1package eu.siacs.conversations.xmpp;
2
3import static eu.siacs.conversations.utils.Random.SECURE_RANDOM;
4
5import android.content.Context;
6import android.graphics.Bitmap;
7import android.graphics.BitmapFactory;
8import android.os.Build;
9import android.os.SystemClock;
10import android.security.KeyChain;
11import android.util.Base64;
12import android.util.Log;
13import android.util.Pair;
14import android.util.SparseArray;
15
16import androidx.annotation.NonNull;
17import androidx.annotation.Nullable;
18
19import com.google.common.base.MoreObjects;
20import com.google.common.base.Optional;
21import com.google.common.base.Preconditions;
22import com.google.common.base.Strings;
23import com.google.common.collect.ImmutableList;
24
25import eu.siacs.conversations.Config;
26import eu.siacs.conversations.R;
27import eu.siacs.conversations.crypto.XmppDomainVerifier;
28import eu.siacs.conversations.crypto.axolotl.AxolotlService;
29import eu.siacs.conversations.crypto.sasl.ChannelBinding;
30import eu.siacs.conversations.crypto.sasl.ChannelBindingMechanism;
31import eu.siacs.conversations.crypto.sasl.HashedToken;
32import eu.siacs.conversations.crypto.sasl.SaslMechanism;
33import eu.siacs.conversations.entities.Account;
34import eu.siacs.conversations.entities.Message;
35import eu.siacs.conversations.entities.ServiceDiscoveryResult;
36import eu.siacs.conversations.generator.IqGenerator;
37import eu.siacs.conversations.http.HttpConnectionManager;
38import eu.siacs.conversations.persistance.FileBackend;
39import eu.siacs.conversations.services.MemorizingTrustManager;
40import eu.siacs.conversations.services.MessageArchiveService;
41import eu.siacs.conversations.services.NotificationService;
42import eu.siacs.conversations.services.XmppConnectionService;
43import eu.siacs.conversations.utils.AccountUtils;
44import eu.siacs.conversations.utils.CryptoHelper;
45import eu.siacs.conversations.utils.Patterns;
46import eu.siacs.conversations.utils.PhoneHelper;
47import eu.siacs.conversations.utils.Resolver;
48import eu.siacs.conversations.utils.SSLSockets;
49import eu.siacs.conversations.utils.SocksSocketFactory;
50import eu.siacs.conversations.utils.XmlHelper;
51import eu.siacs.conversations.xml.Element;
52import eu.siacs.conversations.xml.LocalizedContent;
53import eu.siacs.conversations.xml.Namespace;
54import eu.siacs.conversations.xml.Tag;
55import eu.siacs.conversations.xml.TagWriter;
56import eu.siacs.conversations.xml.XmlReader;
57import eu.siacs.conversations.xmpp.bind.Bind2;
58import eu.siacs.conversations.xmpp.forms.Data;
59import eu.siacs.conversations.xmpp.jingle.OnJinglePacketReceived;
60import eu.siacs.conversations.xmpp.jingle.stanzas.JinglePacket;
61import eu.siacs.conversations.xmpp.stanzas.AbstractAcknowledgeableStanza;
62import eu.siacs.conversations.xmpp.stanzas.AbstractStanza;
63import eu.siacs.conversations.xmpp.stanzas.IqPacket;
64import eu.siacs.conversations.xmpp.stanzas.MessagePacket;
65import eu.siacs.conversations.xmpp.stanzas.PresencePacket;
66import eu.siacs.conversations.xmpp.stanzas.csi.ActivePacket;
67import eu.siacs.conversations.xmpp.stanzas.csi.InactivePacket;
68import eu.siacs.conversations.xmpp.stanzas.streammgmt.AckPacket;
69import eu.siacs.conversations.xmpp.stanzas.streammgmt.EnablePacket;
70import eu.siacs.conversations.xmpp.stanzas.streammgmt.RequestPacket;
71import eu.siacs.conversations.xmpp.stanzas.streammgmt.ResumePacket;
72
73import okhttp3.HttpUrl;
74
75import org.xmlpull.v1.XmlPullParserException;
76
77import java.io.ByteArrayInputStream;
78import java.io.IOException;
79import java.io.InputStream;
80import java.net.ConnectException;
81import java.net.IDN;
82import java.net.InetAddress;
83import java.net.InetSocketAddress;
84import java.net.Socket;
85import java.net.UnknownHostException;
86import java.security.KeyManagementException;
87import java.security.NoSuchAlgorithmException;
88import java.security.Principal;
89import java.security.PrivateKey;
90import java.security.cert.X509Certificate;
91import java.util.ArrayList;
92import java.util.Arrays;
93import java.util.Collection;
94import java.util.Collections;
95import java.util.HashMap;
96import java.util.HashSet;
97import java.util.Hashtable;
98import java.util.Iterator;
99import java.util.List;
100import java.util.Map.Entry;
101import java.util.Set;
102import java.util.concurrent.CountDownLatch;
103import java.util.concurrent.TimeUnit;
104import java.util.concurrent.atomic.AtomicBoolean;
105import java.util.concurrent.atomic.AtomicInteger;
106import java.util.regex.Matcher;
107
108import javax.net.ssl.KeyManager;
109import javax.net.ssl.SSLContext;
110import javax.net.ssl.SSLPeerUnverifiedException;
111import javax.net.ssl.SSLSocket;
112import javax.net.ssl.SSLSocketFactory;
113import javax.net.ssl.X509KeyManager;
114import javax.net.ssl.X509TrustManager;
115
116public class XmppConnection implements Runnable {
117
118 private static final int PACKET_IQ = 0;
119 private static final int PACKET_MESSAGE = 1;
120 private static final int PACKET_PRESENCE = 2;
121 public final OnIqPacketReceived registrationResponseListener =
122 (account, packet) -> {
123 if (packet.getType() == IqPacket.TYPE.RESULT) {
124 account.setOption(Account.OPTION_REGISTER, false);
125 Log.d(
126 Config.LOGTAG,
127 account.getJid().asBareJid()
128 + ": successfully registered new account on server");
129 throw new StateChangingError(Account.State.REGISTRATION_SUCCESSFUL);
130 } else {
131 final List<String> PASSWORD_TOO_WEAK_MSGS =
132 Arrays.asList(
133 "The password is too weak", "Please use a longer password.");
134 Element error = packet.findChild("error");
135 Account.State state = Account.State.REGISTRATION_FAILED;
136 if (error != null) {
137 if (error.hasChild("conflict")) {
138 state = Account.State.REGISTRATION_CONFLICT;
139 } else if (error.hasChild("resource-constraint")
140 && "wait".equals(error.getAttribute("type"))) {
141 state = Account.State.REGISTRATION_PLEASE_WAIT;
142 } else if (error.hasChild("not-acceptable")
143 && PASSWORD_TOO_WEAK_MSGS.contains(
144 error.findChildContent("text"))) {
145 state = Account.State.REGISTRATION_PASSWORD_TOO_WEAK;
146 }
147 }
148 throw new StateChangingError(state);
149 }
150 };
151 protected final Account account;
152 private final Features features = new Features(this);
153 private final HashMap<Jid, ServiceDiscoveryResult> disco = new HashMap<>();
154 private final HashMap<String, Jid> commands = new HashMap<>();
155 private final SparseArray<AbstractAcknowledgeableStanza> mStanzaQueue = new SparseArray<>();
156 private final Hashtable<String, Pair<IqPacket, OnIqPacketReceived>> packetCallbacks =
157 new Hashtable<>();
158 private final Set<OnAdvancedStreamFeaturesLoaded> advancedStreamFeaturesLoadedListeners =
159 new HashSet<>();
160 private final XmppConnectionService mXmppConnectionService;
161 private Socket socket;
162 private XmlReader tagReader;
163 private TagWriter tagWriter = new TagWriter();
164 private boolean shouldAuthenticate = true;
165 private boolean inSmacksSession = false;
166 private boolean quickStartInProgress = false;
167 private boolean isBound = false;
168 private Element streamFeatures;
169 private Element boundStreamFeatures;
170 private StreamId streamId = null;
171 private int stanzasReceived = 0;
172 private int stanzasSent = 0;
173 private int stanzasSentBeforeAuthentication;
174 private long lastPacketReceived = 0;
175 private long lastPingSent = 0;
176 private long lastConnect = 0;
177 private long lastSessionStarted = 0;
178 private long lastDiscoStarted = 0;
179 private boolean isMamPreferenceAlways = false;
180 private final AtomicInteger mPendingServiceDiscoveries = new AtomicInteger(0);
181 private final AtomicBoolean mWaitForDisco = new AtomicBoolean(true);
182 private final AtomicBoolean mWaitingForSmCatchup = new AtomicBoolean(false);
183 private final AtomicInteger mSmCatchupMessageCounter = new AtomicInteger(0);
184 private boolean mInteractive = false;
185 private int attempt = 0;
186 private OnPresencePacketReceived presenceListener = null;
187 private OnJinglePacketReceived jingleListener = null;
188 private OnIqPacketReceived unregisteredIqListener = null;
189 private OnMessagePacketReceived messageListener = null;
190 private OnStatusChanged statusListener = null;
191 private OnBindListener bindListener = null;
192 private OnMessageAcknowledged acknowledgedListener = null;
193 private LoginInfo loginInfo;
194 private HashedToken.Mechanism hashTokenRequest;
195 private HttpUrl redirectionUrl = null;
196 private String verifiedHostname = null;
197 private Resolver.Result currentResolverResult;
198 private Resolver.Result seeOtherHostResolverResult;
199 private volatile Thread mThread;
200 private CountDownLatch mStreamCountDownLatch;
201
202 public XmppConnection(final Account account, final XmppConnectionService service) {
203 this.account = account;
204 this.mXmppConnectionService = service;
205 }
206
207 private static void fixResource(Context context, Account account) {
208 String resource = account.getResource();
209 int fixedPartLength =
210 context.getString(R.string.app_name).length() + 1; // include the trailing dot
211 int randomPartLength = 4; // 3 bytes
212 if (resource != null && resource.length() > fixedPartLength + randomPartLength) {
213 if (validBase64(
214 resource.substring(fixedPartLength, fixedPartLength + randomPartLength))) {
215 account.setResource(resource.substring(0, fixedPartLength + randomPartLength));
216 }
217 }
218 }
219
220 private static boolean validBase64(String input) {
221 try {
222 return Base64.decode(input, Base64.URL_SAFE).length == 3;
223 } catch (Throwable throwable) {
224 return false;
225 }
226 }
227
228 private void changeStatus(final Account.State nextStatus) {
229 synchronized (this) {
230 if (Thread.currentThread().isInterrupted()) {
231 Log.d(
232 Config.LOGTAG,
233 account.getJid().asBareJid()
