use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.
the class InternetAddress method from.
public static InternetAddress from(String address) {
final InternetAddress internetAddress;
if (InetAddressUtil.isIpV4Address(address)) {
internetAddress = new InternetAddress.Ipv4(address);
} else if (InetAddressUtil.isIpV6Address(address)) {
internetAddress = new InternetAddress.Ipv6(address);
} else if (address.contains(".")) {
InternetAddress domainNameInternetAddress;
try {
DnsName dnsName = DnsName.from(address);
domainNameInternetAddress = new InternetAddress.DomainName(address, dnsName);
} catch (InvalidDnsNameException e) {
domainNameInternetAddress = new InternetAddress.InvalidDomainName(address, e);
}
internetAddress = domainNameInternetAddress;
} else {
DnsLabel dnsLabel = DnsLabel.from(address);
internetAddress = new InternetAddress.DomainNameLabel(address, dnsLabel);
}
return internetAddress;
}
use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.
the class RemoteXmppTcpConnectionEndpoints method lookup.
/**
* Lookups remote connection endpoints on the server for XMPP connections over TCP taking A, AAAA and SRV resource
* records into account. If no host address was configured and all lookups failed, for example with NX_DOMAIN, then
* result will be populated with the empty list.
*
* @param config the connection configuration to lookup the endpoints for.
* @return a lookup result.
*/
public static Result<Rfc6120TcpRemoteConnectionEndpoint> lookup(ConnectionConfiguration config) {
List<Rfc6120TcpRemoteConnectionEndpoint> discoveredRemoteConnectionEndpoints;
List<RemoteConnectionEndpointLookupFailure> lookupFailures;
final InetAddress hostAddress = config.getHostAddress();
final DnsName host = config.getHost();
if (hostAddress != null) {
lookupFailures = Collections.emptyList();
IpTcpRemoteConnectionEndpoint<InternetAddressRR<?>> connectionEndpoint = IpTcpRemoteConnectionEndpoint.from(hostAddress.toString(), config.getPort(), hostAddress);
discoveredRemoteConnectionEndpoints = Collections.singletonList(connectionEndpoint);
} else if (host != null) {
lookupFailures = new ArrayList<>(1);
List<InetAddress> hostAddresses = DNSUtil.getDNSResolver().lookupHostAddress(host, lookupFailures, config.getDnssecMode());
if (hostAddresses != null) {
discoveredRemoteConnectionEndpoints = new ArrayList<>(hostAddresses.size());
UInt16 port = config.getPort();
for (InetAddress inetAddress : hostAddresses) {
IpTcpRemoteConnectionEndpoint<InternetAddressRR<?>> connectionEndpoint = IpTcpRemoteConnectionEndpoint.from(host, port, inetAddress);
discoveredRemoteConnectionEndpoints.add(connectionEndpoint);
}
} else {
discoveredRemoteConnectionEndpoints = Collections.emptyList();
}
} else {
lookupFailures = new ArrayList<>();
// N.B.: Important to use config.serviceName and not AbstractXMPPConnection.serviceName
DnsName dnsName = config.getXmppServiceDomainAsDnsNameIfPossible();
if (dnsName == null) {
// name is also a valid DNS name, or that a host is explicitly configured.
throw new IllegalStateException();
}
discoveredRemoteConnectionEndpoints = resolveXmppServiceDomain(dnsName, lookupFailures, config.getDnssecMode());
}
// Either the populated host addresses are not empty *or* there must be at least one failed address.
assert !discoveredRemoteConnectionEndpoints.isEmpty() || !lookupFailures.isEmpty();
return new Result<>(discoveredRemoteConnectionEndpoints, lookupFailures);
}
use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.
the class XMPPTCPConnection method proceedTLSReceived.
/**
* The server has indicated that TLS negotiation can start. We now need to secure the
* existing plain connection and perform a handshake. This method won't return until the
* connection has finished the handshake or an error occurred while securing the connection.
* @throws IOException if an I/O error occurred.
* @throws SecurityNotPossibleException if TLS is not possible.
* @throws CertificateException if there is an issue with the certificate.
*/
@SuppressWarnings("LiteralClassName")
private void proceedTLSReceived() throws IOException, SecurityNotPossibleException, CertificateException {
SmackTlsContext smackTlsContext = getSmackTlsContext();
Socket plain = socket;
int port = plain.getPort();
String xmppServiceDomainString = config.getXMPPServiceDomain().toString();
SSLSocketFactory sslSocketFactory = smackTlsContext.sslContext.getSocketFactory();
// Secure the plain connection
socket = sslSocketFactory.createSocket(plain, xmppServiceDomainString, port, true);
final SSLSocket sslSocket = (SSLSocket) socket;
// Immediately set the enabled SSL protocols and ciphers. See SMACK-712 why this is
// important (at least on certain platforms) and it seems to be a good idea anyways to
// prevent an accidental implicit handshake.
