diff options
author | Christian Schneppe <christian@pix-art.de> | 2018-02-19 21:01:11 +0100 |
---|---|---|
committer | Christian Schneppe <christian@pix-art.de> | 2018-02-19 21:01:11 +0100 |
commit | 2552e172c190f704aa687f07666cefcedfce1306 (patch) | |
tree | 3f01c49059323f4f9b7caa460ddf3d727e5dc832 /src/main/java | |
parent | 2e29525bd7df66fe4eb7b5c1683ca4822acefbb3 (diff) |
do not allow insecure bind
Diffstat (limited to 'src/main/java')
-rw-r--r-- | src/main/java/de/pixart/messenger/xmpp/XmppConnection.java | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java b/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java index f58aeb671..e37719533 100644 --- a/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java +++ b/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java @@ -904,22 +904,20 @@ public class XmppConnection implements Runnable { } } - private void processStreamFeatures(final Tag currentTag) - throws XmlPullParserException, IOException { + private void processStreamFeatures(final Tag currentTag) throws XmlPullParserException, IOException { this.streamFeatures = tagReader.readElement(currentTag); + final boolean isSecure = features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS; if (this.streamFeatures.hasChild("starttls") && !features.encryptionEnabled) { sendStartTLS(); } else if (this.streamFeatures.hasChild("register") && account.isOptionSet(Account.OPTION_REGISTER)) { - if (features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS) { + if (isSecure) { sendRegistryRequest(); } else { throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER); } } else if (!this.streamFeatures.hasChild("register") && account.isOptionSet(Account.OPTION_REGISTER)) { throw new StateChangingException(Account.State.REGISTRATION_NOT_SUPPORTED); - } else if (this.streamFeatures.hasChild("mechanisms") - && shouldAuthenticate - && (features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS)) { + } else if (this.streamFeatures.hasChild("mechanisms") && shouldAuthenticate && isSecure) { authenticate(); } else if (this.streamFeatures.hasChild("sm", "urn:xmpp:sm:" + smVersion) && streamId != null) { if (Config.EXTENDED_SM_LOGGING) { @@ -930,7 +928,7 @@ public class XmppConnection implements Runnable { this.mWaitingForSmCatchup.set(true); this.tagWriter.writeStanzaAsync(resume); } else if (needsBinding) { - if (this.streamFeatures.hasChild("bind")) { + if (this.streamFeatures.hasChild("bind") && isSecure) { sendBindRequest(); } else { throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER); |