Search in sources :

Example 11 with DNSName

use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.

the class InternetAddress method from.

public static InternetAddress from(String address) {
    final InternetAddress internetAddress;
    if (InetAddressUtil.isIpV4Address(address)) {
        internetAddress = new InternetAddress.Ipv4(address);
    } else if (InetAddressUtil.isIpV6Address(address)) {
        internetAddress = new InternetAddress.Ipv6(address);
    } else if (address.contains(".")) {
        InternetAddress domainNameInternetAddress;
        try {
            DnsName dnsName = DnsName.from(address);
            domainNameInternetAddress = new InternetAddress.DomainName(address, dnsName);
        } catch (InvalidDnsNameException e) {
            domainNameInternetAddress = new InternetAddress.InvalidDomainName(address, e);
        }
        internetAddress = domainNameInternetAddress;
    } else {
        DnsLabel dnsLabel = DnsLabel.from(address);
        internetAddress = new InternetAddress.DomainNameLabel(address, dnsLabel);
    }
    return internetAddress;
}
Also used : DnsName(org.minidns.dnsname.DnsName) DnsLabel(org.minidns.dnslabel.DnsLabel) InvalidDnsNameException(org.minidns.dnsname.InvalidDnsNameException)

Example 12 with DNSName

use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.

the class RemoteXmppTcpConnectionEndpoints method lookup.

/**
 * Lookups remote connection endpoints on the server for XMPP connections over TCP taking A, AAAA and SRV resource
 * records into account. If no host address was configured and all lookups failed, for example with NX_DOMAIN, then
 * result will be populated with the empty list.
 *
 * @param config the connection configuration to lookup the endpoints for.
 * @return a lookup result.
 */
public static Result<Rfc6120TcpRemoteConnectionEndpoint> lookup(ConnectionConfiguration config) {
    List<Rfc6120TcpRemoteConnectionEndpoint> discoveredRemoteConnectionEndpoints;
    List<RemoteConnectionEndpointLookupFailure> lookupFailures;
    final InetAddress hostAddress = config.getHostAddress();
    final DnsName host = config.getHost();
    if (hostAddress != null) {
        lookupFailures = Collections.emptyList();
        IpTcpRemoteConnectionEndpoint<InternetAddressRR<?>> connectionEndpoint = IpTcpRemoteConnectionEndpoint.from(hostAddress.toString(), config.getPort(), hostAddress);
        discoveredRemoteConnectionEndpoints = Collections.singletonList(connectionEndpoint);
    } else if (host != null) {
        lookupFailures = new ArrayList<>(1);
        List<InetAddress> hostAddresses = DNSUtil.getDNSResolver().lookupHostAddress(host, lookupFailures, config.getDnssecMode());
        if (hostAddresses != null) {
            discoveredRemoteConnectionEndpoints = new ArrayList<>(hostAddresses.size());
            UInt16 port = config.getPort();
            for (InetAddress inetAddress : hostAddresses) {
                IpTcpRemoteConnectionEndpoint<InternetAddressRR<?>> connectionEndpoint = IpTcpRemoteConnectionEndpoint.from(host, port, inetAddress);
                discoveredRemoteConnectionEndpoints.add(connectionEndpoint);
            }
        } else {
            discoveredRemoteConnectionEndpoints = Collections.emptyList();
        }
    } else {
        lookupFailures = new ArrayList<>();
        // N.B.: Important to use config.serviceName and not AbstractXMPPConnection.serviceName
        DnsName dnsName = config.getXmppServiceDomainAsDnsNameIfPossible();
        if (dnsName == null) {
            // name is also a valid DNS name, or that a host is explicitly configured.
            throw new IllegalStateException();
        }
        discoveredRemoteConnectionEndpoints = resolveXmppServiceDomain(dnsName, lookupFailures, config.getDnssecMode());
    }
    // Either the populated host addresses are not empty *or* there must be at least one failed address.
    assert !discoveredRemoteConnectionEndpoints.isEmpty() || !lookupFailures.isEmpty();
    return new Result<>(discoveredRemoteConnectionEndpoints, lookupFailures);
}
Also used : DnsName(org.minidns.dnsname.DnsName) RemoteConnectionEndpointLookupFailure(org.jivesoftware.smack.util.rce.RemoteConnectionEndpointLookupFailure) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) UInt16(org.jivesoftware.smack.datatypes.UInt16) InetAddress(java.net.InetAddress) InternetAddressRR(org.minidns.record.InternetAddressRR)

Example 13 with DNSName

use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.

the class XMPPTCPConnection method proceedTLSReceived.