TLSUtils.setEnabledProtocolsAndCiphers(sslSocket, config.getEnabledSSLProtocols(), config.getEnabledSSLCiphers());
// Initialize the reader and writer with the new secured version
initReaderAndWriter();
// Proceed to do the handshake
sslSocket.startHandshake();
if (smackTlsContext.daneVerifier != null) {
smackTlsContext.daneVerifier.finish(sslSocket.getSession());
}
final HostnameVerifier verifier = getConfiguration().getHostnameVerifier();
if (verifier == null) {
throw new IllegalStateException("No HostnameVerifier set. Use connectionConfiguration.setHostnameVerifier() to configure.");
}
final String verifierHostname;
{
DnsName xmppServiceDomainDnsName = getConfiguration().getXmppServiceDomainAsDnsNameIfPossible();
// See also: https://bugzilla.mozilla.org/show_bug.cgi?id=280839#c1
if (xmppServiceDomainDnsName != null) {
verifierHostname = xmppServiceDomainDnsName.ace;
} else {
LOGGER.log(Level.WARNING, "XMPP service domain name '" + getXMPPServiceDomain() + "' can not be represented as DNS name. TLS X.509 certificate validiation may fail.");
verifierHostname = getXMPPServiceDomain().toString();
}
}
final boolean verificationSuccessful;
// Verify the TLS session.
verificationSuccessful = verifier.verify(verifierHostname, sslSocket.getSession());
if (!verificationSuccessful) {
throw new CertificateException("Hostname verification of certificate failed. Certificate does not authenticate " + getXMPPServiceDomain());
}
// Set that TLS was successful
secureSocket = sslSocket;
}
use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.
the class RemoteXmppTcpConnectionEndpoints method resolveDomain.
/**
* @param domain the domain.
* @param domainType the XMPP domain type, server or client.
* @param lookupFailures a list that will be populated with all failures that oocured during lookup.
* @param dnssecMode the DNSSEC mode.
* @param dnsResolver the DNS resolver to use.
* @return a list of resolved host addresses for this domain.
*/
private static List<Rfc6120TcpRemoteConnectionEndpoint> resolveDomain(DnsName domain, DomainType domainType, List<RemoteConnectionEndpointLookupFailure> lookupFailures, DnssecMode dnssecMode, DNSResolver dnsResolver) {
List<Rfc6120TcpRemoteConnectionEndpoint> endpoints = new ArrayList<>();
// Step one: Do SRV lookups
DnsName srvDomain = DnsName.from(domainType.srvPrefix, domain);
Collection<SRV> srvRecords = dnsResolver.lookupSrvRecords(srvDomain, lookupFailures, dnssecMode);
if (srvRecords != null && !srvRecords.isEmpty()) {
if (LOGGER.isLoggable(Level.FINE)) {
String logMessage = "Resolved SRV RR for " + srvDomain + ":";
for (SRV r : srvRecords) logMessage += " " + r;
LOGGER.fine(logMessage);
}
List<SRV> sortedSrvRecords = SrvUtil.sortSrvRecords(srvRecords);
for (SRV srv : sortedSrvRecords) {
List<InetAddress> targetInetAddresses = dnsResolver.lookupHostAddress(srv.target, lookupFailures, dnssecMode);
if (targetInetAddresses != null) {
SrvXmppRemoteConnectionEndpoint endpoint = new SrvXmppRemoteConnectionEndpoint(srv, targetInetAddresses);
endpoints.add(endpoint);
}
}
} else {
LOGGER.info("Could not resolve DNS SRV resource records for " + srvDomain + ". Consider adding those.");
}
UInt16 defaultPort;
switch(domainType) {
case client:
defaultPort = UInt16.from(5222);
break;
case server:
defaultPort = UInt16.from(5269);
break;
default:
throw new AssertionError();
}
// Step two: Add the hostname to the end of the list
List<InetAddress> hostAddresses = dnsResolver.lookupHostAddress(domain, lookupFailures, dnssecMode);
if (hostAddresses != null) {
for (InetAddress inetAddress : hostAddresses) {
IpTcpRemoteConnectionEndpoint<InternetAddressRR<?>> endpoint = IpTcpRemoteConnectionEndpoint.from(domain, defaultPort, inetAddress);
endpoints.add(endpoint);
}
}
return endpoints;
}
use of org.minidns.dnsname.DNSName in project Smack by igniterealtime.
the class DNSJavaResolver method lookupSrvRecords0.
@Override
protected List<SRV> lookupSrvRecords0(DnsName name, List<RemoteConnectionEndpointLookupFailure> lookupFailures, DnssecMode dnssecMode) {
Lookup lookup;
try {
lookup = new Lookup(name.ace, Type.SRV);
} catch (TextParseException e) {
RemoteConnectionEndpointLookupFailure failure = new RemoteConnectionEndpointLookupFailure.DnsLookupFailure(name, e);
lookupFailures.add(failure);
return null;
}
Record[] recs = lookup.run();
if (recs == null) {
// TODO: When does this happen? Do we want/need to record a lookup failure?
return null;
}
List<SRV> res = new ArrayList<>();
for (Record record : recs) {
org.xbill.DNS.SRVRecord srvRecord = (org.xbill.DNS.SRVRecord) record;
if (srvRecord != null && srvRecord.getTarget() != null) {
DnsName host = DnsName.from(srvRecord.getTarget().toString());
int port = srvRecord.getPort();
int priority = srvRecord.getPriority();
int weight = srvRecord.getWeight();
SRV r = new SRV(priority, weight, port, host);
res.add(r);
}
}
return res;
}
Aggregations