234 + ": not changing status to "
235 + nextStatus
236 + " because thread was interrupted");
237 return;
238 }
239 if (account.getStatus() != nextStatus) {
240 if (nextStatus == Account.State.OFFLINE
241 && account.getStatus() != Account.State.CONNECTING
242 && account.getStatus() != Account.State.ONLINE
243 && account.getStatus() != Account.State.DISABLED
244 && account.getStatus() != Account.State.LOGGED_OUT) {
245 return;
246 }
247 if (nextStatus == Account.State.ONLINE) {
248 this.attempt = 0;
249 }
250 account.setStatus(nextStatus);
251 } else {
252 return;
253 }
254 }
255 if (statusListener != null) {
256 statusListener.onStatusChanged(account);
257 }
258 }
259
260 public Jid getJidForCommand(final String node) {
261 synchronized (this.commands) {
262 return this.commands.get(node);
263 }
264 }
265
266 public void prepareNewConnection() {
267 this.lastConnect = SystemClock.elapsedRealtime();
268 this.lastPingSent = SystemClock.elapsedRealtime();
269 this.lastDiscoStarted = Long.MAX_VALUE;
270 this.mWaitingForSmCatchup.set(false);
271 this.changeStatus(Account.State.CONNECTING);
272 }
273
274 public boolean isWaitingForSmCatchup() {
275 return mWaitingForSmCatchup.get();
276 }
277
278 public void incrementSmCatchupMessageCounter() {
279 this.mSmCatchupMessageCounter.incrementAndGet();
280 }
281
282 protected void connect() {
283 if (mXmppConnectionService.areMessagesInitialized()) {
284 mXmppConnectionService.resetSendingToWaiting(account);
285 }
286 Log.d(Config.LOGTAG, account.getJid().asBareJid().toString() + ": connecting");
287 this.loginInfo = null;
288 this.features.encryptionEnabled = false;
289 this.inSmacksSession = false;
290 this.quickStartInProgress = false;
291 this.isBound = false;
292 this.attempt++;
293 this.verifiedHostname =
294 null; // will be set if user entered hostname is being used or hostname was verified
295 // with dnssec
296 try {
297 Socket localSocket;
298 shouldAuthenticate = !account.isOptionSet(Account.OPTION_REGISTER);
299 this.changeStatus(Account.State.CONNECTING);
300 final boolean useTor = mXmppConnectionService.useTorToConnect() || account.isOnion();
301 final boolean extended = mXmppConnectionService.showExtendedConnectionOptions();
302 if (useTor) {
303 String destination;
304 if (account.getHostname().isEmpty() || account.isOnion()) {
305 destination = account.getServer();
306 } else {
307 destination = account.getHostname();
308 this.verifiedHostname = destination;
309 }
310
311 final int port = account.getPort();
312 final boolean directTls = Resolver.useDirectTls(port);
313
314 Log.d(
315 Config.LOGTAG,
316 account.getJid().asBareJid()
317 + ": connect to "
318 + destination
319 + " via Tor. directTls="
320 + directTls);
321 localSocket = SocksSocketFactory.createSocketOverTor(destination, port);
322
323 if (directTls) {
324 localSocket = upgradeSocketToTls(localSocket);
325 features.encryptionEnabled = true;
326 }
327
328 try {
329 startXmpp(localSocket);
330 } catch (final InterruptedException e) {
331 Log.d(
332 Config.LOGTAG,
333 account.getJid().asBareJid()
334 + ": thread was interrupted before beginning stream");
335 return;
336 } catch (final Exception e) {
337 throw new IOException("Could not start stream", e);
338 }
339 } else {
340 final String domain = account.getServer();
341 final List<Resolver.Result> results;
342 final boolean hardcoded = extended && !account.getHostname().isEmpty();
343 if (hardcoded) {
344 results = Resolver.fromHardCoded(account.getHostname(), account.getPort());
345 } else {
346 results = Resolver.resolve(domain);
347 }
348 if (Thread.currentThread().isInterrupted()) {
349 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": Thread was interrupted");
350 return;
351 }
352 if (results.size() == 0) {
353 Log.e(
354 Config.LOGTAG,
355 account.getJid().asBareJid() + ": Resolver results were empty");
356 return;
357 }
358 final Resolver.Result storedBackupResult;
359 if (hardcoded) {
360 storedBackupResult = null;
361 } else {
362 storedBackupResult =
363 mXmppConnectionService.databaseBackend.findResolverResult(domain);
364 if (storedBackupResult != null && !results.contains(storedBackupResult)) {
365 results.add(storedBackupResult);
366 Log.d(
367 Config.LOGTAG,
368 account.getJid().asBareJid()
369 + ": loaded backup resolver result from db: "
370 + storedBackupResult);
371 }
372 }
373 final StreamId streamId = this.streamId;
374 final Resolver.Result resumeLocation = streamId == null ? null : streamId.location;
375 if (resumeLocation != null) {
376 Log.d(
377 Config.LOGTAG,
378 account.getJid().asBareJid()
379 + ": injected resume location on position 0");
380 results.add(0, resumeLocation);
381 }
382 final Resolver.Result seeOtherHost = this.seeOtherHostResolverResult;
383 if (seeOtherHost != null) {
384 Log.d(
385 Config.LOGTAG,
386 account.getJid().asBareJid()
387 + ": injected see-other-host on position 0");
388 results.add(0, seeOtherHost);
389 }
390 for (final Iterator<Resolver.Result> iterator = results.iterator();
391 iterator.hasNext(); ) {
392 final Resolver.Result result = iterator.next();
393 if (Thread.currentThread().isInterrupted()) {
394 Log.d(
395 Config.LOGTAG,
396 account.getJid().asBareJid() + ": Thread was interrupted");
397 return;
398 }
399 try {
400 // if tls is true, encryption is implied and must not be started
401 features.encryptionEnabled = result.isDirectTls();
402 verifiedHostname =
403 result.isAuthenticated() ? result.getHostname().toString() : null;
404 final InetSocketAddress addr;
405 if (result.getIp() != null) {
406 addr = new InetSocketAddress(result.getIp(), result.getPort());
407 Log.d(
408 Config.LOGTAG,
409 account.getJid().asBareJid().toString()
410 + ": using values from resolver "
411 + (result.getHostname() == null
412 ? ""
413 : result.getHostname().toString() + "/")
414 + result.getIp().getHostAddress()
415 + ":"
416 + result.getPort()
417 + " tls: "
418 + features.encryptionEnabled);
419 } else {
420 addr =
421 new InetSocketAddress(
422 IDN.toASCII(result.getHostname().toString()),
423 result.getPort());
424 Log.d(
425 Config.LOGTAG,
426 account.getJid().asBareJid().toString()
427 + ": using values from resolver "
428 + result.getHostname().toString()
429 + ":"
430 + result.getPort()
431 + " tls: "
432 + features.encryptionEnabled);
433 }
434
435 localSocket = new Socket();
436 localSocket.connect(addr, Config.SOCKET_TIMEOUT * 1000);
437
438 if (features.encryptionEnabled) {
439 localSocket = upgradeSocketToTls(localSocket);
440 }
441
442 localSocket.setSoTimeout(Config.SOCKET_TIMEOUT * 1000);
443 if (startXmpp(localSocket)) {
444 localSocket.setSoTimeout(
445 0); // reset to 0; once the connection is established we don’t
446 // want this
447 if (!hardcoded && !result.equals(storedBackupResult)) {
448 mXmppConnectionService.databaseBackend.saveResolverResult(
449 domain, result);
450 }
451 this.currentResolverResult = result;
452 this.seeOtherHostResolverResult = null;
453 break; // successfully connected to server that speaks xmpp
454 } else {
455 FileBackend.close(localSocket);
456 throw new StateChangingException(Account.State.STREAM_OPENING_ERROR);
457 }
458 } catch (final StateChangingException e) {
459 if (!iterator.hasNext()) {
460 throw e;
461 }
462 } catch (InterruptedException e) {
463 Log.d(
464 Config.LOGTAG,
465 account.getJid().asBareJid()
466 + ": thread was interrupted before beginning stream");
467 return;
468 } catch (final Throwable e) {
469 Log.d(
470 Config.LOGTAG,
471 account.getJid().asBareJid().toString()
472 + ": "
473 + e.getMessage()
474 + "("
475 + e.getClass().getName()
476 + ")");
477 if (!iterator.hasNext()) {
478 throw new UnknownHostException();
479 }
480 }
481 }
482 }
483 processStream();
484 } catch (final SecurityException e) {
485 this.changeStatus(Account.State.MISSING_INTERNET_PERMISSION);
486 } catch (final StateChangingException e) {
487 this.changeStatus(e.state);
488 } catch (final UnknownHostException
489 | ConnectException
490 | SocksSocketFactory.HostNotFoundException e) {
491 this.changeStatus(Account.State.SERVER_NOT_FOUND);
492 } catch (final SocksSocketFactory.SocksProxyNotFoundException e) {
493 this.changeStatus(Account.State.TOR_NOT_AVAILABLE);
494 } catch (final IOException | XmlPullParserException e) {
495 Log.d(Config.LOGTAG, account.getJid().asBareJid().toString() + ": " + e.getMessage());
496 this.changeStatus(Account.State.OFFLINE);
497 this.attempt = Math.max(0, this.attempt - 1);
498 } finally {
499 if (!Thread.currentThread().isInterrupted()) {
500 forceCloseSocket();
501 } else {
502 Log.d(
503 Config.LOGTAG,
504 account.getJid().asBareJid()
505 + ": not force closing socket because thread was interrupted");
506 }
507 }
508 }
509
510 /**
511 * Starts xmpp protocol, call after connecting to socket
512 *
513 * @return true if server returns with valid xmpp, false otherwise
514 */
515 private boolean startXmpp(final Socket socket) throws Exception {
516 if (Thread.currentThread().isInterrupted()) {
517 throw new InterruptedException();
518 }
519 this.socket = socket;
520 tagReader = new XmlReader();
521 if (tagWriter != null) {
522 tagWriter.forceClose();
523 }
524 tagWriter = new TagWriter();
525 tagWriter.setOutputStream(socket.getOutputStream());
526 tagReader.setInputStream(socket.getInputStream());
527 tagWriter.beginDocument();
528 final boolean quickStart;
529 if (socket instanceof SSLSocket) {
530 final SSLSocket sslSocket = (SSLSocket) socket;
531 SSLSockets.log(account, sslSocket);
532 quickStart = establishStream(SSLSockets.version(sslSocket));
533 } else {
534 quickStart = establishStream(SSLSockets.Version.NONE);
535 }
536 final Tag tag = tagReader.readTag();
537 if (Thread.currentThread().isInterrupted()) {
538 throw new InterruptedException();
539 }
540 final boolean success = tag != null && tag.isStart("stream", Namespace.STREAMS);
541 if (success && quickStart) {
542 this.quickStartInProgress = true;