/**
 * The server has indicated that TLS negotiation can start. We now need to secure the
 * existing plain connection and perform a handshake. This method won't return until the
 * connection has finished the handshake or an error occurred while securing the connection.
 * @throws IOException if an I/O error occurred.
 * @throws SecurityNotPossibleException if TLS is not possible.
 * @throws CertificateException if there is an issue with the certificate.
 */
@SuppressWarnings("LiteralClassName")
private void proceedTLSReceived() throws IOException, SecurityNotPossibleException, CertificateException {
    SmackTlsContext smackTlsContext = getSmackTlsContext();
    Socket plain = socket;
    int port = plain.getPort();
    String xmppServiceDomainString = config.getXMPPServiceDomain().toString();
    SSLSocketFactory sslSocketFactory = smackTlsContext.sslContext.getSocketFactory();
    // Secure the plain connection
    socket = sslSocketFactory.createSocket(plain, xmppServiceDomainString, port, true);
    final SSLSocket sslSocket = (SSLSocket) socket;
    // Immediately set the enabled SSL protocols and ciphers. See SMACK-712 why this is
    // important (at least on certain platforms) and it seems to be a good idea anyways to
    // prevent an accidental implicit handshake.
    TLSUtils.setEnabledProtocolsAndCiphers(sslSocket, config.getEnabledSSLProtocols(), config.getEnabledSSLCiphers());
    // Initialize the reader and writer with the new secured version
    initReaderAndWriter();
    // Proceed to do the handshake
    sslSocket.startHandshake();
    if (smackTlsContext.daneVerifier != null) {
        smackTlsContext.daneVerifier.finish(sslSocket.getSession());
    }
    final HostnameVerifier verifier = getConfiguration().getHostnameVerifier();
    if (verifier == null) {
        throw new IllegalStateException("No HostnameVerifier set. Use connectionConfiguration.setHostnameVerifier() to configure.");
    }
    final String verifierHostname;
    {
        DnsName xmppServiceDomainDnsName = getConfiguration().getXmppServiceDomainAsDnsNameIfPossible();
        // See also: https://bugzilla.mozilla.org/show_bug.cgi?id=280839#c1
        if (xmppServiceDomainDnsName != null) {
            verifierHostname = xmppServiceDomainDnsName.ace;
        } else {
            LOGGER.log(Level.WARNING, "XMPP service domain name '" + getXMPPServiceDomain() + "' can not be represented as DNS name. TLS X.509 certificate validiation may fail.");
            verifierHostname = getXMPPServiceDomain().toString();
        }
    }
    final boolean verificationSuccessful;
    // Verify the TLS session.
    verificationSuccessful = verifier.verify(verifierHostname, sslSocket.getSession());
    if (!verificationSuccessful) {
        throw new CertificateException("Hostname verification of certificate failed. Certificate does not authenticate " + getXMPPServiceDomain());
    }
    // Set that TLS was successful
    secureSocket = sslSocket;
}
Also used : DnsName(org.minidns.dnsname.DnsName) SmackTlsContext(org.jivesoftware.smack.internal.SmackTlsContext) SSLSocket(javax.net.ssl.SSLSocket) CertificateException(java.security.cert.CertificateException) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) SSLSocket(javax.net.ssl.SSLSocket) Socket(java.net.Socket) Rfc6120TcpRemoteConnectionEndpoint(org.jivesoftware.smack.tcp.rce.Rfc6120TcpRemoteConnectionEndpoint) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 14 with DNSName

use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.

the class RemoteXmppTcpConnectionEndpoints method resolveDomain.

