narayana/anotherim
narayana/anotherim
3
2
Fork 0
Code Issues 3 Pull requests 2 Actions Packages Projects Releases 4 Wiki Activity

fall back to regular authentication if fast fails

Browse source
This commit is contained in:
Daniel Gultsch 2022-11-16 11:00:43 +01:00
parent 6ececb4d2b
commit 44bfff7e49
1 changed files with 23 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
View file

@ -831,17 +831,17 @@ public class XmppConnection implements Runnable {
} }
} }
private void processFailure(final Element failure) throws StateChangingException { private void processFailure(final Element failure) throws IOException {
final SaslMechanism.Version version; final SaslMechanism.Version version;
try { try {
version = SaslMechanism.Version.of(failure); version = SaslMechanism.Version.of(failure);
} catch (final IllegalArgumentException e) { } catch (final IllegalArgumentException e) {
throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER); throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
} }
Log.d(Config.LOGTAG,failure.toString()); Log.d(Config.LOGTAG, failure.toString());
Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": login failure " + version); Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": login failure " + version);
if (SaslMechanism.hashedToken(this.saslMechanism)) { if (SaslMechanism.hashedToken(this.saslMechanism)) {
Log.d(Config.LOGTAG,account.getJid().asBareJid() + ": resetting token"); Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": resetting token");
account.resetFastToken(); account.resetFastToken();
mXmppConnectionService.databaseBackend.updateAccount(account); mXmppConnectionService.databaseBackend.updateAccount(account);
} }
@ -866,7 +866,15 @@ public class XmppConnection implements Runnable {
} }
} }
} }
throw new StateChangingException(Account.State.UNAUTHORIZED); if (SaslMechanism.hashedToken(this.saslMechanism)) {
Log.d(
Config.LOGTAG,
account.getJid().asBareJid()
+ ": fast authentication failed. falling back to regular authentication");
authenticate();
} else {
throw new StateChangingException(Account.State.UNAUTHORIZED);
}
} }
private static SSLSocket sslSocketOrNull(final Socket socket) { private static SSLSocket sslSocketOrNull(final Socket socket) {
@ -1332,6 +1340,17 @@ public class XmppConnection implements Runnable {
} }
} }
private void authenticate() throws IOException {
final boolean isSecure =
features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS || account.isOnion();
if (isSecure && this.streamFeatures.hasChild("authentication", Namespace.SASL_2)) {authenticate(SaslMechanism.Version.SASL_2);
} else if (isSecure && this.streamFeatures.hasChild("mechanisms", Namespace.SASL)) {
authenticate(SaslMechanism.Version.SASL);
} else {
throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
}
}
private void authenticate(final SaslMechanism.Version version) throws IOException { private void authenticate(final SaslMechanism.Version version) throws IOException {
final Element authElement; final Element authElement;
if (version == SaslMechanism.Version.SASL) { if (version == SaslMechanism.Version.SASL) {