543 }
544 return success;
545 }
546
547 private SSLSocketFactory getSSLSocketFactory()
548 throws NoSuchAlgorithmException, KeyManagementException {
549 final SSLContext sc = SSLSockets.getSSLContext();
550 final MemorizingTrustManager trustManager =
551 this.mXmppConnectionService.getMemorizingTrustManager();
552 final KeyManager[] keyManager;
553 if (account.getPrivateKeyAlias() != null) {
554 keyManager = new KeyManager[] {new MyKeyManager()};
555 } else {
556 keyManager = null;
557 }
558 final String domain = account.getServer();
559 sc.init(
560 keyManager,
561 new X509TrustManager[] {
562 mInteractive
563 ? trustManager.getInteractive(domain)
564 : trustManager.getNonInteractive(domain)
565 },
566 SECURE_RANDOM);
567 return sc.getSocketFactory();
568 }
569
570 @Override
571 public void run() {
572 synchronized (this) {
573 this.mThread = Thread.currentThread();
574 if (this.mThread.isInterrupted()) {
575 Log.d(
576 Config.LOGTAG,
577 account.getJid().asBareJid()
578 + ": aborting connect because thread was interrupted");
579 return;
580 }
581 forceCloseSocket();
582 }
583 connect();
584 }
585
586 private void processStream() throws XmlPullParserException, IOException {
587 final CountDownLatch streamCountDownLatch = new CountDownLatch(1);
588 this.mStreamCountDownLatch = streamCountDownLatch;
589 Tag nextTag = tagReader.readTag();
590 while (nextTag != null && !nextTag.isEnd("stream")) {
591 if (nextTag.isStart("error")) {
592 processStreamError(nextTag);
593 } else if (nextTag.isStart("features", Namespace.STREAMS)) {
594 processStreamFeatures(nextTag);
595 } else if (nextTag.isStart("proceed", Namespace.TLS)) {
596 switchOverToTls();
597 } else if (nextTag.isStart("failure", Namespace.TLS)) {
598 throw new StateChangingException(Account.State.TLS_ERROR);
599 } else if (account.isOptionSet(Account.OPTION_REGISTER)
600 && nextTag.isStart("iq", Namespace.JABBER_CLIENT)) {
601 processIq(nextTag);
602 } else if (!isSecure() || this.loginInfo == null) {
603 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
604 } else if (nextTag.isStart("success")) {
605 final Element success = tagReader.readElement(nextTag);
606 if (processSuccess(success)) {
607 break;
608 }
609 } else if (nextTag.isStart("failure")) {
610 final Element failure = tagReader.readElement(nextTag);
611 processFailure(failure);
612 } else if (nextTag.isStart("continue", Namespace.SASL_2)) {
613 // two step sasl2 - we don’t support this yet
614 throw new StateChangingException(Account.State.INCOMPATIBLE_CLIENT);
615 } else if (nextTag.isStart("challenge")) {
616 final Element challenge = tagReader.readElement(nextTag);
617 processChallenge(challenge);
618 } else if (this.streamId != null
619 && nextTag.isStart("resumed", Namespace.STREAM_MANAGEMENT)) {
620 final Element resumed = tagReader.readElement(nextTag);
621 processResumed(resumed);
622 } else if (nextTag.isStart("failed", Namespace.STREAM_MANAGEMENT)) {
623 final Element failed = tagReader.readElement(nextTag);
624 processFailed(failed, true);
625 } else if (nextTag.isStart("iq", Namespace.JABBER_CLIENT)) {
626 processIq(nextTag);
627 } else if (!isBound) {
628 Log.d(
629 Config.LOGTAG,
630 account.getJid().asBareJid()
631 + ": server sent unexpected"
632 + nextTag.identifier());
633 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
634 } else if (nextTag.isStart("message", Namespace.JABBER_CLIENT)) {
635 processMessage(nextTag);
636 } else if (nextTag.isStart("presence", Namespace.JABBER_CLIENT)) {
637 processPresence(nextTag);
638 } else if (nextTag.isStart("enabled", Namespace.STREAM_MANAGEMENT)) {
639 final Element enabled = tagReader.readElement(nextTag);
640 processEnabled(enabled);
641 } else if (nextTag.isStart("r", Namespace.STREAM_MANAGEMENT)) {
642 tagReader.readElement(nextTag);
643 if (Config.EXTENDED_SM_LOGGING) {
644 Log.d(
645 Config.LOGTAG,
646 account.getJid().asBareJid()
647 + ": acknowledging stanza #"
648 + this.stanzasReceived);
649 }
650 final AckPacket ack = new AckPacket(this.stanzasReceived);
651 tagWriter.writeStanzaAsync(ack);
652 } else if (nextTag.isStart("a", Namespace.STREAM_MANAGEMENT)) {
653 boolean accountUiNeedsRefresh = false;
654 synchronized (NotificationService.CATCHUP_LOCK) {
655 if (mWaitingForSmCatchup.compareAndSet(true, false)) {
656 final int messageCount = mSmCatchupMessageCounter.get();
657 final int pendingIQs = packetCallbacks.size();
658 Log.d(
659 Config.LOGTAG,
660 account.getJid().asBareJid()
661 + ": SM catchup complete (messages="
662 + messageCount
663 + ", pending IQs="
664 + pendingIQs
665 + ")");
666 accountUiNeedsRefresh = true;
667 if (messageCount > 0) {
668 mXmppConnectionService
669 .getNotificationService()
670 .finishBacklog(true, account);
671 }
672 }
673 }
674 if (accountUiNeedsRefresh) {
675 mXmppConnectionService.updateAccountUi();
676 }
677 final Element ack = tagReader.readElement(nextTag);
678 lastPacketReceived = SystemClock.elapsedRealtime();
679 final boolean acknowledgedMessages;
680 synchronized (this.mStanzaQueue) {
681 final Optional<Integer> serverSequence = ack.getOptionalIntAttribute("h");
682 if (serverSequence.isPresent()) {
683 acknowledgedMessages = acknowledgeStanzaUpTo(serverSequence.get());
684 } else {
685 acknowledgedMessages = false;
686 Log.d(
687 Config.LOGTAG,
688 account.getJid().asBareJid()
689 + ": server send ack without sequence number");
690 }
691 }
692 if (acknowledgedMessages) {
693 mXmppConnectionService.updateConversationUi();
694 }
695 } else {
696 Log.e(
697 Config.LOGTAG,
698 account.getJid().asBareJid()
699 + ": Encountered unknown stream element"
700 + nextTag.identifier());
701 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
702 }
703 nextTag = tagReader.readTag();
704 }
705 if (nextTag != null && nextTag.isEnd("stream")) {
706 streamCountDownLatch.countDown();
707 }
708 }
709
710 private void processChallenge(final Element challenge) throws IOException {
711 final SaslMechanism.Version version;
712 try {
713 version = SaslMechanism.Version.of(challenge);
714 } catch (final IllegalArgumentException e) {
715 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
716 }
717 final Element response;
718 if (version == SaslMechanism.Version.SASL) {
719 response = new Element("response", Namespace.SASL);
720 } else if (version == SaslMechanism.Version.SASL_2) {
721 response = new Element("response", Namespace.SASL_2);
722 } else {
723 throw new AssertionError("Missing implementation for " + version);
724 }
725 try {
726 response.setContent(
727 this.loginInfo.saslMechanism.getResponse(
728 challenge.getContent(), sslSocketOrNull(socket)));
729 } catch (final SaslMechanism.AuthenticationException e) {
730 // TODO: Send auth abort tag.
731 Log.e(Config.LOGTAG, e.toString());
732 throw new StateChangingException(Account.State.UNAUTHORIZED);
733 }
734 tagWriter.writeElement(response);
735 }
736
737 private boolean processSuccess(final Element success)
738 throws IOException, XmlPullParserException {
739 final SaslMechanism.Version version;
740 try {
741 version = SaslMechanism.Version.of(success);
742 } catch (final IllegalArgumentException e) {
743 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
744 }
745 final LoginInfo currentLoginInfo = this.loginInfo;
746 final SaslMechanism currentSaslMechanism = LoginInfo.mechanism(currentLoginInfo);
747 if (currentLoginInfo == null || currentSaslMechanism == null) {
748 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
749 }
750 final String challenge;
751 if (version == SaslMechanism.Version.SASL) {
752 challenge = success.getContent();
753 } else if (version == SaslMechanism.Version.SASL_2) {
754 challenge = success.findChildContent("additional-data");
755 } else {
756 throw new AssertionError("Missing implementation for " + version);
757 }
758 try {
759 currentSaslMechanism.getResponse(challenge, sslSocketOrNull(socket));
760 } catch (final SaslMechanism.AuthenticationException e) {
761 Log.e(Config.LOGTAG, String.valueOf(e));
762 throw new StateChangingException(Account.State.UNAUTHORIZED);
763 }
764 Log.d(
765 Config.LOGTAG,
766 account.getJid().asBareJid().toString() + ": logged in (using " + version + ")");
767 if (SaslMechanism.pin(currentSaslMechanism)) {
768 account.setPinnedMechanism(currentSaslMechanism);
769 }
770 if (version == SaslMechanism.Version.SASL_2) {
771 final String authorizationIdentifier =
772 success.findChildContent("authorization-identifier");
773 final Jid authorizationJid;
774 try {
775 authorizationJid =
776 Strings.isNullOrEmpty(authorizationIdentifier)
777 ? null
778 : Jid.ofEscaped(authorizationIdentifier);
779 } catch (final IllegalArgumentException e) {
780 Log.d(
781 Config.LOGTAG,
782 account.getJid().asBareJid()
783 + ": SASL 2.0 authorization identifier was not a valid jid");
784 throw new StateChangingException(Account.State.BIND_FAILURE);
785 }
786 if (authorizationJid == null) {
787 throw new StateChangingException(Account.State.BIND_FAILURE);
788 }
789 Log.d(
790 Config.LOGTAG,
791 account.getJid().asBareJid()
792 + ": SASL 2.0 authorization identifier was "
793 + authorizationJid);
794 if (!account.getJid().getDomain().equals(authorizationJid.getDomain())) {
795 Log.d(
796 Config.LOGTAG,
797 account.getJid().asBareJid()
798 + ": server tried to re-assign domain to "
799 + authorizationJid.getDomain());
800 throw new StateChangingError(Account.State.BIND_FAILURE);
801 }
802 if (authorizationJid.isFullJid() && account.setJid(authorizationJid)) {
803 Log.d(
804 Config.LOGTAG,
805 account.getJid().asBareJid()
806 + ": jid changed during SASL 2.0. updating database");
807 }
808 final Element bound = success.findChild("bound", Namespace.BIND2);
809 final Element resumed = success.findChild("resumed", Namespace.STREAM_MANAGEMENT);
810 final Element failed = success.findChild("failed", Namespace.STREAM_MANAGEMENT);
811 final Element tokenWrapper = success.findChild("token", Namespace.FAST);