/**
 * @param domain the domain.
 * @param domainType the XMPP domain type, server or client.
 * @param lookupFailures a list that will be populated with all failures that oocured during lookup.
 * @param dnssecMode the DNSSEC mode.
 * @param dnsResolver the DNS resolver to use.
 * @return a list of resolved host addresses for this domain.
 */
private static List<Rfc6120TcpRemoteConnectionEndpoint> resolveDomain(DnsName domain, DomainType domainType, List<RemoteConnectionEndpointLookupFailure> lookupFailures, DnssecMode dnssecMode, DNSResolver dnsResolver) {
    List<Rfc6120TcpRemoteConnectionEndpoint> endpoints = new ArrayList<>();
    // Step one: Do SRV lookups
    DnsName srvDomain = DnsName.from(domainType.srvPrefix, domain);
    Collection<SRV> srvRecords = dnsResolver.lookupSrvRecords(srvDomain, lookupFailures, dnssecMode);
    if (srvRecords != null && !srvRecords.isEmpty()) {
        if (LOGGER.isLoggable(Level.FINE)) {
            String logMessage = "Resolved SRV RR for " + srvDomain + ":";
            for (SRV r : srvRecords) logMessage += " " + r;
            LOGGER.fine(logMessage);
        }
        List<SRV> sortedSrvRecords = SrvUtil.sortSrvRecords(srvRecords);
        for (SRV srv : sortedSrvRecords) {
            List<InetAddress> targetInetAddresses = dnsResolver.lookupHostAddress(srv.target, lookupFailures, dnssecMode);
            if (targetInetAddresses != null) {
                SrvXmppRemoteConnectionEndpoint endpoint = new SrvXmppRemoteConnectionEndpoint(srv, targetInetAddresses);
                endpoints.add(endpoint);
            }
        }
    } else {
        LOGGER.info("Could not resolve DNS SRV resource records for " + srvDomain + ". Consider adding those.");
    }
    UInt16 defaultPort;
    switch(domainType) {
        case client:
            defaultPort = UInt16.from(5222);
            break;
        case server:
            defaultPort = UInt16.from(5269);
            break;
        default:
            throw new AssertionError();
    }
    // Step two: Add the hostname to the end of the list
    List<InetAddress> hostAddresses = dnsResolver.lookupHostAddress(domain, lookupFailures, dnssecMode);
    if (hostAddresses != null) {
        for (InetAddress inetAddress : hostAddresses) {
            IpTcpRemoteConnectionEndpoint<InternetAddressRR<?>> endpoint = IpTcpRemoteConnectionEndpoint.from(domain, defaultPort, inetAddress);
            endpoints.add(endpoint);
        }
    }
    return endpoints;
}
Also used : DnsName(org.minidns.dnsname.DnsName) ArrayList(java.util.ArrayList) SRV(org.minidns.record.SRV) UInt16(org.jivesoftware.smack.datatypes.UInt16) InetAddress(java.net.InetAddress) InternetAddressRR(org.minidns.record.InternetAddressRR)

Example 15 with DNSName

use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.

the class DNSJavaResolver method lookupSrvRecords0.

@Override
protected List<SRV> lookupSrvRecords0(DnsName name, List<RemoteConnectionEndpointLookupFailure> lookupFailures, DnssecMode dnssecMode) {
    Lookup lookup;
    try {
        lookup = new Lookup(name.ace, Type.SRV);
    } catch (TextParseException e) {
        RemoteConnectionEndpointLookupFailure failure = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(name, e);
        lookupFailures.add(failure);
        return null;
    }
    Record[] recs = lookup.run();
    if (recs == null) {
        // TODO: When does this happen? Do we want/need to record a lookup failure?
        return null;
    }
    List<SRV> res = new ArrayList<>();
    for (Record record : recs) {
        org.xbill.DNS.SRVRecord srvRecord = (org.xbill.DNS.SRVRecord) record;
        if (srvRecord != null && srvRecord.getTarget() != null) {
            DnsName host = DnsName.from(srvRecord.getTarget().toString());
            int port = srvRecord.getPort();
            int priority = srvRecord.getPriority();
            int weight = srvRecord.getWeight();
            SRV r = new SRV(priority, weight, port, host);
            res.add(r);
        }
    }
    return res;
}
Also used : DnsName(org.minidns.dnsname.DnsName) RemoteConnectionEndpointLookupFailure(org.jivesoftware.smack.util.rce.RemoteConnectionEndpointLookupFailure) ArrayList(java.util.ArrayList) SRV(org.minidns.record.SRV) Lookup(org.xbill.DNS.Lookup) Record(org.xbill.DNS.Record) TextParseException(org.xbill.DNS.TextParseException)

Aggregations

DNSName (org.minidns.dnsname.DNSName)22 Test (org.junit.Test)8 IOException (java.io.IOException)6 DnsName (org.minidns.dnsname.DnsName)5 InetAddress (java.net.InetAddress)4 ArrayList (java.util.ArrayList)4 Data (org.minidns.record.Data)4 Record (org.minidns.record.Record)4 LinkedList (java.util.LinkedList)3 DNSMessage (org.minidns.dnsmessage.DNSMessage)3 Question (org.minidns.dnsmessage.Question)3 TYPE (org.minidns.record.Record.TYPE)3 UInt16 (org.jivesoftware.smack.datatypes.UInt16)2 RemoteConnectionEndpointLookupFailure (org.jivesoftware.smack.util.rce.RemoteConnectionEndpointLookupFailure)2 InternetAddressRR (org.minidns.record.InternetAddressRR)2 SRV (org.minidns.record.SRV)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 DataOutputStream (java.io.DataOutputStream)1 Inet4Address (java.net.Inet4Address)1 Inet6Address (java.net.Inet6Address)1