Skip to content

O
Openfire
Commit 0b77ccad authored by Gaston Dombiak's avatar Gaston Dombiak Committed by gato
Browse files
Options

Attempt piggibacking only on sessions created using server dialback. 

git-svn-id: http://svn.igniterealtime.org/svn/repos/messenger/trunk@2895 b35dd754-fafc-0310-a699-88a17e54d16e
parent dccc8377
Show whitespace changes
Inline Side-by-side
Showing with 21 additions and 22 deletions
src/java/org/jivesoftware/messenger/server/OutgoingServerSession.java
View file @ 0b77ccad
...@@ -70,6 +70,10 @@ public class OutgoingServerSession extends Session { ...@@ -70,6 +70,10 @@ public class OutgoingServerSession extends Session {
private Collection<String> authenticatedDomains = new ArrayList<String>(); private Collection<String> authenticatedDomains = new ArrayList<String>();
private Collection<String> hostnames = new ArrayList<String>(); private Collection<String> hostnames = new ArrayList<String>();
private OutgoingServerSocketReader socketReader; private OutgoingServerSocketReader socketReader;
/**
* Flag that indicates if the session was created usign server-dialback.
*/
private boolean usingServerDialback = true;
/** /**
* Creates a new outgoing connection to the specified hostname if no one exists. The port of * Creates a new outgoing connection to the specified hostname if no one exists. The port of
...@@ -99,9 +103,9 @@ public class OutgoingServerSession extends Session { ...@@ -99,9 +103,9 @@ public class OutgoingServerSession extends Session {
return false; return false;
} }
// Check if a session already exists to the desired hostname (i.e. remote server). If // Check if a session, that is using server dialback, already exists to the desired
// no one exists then create a new session. The same session will be used for the same // hostname (i.e. remote server). If no one exists then create a new session. The same
// hostname for all the domains to authenticate // session will be used for the same hostname for all the domains to authenticate
SessionManager sessionManager = SessionManager.getInstance(); SessionManager sessionManager = SessionManager.getInstance();
OutgoingServerSession session = sessionManager.getOutgoingServerSession(hostname); OutgoingServerSession session = sessionManager.getOutgoingServerSession(hostname);
if (session == null) { if (session == null) {
...@@ -111,11 +115,17 @@ public class OutgoingServerSession extends Session { ...@@ -111,11 +115,17 @@ public class OutgoingServerSession extends Session {
for (String otherHostname : incomingSession.getValidatedDomains()) { for (String otherHostname : incomingSession.getValidatedDomains()) {
session = sessionManager.getOutgoingServerSession(otherHostname); session = sessionManager.getOutgoingServerSession(otherHostname);
if (session != null) { if (session != null) {
if (session.usingServerDialback) {
// A session to the same remote server but with different hostname // A session to the same remote server but with different hostname
// was found. Use this session and add the new hostname to the session // was found. Use this session and add the new hostname to the
// session
session.addHostname(hostname); session.addHostname(hostname);
break; break;
} }
else {
session = null;
}
}
} }
} }
} }
...@@ -189,6 +199,8 @@ public class OutgoingServerSession extends Session { ...@@ -189,6 +199,8 @@ public class OutgoingServerSession extends Session {
} }
} }
} }
// A session already exists. The session was established using server dialback so
// it is possible to do piggybacking to authenticate more domains
if (session.getAuthenticatedDomains().contains(domain)) { if (session.getAuthenticatedDomains().contains(domain)) {
// Do nothing since the domain has already been authenticated // Do nothing since the domain has already been authenticated
return true; return true;
...@@ -374,6 +386,8 @@ public class OutgoingServerSession extends Session { ...@@ -374,6 +386,8 @@ public class OutgoingServerSession extends Session {
connection.init(session); connection.init(session);
// Set the hostname as the address of the session // Set the hostname as the address of the session
session.setAddress(new JID(null, hostname, null)); session.setAddress(new JID(null, hostname, null));
// Set that the session was created using TLS+SASL (no server dialback)
session.usingServerDialback = false;
return session; return session;
} }
else { else {
...@@ -420,21 +434,6 @@ public class OutgoingServerSession extends Session { ...@@ -420,21 +434,6 @@ public class OutgoingServerSession extends Session {
public void process(Packet packet) throws UnauthorizedException, PacketException { public void process(Packet packet) throws UnauthorizedException, PacketException {
if (conn != null && !conn.isClosed()) { if (conn != null && !conn.isClosed()) {
try { try {
// Check if the domain from where the packet is being sent has been authenticated
// with the remote server. This may be the case for subdomains hosted in this
// server
if (!getAuthenticatedDomains().contains(packet.getFrom().getDomain())) {
// We need to do "piggybacking" and authenticate the domain from where the
// packet is being sent using the existing connection
if (!authenticateDomain(packet.getFrom().getDomain(), packet.getTo().getDomain())) {
// Authentication of the subdomain failed
Log.error("Authentication of subdomain: " + packet.getFrom().getDomain() +
" with remote server: " + packet.getTo().getDomain() +
"has failed. Packet not sent to remote server: " + packet.toXML());
return;
}
}
conn.deliver(packet); conn.deliver(packet);
} }
catch (Exception e) { catch (Exception e) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023