812 final String token = tokenWrapper == null ? null : tokenWrapper.getAttribute("token");
813 if (bound != null && resumed != null) {
814 Log.d(
815 Config.LOGTAG,
816 account.getJid().asBareJid()
817 + ": server sent bound and resumed in SASL2 success");
818 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
819 }
820 if (resumed != null && streamId != null) {
821 if (this.boundStreamFeatures != null) {
822 this.streamFeatures = this.boundStreamFeatures;
823 Log.d(
824 Config.LOGTAG,
825 "putting previous stream features back in place: "
826 + XmlHelper.printElementNames(this.boundStreamFeatures));
827 }
828 processResumed(resumed);
829 } else if (failed != null) {
830 processFailed(failed, false); // wait for new stream features
831 }
832 if (bound != null) {
833 clearIqCallbacks();
834 this.isBound = true;
835 processNopStreamFeatures();
836 this.boundStreamFeatures = this.streamFeatures;
837 final Element streamManagementEnabled =
838 bound.findChild("enabled", Namespace.STREAM_MANAGEMENT);
839 final Element carbonsEnabled = bound.findChild("enabled", Namespace.CARBONS);
840 final boolean waitForDisco;
841 if (streamManagementEnabled != null) {
842 resetOutboundStanzaQueue();
843 processEnabled(streamManagementEnabled);
844 waitForDisco = true;
845 } else {
846 // if we did not enable stream management in bind do it now
847 waitForDisco = enableStreamManagement();
848 }
849 final boolean negotiatedCarbons;
850 if (carbonsEnabled != null) {
851 negotiatedCarbons = true;
852 Log.d(
853 Config.LOGTAG,
854 account.getJid().asBareJid()
855 + ": successfully enabled carbons (via Bind 2.0)");
856 features.carbonsEnabled = true;
857 } else if (loginInfo.inlineBindFeatures.contains(Namespace.CARBONS)) {
858 negotiatedCarbons = true;
859 Log.d(
860 Config.LOGTAG,
861 account.getJid().asBareJid()
862 + ": successfully enabled carbons (via Bind 2.0/implicit)");
863 features.carbonsEnabled = true;
864 } else {
865 negotiatedCarbons = false;
866 }
867 sendPostBindInitialization(waitForDisco, negotiatedCarbons);
868 }
869 final HashedToken.Mechanism tokenMechanism;
870 if (SaslMechanism.hashedToken(currentSaslMechanism)) {
871 tokenMechanism = ((HashedToken) currentSaslMechanism).getTokenMechanism();
872 } else if (this.hashTokenRequest != null) {
873 tokenMechanism = this.hashTokenRequest;
874 } else {
875 tokenMechanism = null;
876 }
877 if (tokenMechanism != null && !Strings.isNullOrEmpty(token)) {
878 if (ChannelBinding.priority(tokenMechanism.channelBinding)
879 >= ChannelBindingMechanism.getPriority(currentSaslMechanism)) {
880 this.account.setFastToken(tokenMechanism, token);
881 Log.d(
882 Config.LOGTAG,
883 account.getJid().asBareJid()
884 + ": storing hashed token "
885 + tokenMechanism);
886 } else {
887 Log.d(
888 Config.LOGTAG,
889 account.getJid().asBareJid()
890 + ": not accepting hashed token "
891 + tokenMechanism.name()
892 + " for log in mechanism "
893 + currentSaslMechanism.getMechanism());
894 this.account.resetFastToken();
895 }
896 } else if (this.hashTokenRequest != null) {
897 Log.w(
898 Config.LOGTAG,
899 account.getJid().asBareJid()
900 + ": no response to our hashed token request "
901 + this.hashTokenRequest);
902 }
903 }
904 mXmppConnectionService.databaseBackend.updateAccount(account);
905 this.quickStartInProgress = false;
906 if (version == SaslMechanism.Version.SASL) {
907 tagReader.reset();
908 sendStartStream(false, true);
909 final Tag tag = tagReader.readTag();
910 if (tag != null && tag.isStart("stream", Namespace.STREAMS)) {
911 processStream();
912 return true;
913 } else {
914 throw new StateChangingException(Account.State.STREAM_OPENING_ERROR);
915 }
916 } else {
917 return false;
918 }
919 }
920
921 private void resetOutboundStanzaQueue() {
922 synchronized (this.mStanzaQueue) {
923 final List<AbstractAcknowledgeableStanza> intermediateStanzas = new ArrayList<>();
924 if (Config.EXTENDED_SM_LOGGING) {
925 Log.d(
926 Config.LOGTAG,
927 account.getJid().asBareJid()
928 + ": stanzas sent before auth: "
929 + this.stanzasSentBeforeAuthentication);
930 }
931 for (int i = this.stanzasSentBeforeAuthentication + 1; i <= this.stanzasSent; ++i) {
932 final AbstractAcknowledgeableStanza stanza = this.mStanzaQueue.get(i);
933 if (stanza != null) {
934 intermediateStanzas.add(stanza);
935 }
936 }
937 this.mStanzaQueue.clear();
938 for (int i = 0; i < intermediateStanzas.size(); ++i) {
939 this.mStanzaQueue.put(i, intermediateStanzas.get(i));
940 }
941 this.stanzasSent = intermediateStanzas.size();
942 if (Config.EXTENDED_SM_LOGGING) {
943 Log.d(
944 Config.LOGTAG,
945 account.getJid().asBareJid()
946 + ": resetting outbound stanza queue to "
947 + this.stanzasSent);
948 }
949 }
950 }
951
952 private void processNopStreamFeatures() throws IOException {
953 final Tag tag = tagReader.readTag();
954 if (tag != null && tag.isStart("features", Namespace.STREAMS)) {
955 this.streamFeatures = tagReader.readElement(tag);
956 Log.d(
957 Config.LOGTAG,
958 account.getJid().asBareJid()
959 + ": processed NOP stream features after success: "
960 + XmlHelper.printElementNames(this.streamFeatures));
961 } else {
962 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": received " + tag);
963 Log.d(
964 Config.LOGTAG,
965 account.getJid().asBareJid()
966 + ": server did not send stream features after SASL2 success");
967 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
968 }
969 }
970
971 private void processFailure(final Element failure) throws IOException {
972 final SaslMechanism.Version version;
973 try {
974 version = SaslMechanism.Version.of(failure);
975 } catch (final IllegalArgumentException e) {
976 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
977 }
978 Log.d(Config.LOGTAG, failure.toString());
979 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": login failure " + version);
980 if (SaslMechanism.hashedToken(LoginInfo.mechanism(this.loginInfo))) {
981 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": resetting token");
982 account.resetFastToken();
983 mXmppConnectionService.databaseBackend.updateAccount(account);
984 }
985 if (failure.hasChild("temporary-auth-failure")) {
986 throw new StateChangingException(Account.State.TEMPORARY_AUTH_FAILURE);
987 } else if (failure.hasChild("account-disabled")) {
988 final String text = failure.findChildContent("text");
989 if (Strings.isNullOrEmpty(text)) {
990 throw new StateChangingException(Account.State.UNAUTHORIZED);
991 }
992 final Matcher matcher = Patterns.AUTOLINK_WEB_URL.matcher(text);
993 if (matcher.find()) {
994 final HttpUrl url;
995 try {
996 url = HttpUrl.get(text.substring(matcher.start(), matcher.end()));
997 } catch (final IllegalArgumentException e) {
998 throw new StateChangingException(Account.State.UNAUTHORIZED);
999 }
1000 if (url.isHttps()) {
1001 this.redirectionUrl = url;
1002 throw new StateChangingException(Account.State.PAYMENT_REQUIRED);
1003 }
1004 }
1005 }
1006 if (SaslMechanism.hashedToken(LoginInfo.mechanism(this.loginInfo))) {
1007 Log.d(
1008 Config.LOGTAG,
1009 account.getJid().asBareJid()
1010 + ": fast authentication failed. falling back to regular authentication");
1011 authenticate();
1012 } else {
1013 throw new StateChangingException(Account.State.UNAUTHORIZED);
1014 }
1015 }
1016
1017 private static SSLSocket sslSocketOrNull(final Socket socket) {
1018 if (socket instanceof SSLSocket) {
1019 return (SSLSocket) socket;
1020 } else {
1021 return null;
1022 }
1023 }
1024
1025 private void processEnabled(final Element enabled) {
1026 final String id;
1027 if (enabled.getAttributeAsBoolean("resume")) {
1028 id = enabled.getAttribute("id");
1029 } else {
1030 id = null;
1031 }
1032 final String locationAttribute = enabled.getAttribute("location");
1033 final Resolver.Result currentResolverResult = this.currentResolverResult;
1034 final Resolver.Result location;
1035 if (Strings.isNullOrEmpty(locationAttribute) || currentResolverResult == null) {
1036 location = null;
1037 } else {
1038 location = currentResolverResult.seeOtherHost(locationAttribute);
1039 }
1040 final StreamId streamId = id == null ? null : new StreamId(id, location);
1041 if (streamId == null) {
1042 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": stream management enabled");
1043 } else {
1044 Log.d(
1045 Config.LOGTAG,
1046 account.getJid().asBareJid()
1047 + ": stream management enabled. resume at: "
1048 + streamId.location);
1049 }
1050 this.streamId = streamId;
1051 this.stanzasReceived = 0;
1052 this.inSmacksSession = true;
1053 final RequestPacket r = new RequestPacket();
1054 tagWriter.writeStanzaAsync(r);
1055 }
1056
1057 private void processResumed(final Element resumed) throws StateChangingException {
1058 this.inSmacksSession = true;
1059 this.isBound = true;
1060 this.tagWriter.writeStanzaAsync(new RequestPacket());
1061 lastPacketReceived = SystemClock.elapsedRealtime();
1062 final Optional<Integer> h = resumed.getOptionalIntAttribute("h");
1063 final int serverCount;
1064 if (h.isPresent()) {
1065 serverCount = h.get();
1066 } else {
1067 resetStreamId();
1068 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
1069 }
1070 final ArrayList<AbstractAcknowledgeableStanza> failedStanzas = new ArrayList<>();
1071 final boolean acknowledgedMessages;
1072 synchronized (this.mStanzaQueue) {
1073 if (serverCount < stanzasSent) {
1074 Log.d(
1075 Config.LOGTAG,
1076 account.getJid().asBareJid() + ": session resumed with lost packages");
1077 stanzasSent = serverCount;
1078 } else {
1079 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": session resumed");
1080 }
1081 acknowledgedMessages = acknowledgeStanzaUpTo(serverCount);
1082 for (int i = 0; i < this.mStanzaQueue.size(); ++i) {
1083 failedStanzas.add(mStanzaQueue.valueAt(i));
1084 }
1085 mStanzaQueue.clear();
1086 }
1087 if (acknowledgedMessages) {
1088 mXmppConnectionService.updateConversationUi();
1089 }
1090 Log.d(
