thedevstack/PiratX-Archive
Archived
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

do not allow insecure bind

Browse source
This commit is contained in:
Christian Schneppe 2018-02-19 21:01:11 +01:00
parent 2e29525bd7
commit 2552e172c1
1 changed files with 5 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/main/java/de/pixart/messenger/xmpp/XmppConnection.java
View file

@ -904,22 +904,20 @@ public class XmppConnection implements Runnable {
}
}
private void processStreamFeatures(final Tag currentTag)
throws XmlPullParserException, IOException {
private void processStreamFeatures(final Tag currentTag) throws XmlPullParserException, IOException {
this.streamFeatures = tagReader.readElement(currentTag);
final boolean isSecure = features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS;
if (this.streamFeatures.hasChild("starttls") && !features.encryptionEnabled) {
sendStartTLS();
} else if (this.streamFeatures.hasChild("register") && account.isOptionSet(Account.OPTION_REGISTER)) {
if (features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS) {
if (isSecure) {
sendRegistryRequest();
} else {
throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
}
} else if (!this.streamFeatures.hasChild("register") && account.isOptionSet(Account.OPTION_REGISTER)) {
throw new StateChangingException(Account.State.REGISTRATION_NOT_SUPPORTED);
} else if (this.streamFeatures.hasChild("mechanisms")
&& shouldAuthenticate
&& (features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS)) {
} else if (this.streamFeatures.hasChild("mechanisms") && shouldAuthenticate && isSecure) {
authenticate();
} else if (this.streamFeatures.hasChild("sm", "urn:xmpp:sm:" + smVersion) && streamId != null) {
if (Config.EXTENDED_SM_LOGGING) {
@ -930,7 +928,7 @@ public class XmppConnection implements Runnable {
this.mWaitingForSmCatchup.set(true);
this.tagWriter.writeStanzaAsync(resume);
} else if (needsBinding) {
if (this.streamFeatures.hasChild("bind")) {
if (this.streamFeatures.hasChild("bind") && isSecure) {
sendBindRequest();
} else {
throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);