Commit graph

367 commits

Author SHA1 Message Date
Daniel Gultsch 01fba162f0
code clean up. use Optional to parse SM’s h attribute 2022-12-30 10:53:49 +01:00
Daniel Gultsch f5b7fbc441
add log when we requested token but didn’t get one 2022-12-30 09:00:42 +01:00
Daniel Gultsch 499c4ddd0a do not detect sm:2 as sm available
the 2.11.0 release removed support for enabling sm:2
unfortunatly sm:2 was still detected as "server supports stream managment"
down the line leading to resend loops.

fixes #4426
2022-12-16 08:07:46 +01:00
Daniel Gultsch 6b9ebb3abf remove TODO 2022-11-18 10:40:16 +01:00
Daniel Gultsch 109a20ca40 do not expect stream features after inline resume 2022-11-17 10:52:30 +01:00
Daniel Gultsch 29461edf40 process challenge only on secure connection 2022-11-17 07:48:09 +01:00
Daniel Gultsch 44bfff7e49 fall back to regular authentication if fast fails 2022-11-16 11:00:43 +01:00
Daniel Gultsch dac2e17133 disable quick start if fast is available but we didn’t use fast 2022-11-01 18:06:32 +01:00
Daniel Gultsch 35ee01cb28 reset fast token on login failure 2022-11-01 16:44:36 +01:00
Daniel Gultsch e2b9f0e77a add support for HashedToken channel binding 2022-10-15 20:53:59 +02:00
Daniel Gultsch 24badda4c9 do quick start with HT-SHA-256-NONE 2022-10-15 18:56:31 +02:00
Daniel Gultsch c13787873c request fast token 2022-10-15 12:27:38 +02:00
Daniel Gultsch 3378447f60 parse hash token names 2022-10-15 00:09:29 +02:00
Daniel Gultsch 0cd416298d ensure we only select channel binding methods available for tls version 2022-10-14 20:00:36 +02:00
Daniel Gultsch 7eb160386d enable SM if it wasn’t enabled in bind 2 2022-10-14 13:29:59 +02:00
Daniel Gultsch 9a0c90f066 read new stream features directly after success 2022-10-14 13:13:21 +02:00
Daniel Gultsch cb775ece99 wait for DB restore before bind 2022-09-26 09:47:53 +02:00
Daniel Gultsch 3d56d01826 handle case when server loses support for quick start 2022-09-26 07:53:48 +02:00
Daniel Gultsch 32f9a58d9a pipeline sasl2 directly after stream start 2022-09-25 14:13:04 +02:00
Daniel Gultsch 126e8ef08c refactor sasl 2 authentication code 2022-09-24 14:58:49 +02:00
Daniel Gultsch 9f5da67539 use bind:0 namespace 2022-09-24 11:59:53 +02:00
Daniel Gultsch 5a3cca9554 use bind 2 tag and sasl 2 user-agent 2022-09-15 14:28:51 +02:00
Daniel Gultsch bf15070fef bump sasl2 namespace 2022-09-15 13:10:15 +02:00
Daniel Gultsch 495f79921d store full sasl mechanism (not just priority) 2022-09-15 12:22:05 +02:00
Daniel Gultsch d4ec1eaf38 refactor processFailure and processChallange into methods 2022-09-07 10:31:11 +02:00
Daniel Gultsch 5da9f5b3a3 refactor ScramMechanism to support PLUS 2022-09-06 16:28:28 +02:00
Daniel Gultsch b78acb6fca extract channel binding types via XEP-0440 2022-09-06 14:53:12 +02:00
Daniel Gultsch a210568a9c refactor SASL choice into factory; remove unused TagWriter 2022-09-06 09:25:23 +02:00
Daniel Gultsch eee14a822a add todos 2022-09-05 11:07:25 +02:00
Daniel Gultsch e0bd1d168c do not attempt resume when already in smacks session 2022-09-04 09:28:00 +02:00
Daniel Gultsch 052c58f377 rudimentary bind 2 implementation 2022-09-03 20:17:29 +02:00
Daniel Gultsch 00dd9a8058 remove support for sm:2 2022-09-03 12:16:06 +02:00
Daniel Gultsch 4f92ba880b process authorization id in case full jid changes 2022-08-30 09:31:06 +02:00
Daniel Gultsch 3fac7d4992 fix very rare NPE (race condition) 2022-08-30 08:21:32 +02:00
Daniel Gultsch 8f76084a43 add sm-failed processing 2022-08-29 19:44:39 +02:00
Daniel Gultsch 7ea4f64ce4 code clean up for resumed processing 2022-08-29 19:30:03 +02:00
Daniel Gultsch f6ab3dd068 support resume via sasl 2.0 2022-08-29 19:22:25 +02:00
Daniel Gultsch 928a16d31d abort on 'continue' - no client support 2022-08-29 18:53:34 +02:00
Daniel Gultsch 6202cbe26b minor code clean up for tag and element 2022-08-29 18:40:49 +02:00
Daniel Gultsch 5fc8ff899a support logging in via SASL 2 2022-08-29 17:09:52 +02:00
Daniel Gultsch a717917b3d explicitly search for namespaces when processing stream features 2022-08-29 15:09:53 +02:00
Daniel Gultsch a9dd5a3c76 support sasl/temporary-auth-failure
if the server is unable to query the database throwing a temporary-auth-failure
might be more appropriate
2022-06-14 08:39:58 +02:00
Daniel Gultsch abb671616c synchronize setDescription calls 2021-11-16 15:17:12 +01:00
Daniel Gultsch ac7855a332 show domains in manual cert accept dialog 2021-05-03 08:28:03 +02:00
Daniel Gultsch bc58fb0fbd Always verify hostname/domain
There might be corner cases where it is required to use self signed
certificates. However there should be no corner cases where it is
required to use a wrong domain name. This commit swaps out the
MemorizingHostnameVerifier that let users accept wrong domains with the
standard XmppDomainVerifier.

closes #4066
2021-04-30 09:55:22 +02:00
Daniel Gultsch ce7f59a76c use okhttp to fetch captcha 2021-03-22 10:39:53 +01:00
Daniel Gultsch 1cd95aefa6 migrate redirection urls to HttpUrl 2021-03-22 10:12:53 +01:00
Daniel Gultsch e217551a82 migrate to OkHttp instead of HttpUrlConnection
OkHttp gives us more fine grained control over the HTTP library and frees us from any platform bugs
2021-03-19 14:57:20 +01:00
Daniel Gultsch b09a1432a3 Stanza.getErrorCondation only ever needs the tag name 2021-03-18 11:35:41 +01:00
Daniel Gultsch 6cab0ad496 make rtp proposal tracked by SM. fixes #3983 2021-02-12 10:35:13 +01:00