1091 Config.LOGTAG,
1092 account.getJid().asBareJid() + ": resending " + failedStanzas.size() + " stanzas");
1093 for (final AbstractAcknowledgeableStanza packet : failedStanzas) {
1094 if (packet instanceof MessagePacket message) {
1095 mXmppConnectionService.markMessage(
1096 account,
1097 message.getTo().asBareJid(),
1098 message.getId(),
1099 Message.STATUS_UNSEND);
1100 }
1101 sendPacket(packet);
1102 }
1103 changeStatusToOnline();
1104 }
1105
1106 private void changeStatusToOnline() {
1107 Log.d(
1108 Config.LOGTAG,
1109 account.getJid().asBareJid() + ": online with resource " + account.getResource());
1110 changeStatus(Account.State.ONLINE);
1111 }
1112
1113 private void processFailed(final Element failed, final boolean sendBindRequest) {
1114 final Optional<Integer> serverCount = failed.getOptionalIntAttribute("h");
1115 if (serverCount.isPresent()) {
1116 Log.d(
1117 Config.LOGTAG,
1118 account.getJid().asBareJid()
1119 + ": resumption failed but server acknowledged stanza #"
1120 + serverCount.get());
1121 final boolean acknowledgedMessages;
1122 synchronized (this.mStanzaQueue) {
1123 acknowledgedMessages = acknowledgeStanzaUpTo(serverCount.get());
1124 }
1125 if (acknowledgedMessages) {
1126 mXmppConnectionService.updateConversationUi();
1127 }
1128 } else {
1129 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": resumption failed");
1130 }
1131 resetStreamId();
1132 if (sendBindRequest) {
1133 sendBindRequest();
1134 }
1135 }
1136
1137 private boolean acknowledgeStanzaUpTo(final int serverCount) {
1138 if (serverCount > stanzasSent) {
1139 Log.e(
1140 Config.LOGTAG,
1141 "server acknowledged more stanzas than we sent. serverCount="
1142 + serverCount
1143 + ", ourCount="
1144 + stanzasSent);
1145 }
1146 boolean acknowledgedMessages = false;
1147 for (int i = 0; i < mStanzaQueue.size(); ++i) {
1148 if (serverCount >= mStanzaQueue.keyAt(i)) {
1149 if (Config.EXTENDED_SM_LOGGING) {
1150 Log.d(
1151 Config.LOGTAG,
1152 account.getJid().asBareJid()
1153 + ": server acknowledged stanza #"
1154 + mStanzaQueue.keyAt(i));
1155 }
1156 final AbstractAcknowledgeableStanza stanza = mStanzaQueue.valueAt(i);
1157 if (stanza instanceof MessagePacket && acknowledgedListener != null) {
1158 final MessagePacket packet = (MessagePacket) stanza;
1159 final String id = packet.getId();
1160 final Jid to = packet.getTo();
1161 if (id != null && to != null) {
1162 acknowledgedMessages |=
1163 acknowledgedListener.onMessageAcknowledged(account, to, id);
1164 }
1165 }
1166 mStanzaQueue.removeAt(i);
1167 i--;
1168 }
1169 }
1170 return acknowledgedMessages;
1171 }
1172
1173 private @NonNull Element processPacket(final Tag currentTag, final int packetType)
1174 throws IOException {
1175 final Element element =
1176 switch (packetType) {
1177 case PACKET_IQ -> new IqPacket();
1178 case PACKET_MESSAGE -> new MessagePacket();
1179 case PACKET_PRESENCE -> new PresencePacket();
1180 default -> throw new AssertionError("Should never encounter invalid type");
1181 };
1182 element.setAttributes(currentTag.getAttributes());
1183 Tag nextTag = tagReader.readTag();
1184 if (nextTag == null) {
1185 throw new IOException("interrupted mid tag");
1186 }
1187 while (!nextTag.isEnd(element.getName())) {
1188 if (!nextTag.isNo()) {
1189 element.addChild(tagReader.readElement(nextTag));
1190 }
1191 nextTag = tagReader.readTag();
1192 if (nextTag == null) {
1193 throw new IOException("interrupted mid tag");
1194 }
1195 }
1196 if (stanzasReceived == Integer.MAX_VALUE) {
1197 resetStreamId();
1198 throw new IOException("time to restart the session. cant handle >2 billion pcks");
1199 }
1200 if (inSmacksSession) {
1201 ++stanzasReceived;
1202 } else if (features.sm()) {
1203 Log.d(
1204 Config.LOGTAG,
1205 account.getJid().asBareJid()
1206 + ": not counting stanza("
1207 + element.getClass().getSimpleName()
1208 + "). Not in smacks session.");
1209 }
1210 lastPacketReceived = SystemClock.elapsedRealtime();
1211 if (Config.BACKGROUND_STANZA_LOGGING && mXmppConnectionService.checkListeners()) {
1212 Log.d(Config.LOGTAG, "[background stanza] " + element);
1213 }
1214 if (element instanceof IqPacket
1215 && (((IqPacket) element).getType() == IqPacket.TYPE.SET)
1216 && element.hasChild("jingle", Namespace.JINGLE)) {
1217 return JinglePacket.upgrade((IqPacket) element);
1218 } else {
1219 return element;
1220 }
1221 }
1222
1223 private void processIq(final Tag currentTag) throws IOException {
1224 final IqPacket packet = (IqPacket) processPacket(currentTag, PACKET_IQ);
1225 if (!packet.valid()) {
1226 Log.e(
1227 Config.LOGTAG,
1228 "encountered invalid iq from='"
1229 + packet.getFrom()
1230 + "' to='"
1231 + packet.getTo()
1232 + "'");
1233 return;
1234 }
1235 if (Thread.currentThread().isInterrupted()) {
1236 Log.d(
1237 Config.LOGTAG,
1238 account.getJid().asBareJid() + "Not processing iq. Thread was interrupted");
1239 return;
1240 }
1241 if (packet instanceof JinglePacket jinglePacket && isBound) {
1242 if (this.jingleListener != null) {
1243 this.jingleListener.onJinglePacketReceived(account, jinglePacket);
1244 }
1245 } else {
1246 final OnIqPacketReceived callback = getIqPacketReceivedCallback(packet);
1247 if (callback == null) {
1248 Log.d(
1249 Config.LOGTAG,
1250 account.getJid().asBareJid().toString()
1251 + ": no callback registered for IQ from "
1252 + packet.getFrom());
1253 return;
1254 }
1255 try {
1256 callback.onIqPacketReceived(account, packet);
1257 } catch (final StateChangingError error) {
1258 throw new StateChangingException(error.state);
1259 }
1260 }
1261 }
1262
1263 private OnIqPacketReceived getIqPacketReceivedCallback(final IqPacket stanza)
1264 throws StateChangingException {
1265 final boolean isRequest =
1266 stanza.getType() == IqPacket.TYPE.GET || stanza.getType() == IqPacket.TYPE.SET;
1267 if (isRequest) {
1268 if (isBound) {
1269 return this.unregisteredIqListener;
1270 } else {
1271 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
1272 }
1273 } else {
1274 synchronized (this.packetCallbacks) {
1275 final var pair = packetCallbacks.get(stanza.getId());
1276 if (pair == null) {
1277 return null;
1278 }
1279 if (pair.first.toServer(account)) {
1280 if (stanza.fromServer(account)) {
1281 packetCallbacks.remove(stanza.getId());
1282 return pair.second;
1283 } else {
1284 Log.e(
1285 Config.LOGTAG,
1286 account.getJid().asBareJid().toString()
1287 + ": ignoring spoofed iq packet");
1288 }
1289 } else {
1290 if (stanza.getFrom() != null && stanza.getFrom().equals(pair.first.getTo())) {
1291 packetCallbacks.remove(stanza.getId());
1292 return pair.second;
1293 } else {
1294 Log.e(
1295 Config.LOGTAG,
1296 account.getJid().asBareJid().toString()
1297 + ": ignoring spoofed iq packet");
1298 }
1299 }
1300 }
1301 }
1302 return null;
1303 }
1304
1305 private void processMessage(final Tag currentTag) throws IOException {
1306 final MessagePacket packet = (MessagePacket) processPacket(currentTag, PACKET_MESSAGE);
1307 if (!packet.valid()) {
1308 Log.e(
1309 Config.LOGTAG,
1310 "encountered invalid message from='"
1311 + packet.getFrom()
1312 + "' to='"
1313 + packet.getTo()
1314 + "'");
1315 return;
1316 }
1317 if (Thread.currentThread().isInterrupted()) {
1318 Log.d(
1319 Config.LOGTAG,
1320 account.getJid().asBareJid()
1321 + "Not processing message. Thread was interrupted");
1322 return;
1323 }
1324 this.messageListener.onMessagePacketReceived(account, packet);
1325 }
1326
1327 private void processPresence(final Tag currentTag) throws IOException {
1328 final PresencePacket packet = (PresencePacket) processPacket(currentTag, PACKET_PRESENCE);
1329 if (!packet.valid()) {
1330 Log.e(
1331 Config.LOGTAG,
1332 "encountered invalid presence from='"
1333 + packet.getFrom()
1334 + "' to='"
1335 + packet.getTo()
1336 + "'");
1337 return;
1338 }
1339 if (Thread.currentThread().isInterrupted()) {
1340 Log.d(
1341 Config.LOGTAG,
1342 account.getJid().asBareJid()
1343 + "Not processing presence. Thread was interrupted");
1344 return;
1345 }
1346 this.presenceListener.onPresencePacketReceived(account, packet);
1347 }
1348
1349 private void sendStartTLS() throws IOException {
1350 final Tag startTLS = Tag.empty("starttls");
1351 startTLS.setAttribute("xmlns", Namespace.TLS);
1352 tagWriter.writeTag(startTLS);
1353 }
1354
1355 private void switchOverToTls() throws XmlPullParserException, IOException {
1356 tagReader.readTag();
1357 final Socket socket = this.socket;
1358 final SSLSocket sslSocket = upgradeSocketToTls(socket);
1359 this.socket = sslSocket;
1360 this.tagReader.setInputStream(sslSocket.getInputStream());
1361 this.tagWriter.setOutputStream(sslSocket.getOutputStream());
1362 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": TLS connection established");
1363 final boolean quickStart;
1364 try {
1365 quickStart = establishStream(SSLSockets.version(sslSocket));
1366 } catch (final InterruptedException e) {
1367 return;
1368 }
1369 if (quickStart) {
1370 this.quickStartInProgress = true;
1371 }
1372 features.encryptionEnabled = true;
1373 final Tag tag = tagReader.readTag();
1374 if (tag != null && tag.isStart("stream", Namespace.STREAMS)) {
1375 SSLSockets.log(account, sslSocket);
1376 processStream();
1377 } else {
1378 throw new StateChangingException(Account.State.STREAM_OPENING_ERROR);
1379 }
1380 sslSocket.close();
1381 }
1382
1383 private SSLSocket upgradeSocketToTls(final Socket socket) throws IOException {
1384 final SSLSocketFactory sslSocketFactory;
1385 try {
1386 sslSocketFactory = getSSLSocketFactory();
1387 } catch (final NoSuchAlgorithmException | KeyManagementException e) {
1388 throw new StateChangingException(Account.State.TLS_ERROR);
1389 }
1390 final InetAddress address = socket.getInetAddress();
1391 final SSLSocket sslSocket =
1392 (SSLSocket)
1393 sslSocketFactory.createSocket(
1394 socket, address.getHostAddress(), socket.getPort(), true);
1395 SSLSockets.setSecurity(sslSocket);
