAA.class);
|
|
} catch (IOException e) {
|
|
RemoteConnectionEndpointLookupFailure failure = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(
|
|
name, e);
|
|
lookupFailures.add(failure);
|
|
return null;
|
|
}
|
|
|
|
if (!aResult.wasSuccessful() && !aaaaResult.wasSuccessful()) {
|
|
// Both results where not successful.
|
|
RemoteConnectionEndpointLookupFailure failureA = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(
|
|
name, getExceptionFrom(aResult));
|
|
lookupFailures.add(failureA);
|
|
RemoteConnectionEndpointLookupFailure failureAaaa = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(
|
|
name, getExceptionFrom(aaaaResult));
|
|
lookupFailures.add(failureAaaa);
|
|
return null;
|
|
}
|
|
|
|
if (shouldAbortIfNotAuthentic(name, dnssecMode, aResult, lookupFailures)
|
|
|| shouldAbortIfNotAuthentic(name, dnssecMode, aaaaResult, lookupFailures)) {
|
|
return null;
|
|
}
|
|
|
|
// TODO: Use ResolverResult.getAnswersOrEmptySet() once we updated MiniDNS.
|
|
Set<A> aResults;
|
|
if (aResult.wasSuccessful()) {
|
|
aResults = aResult.getAnswers();
|
|
}
|
|
else {
|
|
aResults = Collections.emptySet();
|
|
}
|
|
|
|
// TODO: Use ResolverResult.getAnswersOrEmptySet() once we updated MiniDNS.
|
|
Set<AAAA> aaaaResults;
|
|
if (aaaaResult.wasSuccessful()) {
|
|
aaaaResults = aaaaResult.getAnswers();
|
|
}
|
|
else {
|
|
aaaaResults = Collections.emptySet();
|
|
}
|
|
|
|
List<InetAddress> inetAddresses = new ArrayList<>(aResults.size()
|
|
+ aaaaResults.size());
|
|
|
|
for (A a : aResults) {
|
|
InetAddress inetAddress;
|
|
try {
|
|
inetAddress = InetAddress.getByAddress(a.getIp());
|
|
}
|
|
catch (UnknownHostException e) {
|
|
continue;
|
|
}
|
|
inetAddresses.add(inetAddress);
|
|
}
|
|
for (AAAA aaaa : aaaaResults) {
|
|
InetAddress inetAddress;
|
|
try {
|
|
inetAddress = InetAddress.getByAddress(name.ace, aaaa.getIp());
|
|
}
|
|
catch (UnknownHostException e) {
|
|
continue;
|
|
}
|
|
inetAddresses.add(inetAddress);
|
|
}
|
|
|
|
return inetAddresses;
|
|
}
|
|
|
|
public static void setup() {
|
|
DNSUtil.setDNSResolver(getInstance());
|
|
}
|
|
|
|
@Override
|
|
public List<Exception> initialize() {
|
|
setup();
|
|
MiniDnsDane.setup();
|
|
return null;
|
|
}
|
|
|
|
private static ResolverApi getResolver(DnssecMode dnssecMode) {
|
|
if (dnssecMode == DnssecMode.disabled) {
|
|
return NON_DNSSEC_RESOLVER;
|
|
} else {
|
|
return DNSSEC_RESOLVER;
|
|
}
|
|
}
|
|
|
|
private static boolean shouldAbortIfNotAuthentic(DnsName name, DnssecMode dnssecMode,
|
|
ResolverResult<?> result, List<RemoteConnectionEndpointLookupFailure> lookupFailures) {
|
|
switch (dnssecMode) {
|
|
case needsDnssec:
|
|
case needsDnssecAndDane:
|
|
// Check if the result is authentic data, i.e. there a no reasons the result is unverified.
|
|
DnssecResultNotAuthenticException exception = result.getDnssecResultNotAuthenticException();
|
|
if (exception != null) {
|
|
RemoteConnectionEndpointLookupFailure failure = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(
|
|
name, exception);
|
|
lookupFailures.add(failure);
|
|
return true;
|
|
}
|
|
break;
|
|
case disabled:
|
|
break;
|
|
default:
|
|
throw new IllegalStateException("Unknown DnssecMode: " + dnssecMode);
|
|
}
|
|
return false;
|
|
}
|
|
|
|
private static ResolutionUnsuccessfulException getExceptionFrom(ResolverResult<?> result) {
|
|
Question question = result.getQuestion();
|
|
RESPONSE_CODE responseCode = result.getResponseCode();
|
|
ResolutionUnsuccessfulException resolutionUnsuccessfulException = new ResolutionUnsuccessfulException(question, responseCode);
|
|
return resolutionUnsuccessfulException;
|
|
}
|
|
}
|