1396 SSLSockets.setHostname(sslSocket, IDN.toASCII(account.getServer()));
1397 SSLSockets.setApplicationProtocol(sslSocket, "xmpp-client");
1398 final XmppDomainVerifier xmppDomainVerifier = new XmppDomainVerifier();
1399 try {
1400 if (!xmppDomainVerifier.verify(
1401 account.getServer(), this.verifiedHostname, sslSocket.getSession())) {
1402 Log.d(
1403 Config.LOGTAG,
1404 account.getJid().asBareJid()
1405 + ": TLS certificate domain verification failed");
1406 FileBackend.close(sslSocket);
1407 throw new StateChangingException(Account.State.TLS_ERROR_DOMAIN);
1408 }
1409 } catch (final SSLPeerUnverifiedException e) {
1410 FileBackend.close(sslSocket);
1411 throw new StateChangingException(Account.State.TLS_ERROR);
1412 }
1413 return sslSocket;
1414 }
1415
1416 private void processStreamFeatures(final Tag currentTag) throws IOException {
1417 this.streamFeatures = tagReader.readElement(currentTag);
1418 final boolean isSecure = isSecure();
1419 final boolean needsBinding = !isBound && !account.isOptionSet(Account.OPTION_REGISTER);
1420 if (this.quickStartInProgress) {
1421 if (this.streamFeatures.hasChild("authentication", Namespace.SASL_2)) {
1422 Log.d(
1423 Config.LOGTAG,
1424 account.getJid().asBareJid()
1425 + ": quick start in progress. ignoring features: "
1426 + XmlHelper.printElementNames(this.streamFeatures));
1427 if (SaslMechanism.hashedToken(LoginInfo.mechanism(this.loginInfo))) {
1428 return;
1429 }
1430 if (isFastTokenAvailable(
1431 this.streamFeatures.findChild("authentication", Namespace.SASL_2))) {
1432 Log.d(
1433 Config.LOGTAG,
1434 account.getJid().asBareJid()
1435 + ": fast token available; resetting quick start");
1436 account.setOption(Account.OPTION_QUICKSTART_AVAILABLE, false);
1437 mXmppConnectionService.databaseBackend.updateAccount(account);
1438 }
1439 return;
1440 }
1441 Log.d(
1442 Config.LOGTAG,
1443 account.getJid().asBareJid()
1444 + ": server lost support for SASL 2. quick start not possible");
1445 this.account.setOption(Account.OPTION_QUICKSTART_AVAILABLE, false);
1446 mXmppConnectionService.databaseBackend.updateAccount(account);
1447 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
1448 }
1449 if (this.streamFeatures.hasChild("starttls", Namespace.TLS)
1450 && !features.encryptionEnabled) {
1451 sendStartTLS();
1452 } else if (this.streamFeatures.hasChild("register", Namespace.REGISTER_STREAM_FEATURE)
1453 && account.isOptionSet(Account.OPTION_REGISTER)) {
1454 if (isSecure) {
1455 register();
1456 } else {
1457 Log.d(
1458 Config.LOGTAG,
1459 account.getJid().asBareJid()
1460 + ": unable to find STARTTLS for registration process "
1461 + XmlHelper.printElementNames(this.streamFeatures));
1462 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
1463 }
1464 } else if (!this.streamFeatures.hasChild("register", Namespace.REGISTER_STREAM_FEATURE)
1465 && account.isOptionSet(Account.OPTION_REGISTER)) {
1466 throw new StateChangingException(Account.State.REGISTRATION_NOT_SUPPORTED);
1467 } else if (this.streamFeatures.hasChild("authentication", Namespace.SASL_2)
1468 && shouldAuthenticate
1469 && isSecure) {
1470 authenticate(SaslMechanism.Version.SASL_2);
1471 } else if (this.streamFeatures.hasChild("mechanisms", Namespace.SASL)
1472 && shouldAuthenticate
1473 && isSecure) {
1474 authenticate(SaslMechanism.Version.SASL);
1475 } else if (this.streamFeatures.hasChild("sm", Namespace.STREAM_MANAGEMENT)
1476 && isSecure
1477 && loginInfo != null
1478 && streamId != null
1479 && !inSmacksSession) {
1480 if (Config.EXTENDED_SM_LOGGING) {
1481 Log.d(
1482 Config.LOGTAG,
1483 account.getJid().asBareJid()
1484 + ": resuming after stanza #"
1485 + stanzasReceived);
1486 }
1487 final ResumePacket resume = new ResumePacket(this.streamId.id, stanzasReceived);
1488 this.mSmCatchupMessageCounter.set(0);
1489 this.mWaitingForSmCatchup.set(true);
1490 this.tagWriter.writeStanzaAsync(resume);
1491 } else if (needsBinding) {
1492 if (this.streamFeatures.hasChild("bind", Namespace.BIND)
1493 && isSecure
1494 && loginInfo != null) {
1495 sendBindRequest();
1496 } else {
1497 Log.d(
1498 Config.LOGTAG,
1499 account.getJid().asBareJid()
1500 + ": unable to find bind feature "
1501 + XmlHelper.printElementNames(this.streamFeatures));
1502 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
1503 }
1504 } else {
1505 Log.d(
1506 Config.LOGTAG,
1507 account.getJid().asBareJid()
1508 + ": received NOP stream features: "
1509 + XmlHelper.printElementNames(this.streamFeatures));
1510 }
1511 }
1512
1513 private void authenticate() throws IOException {
1514 final boolean isSecure = isSecure();
1515 if (isSecure && this.streamFeatures.hasChild("authentication", Namespace.SASL_2)) {
1516 authenticate(SaslMechanism.Version.SASL_2);
1517 } else if (isSecure && this.streamFeatures.hasChild("mechanisms", Namespace.SASL)) {
1518 authenticate(SaslMechanism.Version.SASL);
1519 } else {
1520 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
1521 }
1522 }
1523
1524 private boolean isSecure() {
1525 return features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS || account.isOnion();
1526 }
1527
1528 private void authenticate(final SaslMechanism.Version version) throws IOException {
1529 final Element authElement;
1530 if (version == SaslMechanism.Version.SASL) {
1531 authElement = this.streamFeatures.findChild("mechanisms", Namespace.SASL);
1532 } else {
1533 authElement = this.streamFeatures.findChild("authentication", Namespace.SASL_2);
1534 }
1535 final Collection<String> mechanisms = SaslMechanism.mechanisms(authElement);
1536 final Element cbElement =
1537 this.streamFeatures.findChild("sasl-channel-binding", Namespace.CHANNEL_BINDING);
1538 final Collection<ChannelBinding> channelBindings = ChannelBinding.of(cbElement);
1539 final SaslMechanism.Factory factory = new SaslMechanism.Factory(account);
1540 final SaslMechanism saslMechanism =
1541 factory.of(mechanisms, channelBindings, version, SSLSockets.version(this.socket));
1542 this.validate(saslMechanism, mechanisms);
1543 final boolean quickStartAvailable;
1544 final String firstMessage =
1545 saslMechanism.getClientFirstMessage(sslSocketOrNull(this.socket));
1546 final boolean usingFast = SaslMechanism.hashedToken(saslMechanism);
1547 final Element authenticate;
1548 if (version == SaslMechanism.Version.SASL) {
1549 authenticate = new Element("auth", Namespace.SASL);
1550 if (!Strings.isNullOrEmpty(firstMessage)) {
1551 authenticate.setContent(firstMessage);
1552 }
1553 quickStartAvailable = false;
1554 this.loginInfo = new LoginInfo(saslMechanism, version, Collections.emptyList());
1555 } else if (version == SaslMechanism.Version.SASL_2) {
1556 final Element inline = authElement.findChild("inline", Namespace.SASL_2);
1557 final boolean sm = inline != null && inline.hasChild("sm", Namespace.STREAM_MANAGEMENT);
1558 final HashedToken.Mechanism hashTokenRequest;
1559 if (usingFast) {
1560 hashTokenRequest = null;
1561 } else {
1562 final Element fast =
1563 inline == null ? null : inline.findChild("fast", Namespace.FAST);
1564 final Collection<String> fastMechanisms = SaslMechanism.mechanisms(fast);
1565 hashTokenRequest =
1566 HashedToken.Mechanism.best(fastMechanisms, SSLSockets.version(this.socket));
1567 }
1568 final Collection<String> bindFeatures = Bind2.features(inline);
1569 quickStartAvailable =
1570 sm
1571 && bindFeatures != null
1572 && bindFeatures.containsAll(Bind2.QUICKSTART_FEATURES);
1573 if (bindFeatures != null) {
1574 try {
1575 mXmppConnectionService.restoredFromDatabaseLatch.await();
1576 } catch (final InterruptedException e) {
1577 Log.d(
1578 Config.LOGTAG,
1579 account.getJid().asBareJid()
1580 + ": interrupted while waiting for DB restore during SASL2 bind");
1581 return;
1582 }
1583 }
1584 this.loginInfo = new LoginInfo(saslMechanism, version, bindFeatures);
1585 this.hashTokenRequest = hashTokenRequest;
1586 authenticate =
1587 generateAuthenticationRequest(
1588 firstMessage, usingFast, hashTokenRequest, bindFeatures, sm);
1589 } else {
1590 throw new AssertionError("Missing implementation for " + version);
1591 }
1592
1593 if (account.setOption(Account.OPTION_QUICKSTART_AVAILABLE, quickStartAvailable)) {
1594 mXmppConnectionService.databaseBackend.updateAccount(account);
1595 }
1596
1597 Log.d(
1598 Config.LOGTAG,
1599 account.getJid().toString()
1600 + ": Authenticating with "
1601 + version
1602 + "/"
1603 + LoginInfo.mechanism(this.loginInfo).getMechanism());
1604 authenticate.setAttribute("mechanism", LoginInfo.mechanism(this.loginInfo).getMechanism());
1605 synchronized (this.mStanzaQueue) {
1606 this.stanzasSentBeforeAuthentication = this.stanzasSent;
1607 tagWriter.writeElement(authenticate);
1608 }
1609 }
1610
1611 private static boolean isFastTokenAvailable(final Element authentication) {
1612 final Element inline = authentication == null ? null : authentication.findChild("inline");
1613 return inline != null && inline.hasChild("fast", Namespace.FAST);
1614 }
1615
1616 private void validate(
1617 final @Nullable SaslMechanism saslMechanism, Collection<String> mechanisms)
1618 throws StateChangingException {
1619 if (saslMechanism == null) {
1620 Log.d(
1621 Config.LOGTAG,
1622 account.getJid().asBareJid()
1623 + ": unable to find supported SASL mechanism in "
1624 + mechanisms);
1625 throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
1626 }
1627 if (SaslMechanism.hashedToken(saslMechanism)) {
1628 return;
1629 }
1630 final int pinnedMechanism = account.getPinnedMechanismPriority();
1631 if (pinnedMechanism > saslMechanism.getPriority()) {
1632 Log.e(
1633 Config.LOGTAG,
1634 "Auth failed. Authentication mechanism "
1635 + saslMechanism.getMechanism()
1636 + " has lower priority ("
1637 + saslMechanism.getPriority()
1638 + ") than pinned priority ("
1639 + pinnedMechanism
1640 + "). Possible downgrade attack?");
1641 throw new StateChangingException(Account.State.DOWNGRADE_ATTACK);
1642 }
1643 }
1644
1645 private Element generateAuthenticationRequest(
1646 final String firstMessage, final boolean usingFast) {
1647 return generateAuthenticationRequest(
1648 firstMessage, usingFast, null, Bind2.QUICKSTART_FEATURES, true);
1649 }
1650
1651 private Element generateAuthenticationRequest(
1652 final String firstMessage,
1653 final boolean usingFast,
1654 final HashedToken.Mechanism hashedTokenRequest,
1655 final Collection<String> bind,
1656 final boolean inlineStreamManagement) {
1657 final Element authenticate = new Element("authenticate", Namespace.SASL_2);
1658 if (!Strings.isNullOrEmpty(firstMessage)) {
1659 authenticate.addChild("initial-response").setContent(firstMessage);
1660 }
1661 final Element userAgent = authenticate.addChild("user-agent");
1662 userAgent.setAttribute("id", AccountUtils.publicDeviceId(account));
1663 userAgent
1664 .addChild("software")
1665 .setContent(mXmppConnectionService.getString(R.string.app_name));
1666 if (!PhoneHelper.isEmulator()) {
1667 userAgent
1668 .addChild("device")
1669 .setContent(String.format("%s %s", Build.MANUFACTURER, Build.MODEL));
1670 }
1671 // do not include bind if 'inlineStreamManagement' is missing and we have a streamId
1672 // (because we would rather just do a normal SM/resume)
1673 final boolean mayAttemptBind = streamId == null || inlineStreamManagement;
1674 if (bind != null && mayAttemptBind) {
1675 authenticate.addChild(generateBindRequest(bind));
1676 }
1677 if (inlineStreamManagement && streamId != null) {
1678 final ResumePacket resume = new ResumePacket(this.streamId.id, stanzasReceived);
1679 this.mSmCatchupMessageCounter.set(0);
1680 this.mWaitingForSmCatchup.set(true);
1681 authenticate.addChild(resume);
1682 }
1683 if (hashedTokenRequest != null) {
1684 authenticate
1685 .addChild("request-token", Namespace.FAST)
1686 .setAttribute("mechanism", hashedTokenRequest.name());
1687 }
1688 if (usingFast) {
1689 authenticate.addChild("fast", Namespace.FAST);
1690 }
1691 return authenticate;
1692 }
1693
1694 private Element generateBindRequest(final Collection<String> bindFeatures) {
1695 Log.d(Config.LOGTAG, "inline bind features: " + bindFeatures);
1696 final Element bind = new Element("bind", Namespace.BIND2);
1697 bind.addChild("tag").setContent(mXmppConnectionService.getString(R.string.app_name));
1698 if (bindFeatures.contains(Namespace.CARBONS)) {
1699 bind.addChild("enable", Namespace.CARBONS);
1700 }
1701 if (bindFeatures.contains(Namespace.STREAM_MANAGEMENT)) {
1702 bind.addChild(new EnablePacket());
1703 }
1704 return bind;
1705 }
1706
1707 private void register() {
1708 final String preAuth = account.getKey(Account.KEY_PRE_AUTH_REGISTRATION_TOKEN);
1709 if (preAuth != null && features.invite()) {
1710 final IqPacket preAuthRequest = new IqPacket(IqPacket.TYPE.SET);
1711 preAuthRequest.addChild("preauth", Namespace.PARS).setAttribute("token", preAuth);
1712 sendUnmodifiedIqPacket(
1713 preAuthRequest,
1714 (account, response) -> {
1715 if (response.getType() == IqPacket.TYPE.RESULT) {
1716 sendRegistryRequest();
1717 } else {
1718 final String error = response.getErrorCondition();
1719 Log.d(
1720 Config.LOGTAG,
1721 account.getJid().asBareJid()
1722 + ": failed to pre auth. "
1723 + error);
1724 throw new StateChangingError(Account.State.REGISTRATION_INVALID_TOKEN);
1725 }
1726 },
1727 true);
1728 } else {
1729 sendRegistryRequest();
1730 }
1731 }
1732
1733 private void sendRegistryRequest() {
1734 final IqPacket register = new IqPacket(IqPacket.TYPE.GET);
1735 register.query(Namespace.REGISTER);
1736 register.setTo(account.getDomain());
1737 sendUnmodifiedIqPacket(
1738 register,
1739 (account, packet) -> {
1740 if (packet.getType() == IqPacket.TYPE.TIMEOUT) {
1741 return;
1742 }
1743 if (packet.getType() == IqPacket.TYPE.ERROR) {
1744 throw new StateChangingError(Account.State.REGISTRATION_FAILED);
1745 }
1746 final Element query = packet.query(Namespace.REGISTER);
1747 if (query.hasChild("username") && (query.hasChild("password"))) {
1748 final IqPacket register1 = new IqPacket(IqPacket.TYPE.SET);
1749 final Element username =
1750 new Element("username").setContent(account.getUsername());
1751 final Element password =
1752 new Element("password").setContent(account.getPassword());
1753 register1.query(Namespace.REGISTER).addChild(username);
1754 register1.query().addChild(password);
1755 register1.setFrom(account.getJid().asBareJid());
1756 sendUnmodifiedIqPacket(register1, registrationResponseListener, true);
1757 } else if (query.hasChild("x", Namespace.DATA)) {
1758 final Data data = Data.parse(query.findChild("x", Namespace.DATA));
1759 final Element blob = query.findChild("data", "urn:xmpp:bob");
1760 final String id = packet.getId();
1761 InputStream is;
1762 if (blob != null) {
1763 try {
1764 final String base64Blob = blob.getContent();
1765 final byte[] strBlob = Base64.decode(base64Blob, Base64.DEFAULT);
1766 is = new ByteArrayInputStream(strBlob);
1767 } catch (Exception e) {
1768 is = null;
1769 }
1770 } else {
1771 final boolean useTor =
1772 mXmppConnectionService.useTorToConnect() || account.isOnion();
1773 try {
1774 final String url = data.getValue("url");
1775 final String fallbackUrl = data.getValue("captcha-fallback-url");
1776 if (url != null) {
1777 is = HttpConnectionManager.open(url, useTor);
1778 } else if (fallbackUrl != null) {
1779 is = HttpConnectionManager.open(fallbackUrl, useTor);
1780 } else {
1781 is = null;
1782 }
1783 } catch (final IOException e) {
1784 Log.d(
1785 Config.LOGTAG,
1786 account.getJid().asBareJid() + ": unable to fetch captcha",
1787 e);
1788 is = null;
1789 }
1790 }
1791
1792 if (is != null) {
1793 Bitmap captcha = BitmapFactory.decodeStream(is);
1794 try {
1795 if (mXmppConnectionService.displayCaptchaRequest(
1796 account, id, data, captcha)) {
1797 return;
1798 }
1799 } catch (Exception e) {
1800 throw new StateChangingError(Account.State.REGISTRATION_FAILED);
1801 }
1802 }
1803 throw new StateChangingError(Account.State.REGISTRATION_FAILED);
1804 } else if (query.hasChild("instructions")
1805 || query.hasChild("x", Namespace.OOB)) {
1806 final String instructions = query.findChildContent("instructions");
1807 final Element oob = query.findChild("x", Namespace.OOB);
1808 final String url = oob == null ? null : oob.findChildContent("url");
1809 if (url != null) {
1810 setAccountCreationFailed(url);
1811 } else if (instructions != null) {
1812 final Matcher matcher = Patterns.AUTOLINK_WEB_URL.matcher(instructions);
1813 if (matcher.find()) {
1814 setAccountCreationFailed(
1815 instructions.substring(matcher.start(), matcher.end()));
1816 }
1817 }
1818 throw new StateChangingError(Account.State.REGISTRATION_FAILED);
1819 }
1820 },
1821 true);
1822 }
1823
1824 private void setAccountCreationFailed(final String url) {
1825 final HttpUrl httpUrl = url == null ? null : HttpUrl.parse(url);
1826 if (httpUrl != null && httpUrl.isHttps()) {
1827 this.redirectionUrl = httpUrl;
1828 throw new StateChangingError(Account.State.REGISTRATION_WEB);
1829 }
1830 throw new StateChangingError(Account.State.REGISTRATION_FAILED);
1831 }
1832
1833 public HttpUrl getRedirectionUrl() {
1834 return this.redirectionUrl;
1835 }
1836
1837 public void resetEverything() {
1838 resetAttemptCount(true);
1839 resetStreamId();
1840 clearIqCallbacks();
1841 this.stanzasSent = 0;
1842 mStanzaQueue.clear();
1843 this.redirectionUrl = null;
1844 synchronized (this.disco) {
1845 disco.clear();
1846 }
1847 synchronized (this.commands) {
1848 this.commands.clear();
1849 }
1850 this.loginInfo = null;
1851 }
1852
1853 private void sendBindRequest() {
1854 try {
1855 mXmppConnectionService.restoredFromDatabaseLatch.await();
1856 } catch (InterruptedException e) {
1857 Log.d(
1858 Config.LOGTAG,
1859 account.getJid().asBareJid()
1860 + ": interrupted while waiting for DB restore during bind");
1861 return;
1862 }
1863 clearIqCallbacks();
1864 if (account.getJid().isBareJid()) {
1865 account.setResource(this.createNewResource());
1866 } else {
1867 fixResource(mXmppConnectionService, account);
1868 }
1869 final IqPacket iq = new IqPacket(IqPacket.TYPE.SET);
1870 final String resource =
1871 Config.USE_RANDOM_RESOURCE_ON_EVERY_BIND ? nextRandomId() : account.getResource();
1872 iq.addChild("bind", Namespace.BIND).addChild("resource").setContent(resource);
1873 this.sendUnmodifiedIqPacket(
1874 iq,
1875 (account, packet) -> {
1876 if (packet.getType() == IqPacket.TYPE.TIMEOUT) {
1877 return;
1878 }
1879 final Element bind = packet.findChild("bind");
1880 if (bind != null && packet.getType() == IqPacket.TYPE.RESULT) {
1881 isBound = true;
1882 final Element jid = bind.findChild("jid");
1883 if (jid != null && jid.getContent() != null) {
1884 try {
1885 Jid assignedJid = Jid.ofEscaped(jid.getContent());
1886 if (!account.getJid().getDomain().equals(assignedJid.getDomain())) {
1887 Log.d(
1888 Config.LOGTAG,
1889 account.getJid().asBareJid()
1890 + ": server tried to re-assign domain to "
1891 + assignedJid.getDomain());
1892 throw new StateChangingError(Account.State.BIND_FAILURE);
1893 }
1894 if (account.setJid(assignedJid)) {
1895 Log.d(
1896 Config.LOGTAG,
1897 account.getJid().asBareJid()
1898 + ": jid changed during bind. updating database");
1899 mXmppConnectionService.databaseBackend.updateAccount(account);
1900 }
1901 if (streamFeatures.hasChild("session")
1902 && !streamFeatures
1903 .findChild("session")
1904 .hasChild("optional")) {
1905 sendStartSession();
1906 } else {
1907 final boolean waitForDisco = enableStreamManagement();
1908 sendPostBindInitialization(waitForDisco, false);
1909 }
1910 return;
1911 } catch (final IllegalArgumentException e) {
1912 Log.d(
1913 Config.LOGTAG,
1914 account.getJid().asBareJid()
1915 + ": server reported invalid jid ("
1916 + jid.getContent()
1917 + ") on bind");
1918 }
1919 } else {
1920 Log.d(
1921 Config.LOGTAG,
1922 account.getJid()
1923 + ": disconnecting because of bind failure. (no jid)");
1924 }
1925 } else {
1926 Log.d(
1927 Config.LOGTAG,
1928 account.getJid()
1929 + ": disconnecting because of bind failure ("
1930 + packet);
1931 }
1932 final Element error = packet.findChild("error");
1933 if (packet.getType() == IqPacket.TYPE.ERROR
1934 && error != null
1935 && error.hasChild("conflict")) {
1936 account.setResource(createNewResource());
1937 }
1938 throw new StateChangingError(Account.State.BIND_FAILURE);
1939 },
1940 true);
1941 }
1942
1943 private void clearIqCallbacks() {
1944 final IqPacket failurePacket = new IqPacket(IqPacket.TYPE.TIMEOUT);
1945 final ArrayList<OnIqPacketReceived> callbacks = new ArrayList<>();
1946 synchronized (this.packetCallbacks) {
1947 if (this.packetCallbacks.size() == 0) {
1948 return;
1949 }
1950 Log.d(
1951 Config.LOGTAG,
1952 account.getJid().asBareJid()
1953 + ": clearing "
1954 + this.packetCallbacks.size()
1955 + " iq callbacks");
1956 final Iterator<Pair<IqPacket, OnIqPacketReceived>> iterator =
1957 this.packetCallbacks.values().iterator();
1958 while (iterator.hasNext()) {
1959 Pair<IqPacket, OnIqPacketReceived> entry = iterator.next();
1960 callbacks.add(entry.second);
1961 iterator.remove();
1962 }
1963 }
1964 for (OnIqPacketReceived callback : callbacks) {
1965 try {
1966 callback.onIqPacketReceived(account, failurePacket);
1967 } catch (StateChangingError error) {
1968 Log.d(
1969 Config.LOGTAG,
1970 account.getJid().asBareJid()
1971 + ": caught StateChangingError("
1972 + error.state.toString()
1973 + ") while clearing callbacks");
1974 // ignore
1975 }
1976 }
1977 Log.d(
1978 Config.LOGTAG,
1979 account.getJid().asBareJid()
1980 + ": done clearing iq callbacks. "
1981 + this.packetCallbacks.size()
1982 + " left");
1983 }
1984
1985 public void sendDiscoTimeout() {
1986 if (mWaitForDisco.compareAndSet(true, false)) {
1987 Log.d(
1988 Config.LOGTAG,
1989 account.getJid().asBareJid() + ": finalizing bind after disco timeout");
1990 finalizeBind();
1991 }
1992 }
1993
1994 private void sendStartSession() {
1995 Log.d(
1996 Config.LOGTAG,
1997 account.getJid().asBareJid() + ": sending legacy session to outdated server");
1998 final IqPacket startSession = new IqPacket(IqPacket.TYPE.SET);
1999 startSession.addChild("session", "urn:ietf:params:xml:ns:xmpp-session");
2000 this.sendUnmodifiedIqPacket(
2001 startSession,
2002 (account, packet) -> {
2003 if (packet.getType() == IqPacket.TYPE.RESULT) {
2004 final boolean waitForDisco = enableStreamManagement();
2005 sendPostBindInitialization(waitForDisco, false);
2006 } else if (packet.getType() != IqPacket.TYPE.TIMEOUT) {
2007 throw new StateChangingError(Account.State.SESSION_FAILURE);
2008 }
2009 },
2010 true);
2011 }
2012
2013 private boolean enableStreamManagement() {
2014 final boolean streamManagement =
2015 this.streamFeatures.hasChild("sm", Namespace.STREAM_MANAGEMENT);
2016 if (streamManagement) {
2017 synchronized (this.mStanzaQueue) {
2018 final EnablePacket enable = new EnablePacket();
2019 tagWriter.writeStanzaAsync(enable);
2020 stanzasSent = 0;
2021 mStanzaQueue.clear();
2022 }
2023 return true;
2024 } else {
2025 return false;
2026 }
2027 }
2028
2029 private void sendPostBindInitialization(
2030 final boolean waitForDisco, final boolean carbonsEnabled) {
2031 features.carbonsEnabled = carbonsEnabled;
2032 features.blockListRequested = false;
2033 synchronized (this.disco) {
2034 this.disco.clear();
2035 }
2036 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": starting service discovery");
2037 mPendingServiceDiscoveries.set(0);
2038 mWaitForDisco.set(waitForDisco);
2039 lastDiscoStarted = SystemClock.elapsedRealtime();
2040 mXmppConnectionService.scheduleWakeUpCall(
2041 Config.CONNECT_DISCO_TIMEOUT, account.getUuid().hashCode());
2042 final Element caps = streamFeatures.findChild("c");
2043 final String hash = caps == null ? null : caps.getAttribute("hash");
2044 final String ver = caps == null ? null : caps.getAttribute("ver");
2045 ServiceDiscoveryResult discoveryResult = null;
2046 if (hash != null && ver != null) {
2047 discoveryResult =
2048 mXmppConnectionService.getCachedServiceDiscoveryResult(new Pair<>(hash, ver));
2049 }
2050 final boolean requestDiscoItemsFirst =
2051 !account.isOptionSet(Account.OPTION_LOGGED_IN_SUCCESSFULLY);
2052 if (requestDiscoItemsFirst) {
2053 sendServiceDiscoveryItems(account.getDomain());
2054 }
2055 if (discoveryResult == null) {
2056 sendServiceDiscoveryInfo(account.getDomain());
2057 } else {
2058 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": server caps came from cache");
2059 disco.put(account.getDomain(), discoveryResult);
2060 }
2061 discoverMamPreferences();
2062 sendServiceDiscoveryInfo(account.getJid().asBareJid());
2063 if (!requestDiscoItemsFirst) {
2064 sendServiceDiscoveryItems(account.getDomain());
2065 }
2066
2067 if (!mWaitForDisco.get()) {
2068 finalizeBind();
2069 }
2070 this.lastSessionStarted = SystemClock.elapsedRealtime();
2071 }
2072
2073 private void sendServiceDiscoveryInfo(final Jid jid) {
2074 mPendingServiceDiscoveries.incrementAndGet();
2075 final IqPacket iq = new IqPacket(IqPacket.TYPE.GET);
2076 iq.setTo(jid);
2077 iq.query("http://jabber.org/protocol/disco#info");
2078 this.sendIqPacket(
2079 iq,
2080 (account, packet) -> {
2081 if (packet.getType() == IqPacket.TYPE.RESULT) {
2082 boolean advancedStreamFeaturesLoaded;
2083 synchronized (XmppConnection.this.disco) {
2084 ServiceDiscoveryResult result = new ServiceDiscoveryResult(packet);
2085 if (jid.equals(account.getDomain())) {
2086 mXmppConnectionService.databaseBackend.insertDiscoveryResult(
2087 result);
2088 }
2089 disco.put(jid, result);
2090 advancedStreamFeaturesLoaded =
2091 disco.containsKey(account.getDomain())
2092 && disco.containsKey(account.getJid().asBareJid());
2093 }
2094 if (advancedStreamFeaturesLoaded
2095 && (jid.equals(account.getDomain())
2096 || jid.equals(account.getJid().asBareJid()))) {
2097 enableAdvancedStreamFeatures();
2098 }
2099 } else if (packet.getType() == IqPacket.TYPE.ERROR) {
2100 Log.d(
2101 Config.LOGTAG,
2102 account.getJid().asBareJid()
2103 + ": could not query disco info for "
2104 + jid.toString());
2105 final boolean serverOrAccount =
2106 jid.equals(account.getDomain())
2107 || jid.equals(account.getJid().asBareJid());
2108 final boolean advancedStreamFeaturesLoaded;
2109 if (serverOrAccount) {
2110 synchronized (XmppConnection.this.disco) {
2111 disco.put(jid, ServiceDiscoveryResult.empty());
2112 advancedStreamFeaturesLoaded =
2113 disco.containsKey(account.getDomain())
2114 && disco.containsKey(account.getJid().asBareJid());
2115 }
2116 } else {
2117 advancedStreamFeaturesLoaded = false;
2118 }
2119 if (advancedStreamFeaturesLoaded) {
2120 enableAdvancedStreamFeatures();
2121 }
2122 }
2123 if (packet.getType() != IqPacket.TYPE.TIMEOUT) {
2124 if (mPendingServiceDiscoveries.decrementAndGet() == 0
2125 && mWaitForDisco.compareAndSet(true, false)) {
2126 finalizeBind();
2127 }
2128 }
2129 });
2130 }
2131
2132 private void discoverMamPreferences() {
2133 IqPacket request = new IqPacket(IqPacket.TYPE.GET);
2134 request.addChild("prefs", MessageArchiveService.Version.MAM_2.namespace);
2135 sendIqPacket(
2136 request,
2137 (account, response) -> {
2138 if (response.getType() == IqPacket.TYPE.RESULT) {
2139 Element prefs =
2140 response.findChild(
2141 "prefs", MessageArchiveService.Version.MAM_2.namespace);
2142 isMamPreferenceAlways =
2143 "always"
2144 .equals(
2145 prefs == null
2146 ? null
2147 : prefs.getAttribute("default"));
2148 }
2149 });
2150 }
2151
2152 private void discoverCommands() {
2153 final IqPacket request = new IqPacket(IqPacket.TYPE.GET);
2154 request.setTo(account.getDomain());
2155 request.addChild("query", Namespace.DISCO_ITEMS).setAttribute("node", Namespace.COMMANDS);
2156 sendIqPacket(
2157 request,
2158 (account, response) -> {
2159 if (response.getType() == IqPacket.TYPE.RESULT) {
2160 final Element query = response.findChild("query", Namespace.DISCO_ITEMS);
2161 if (query == null) {
2162 return;
2163 }
2164 final HashMap<String, Jid> commands = new HashMap<>();
2165 for (final Element child : query.getChildren()) {
2166 if ("item".equals(child.getName())) {
2167 final String node = child.getAttribute("node");
2168 final Jid jid = child.getAttributeAsJid("jid");
2169 if (node != null && jid != null) {
2170 commands.put(node, jid);
2171 }
2172 }
2173 }
2174 synchronized (this.commands) {
2175 this.commands.clear();
2176 this.commands.putAll(commands);
2177 }
2178 }
2179 });
2180 }
2181
2182 public boolean isMamPreferenceAlways() {
2183 return isMamPreferenceAlways;
2184 }
2185
2186 private void finalizeBind() {
2187 if (bindListener != null) {
2188 bindListener.onBind(account);
2189 }
2190 changeStatusToOnline();
2191 }
2192
2193 private void enableAdvancedStreamFeatures() {
2194 if (getFeatures().blocking() && !features.blockListRequested) {
2195 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": Requesting block list");
2196 this.sendIqPacket(
2197 getIqGenerator().generateGetBlockList(), mXmppConnectionService.getIqParser());
2198 }
2199 for (final OnAdvancedStreamFeaturesLoaded listener :
2200 advancedStreamFeaturesLoadedListeners) {
2201 listener.onAdvancedStreamFeaturesAvailable(account);
2202 }
2203 if (getFeatures().carbons() && !features.carbonsEnabled) {
2204 sendEnableCarbons();
2205 }
2206 if (getFeatures().commands()) {
2207 discoverCommands();
2208 }
2209 }
2210
2211 private void sendServiceDiscoveryItems(final Jid server) {
2212 mPendingServiceDiscoveries.incrementAndGet();
2213 final IqPacket iq = new IqPacket(IqPacket.TYPE.GET);
2214 iq.setTo(server.getDomain());
2215 iq.query("http://jabber.org/protocol/disco#items");
2216 this.sendIqPacket(
2217 iq,
2218 (account, packet) -> {
2219 if (packet.getType() == IqPacket.TYPE.RESULT) {
2220 final HashSet<Jid> items = new HashSet<>();
2221 final List<Element> elements = packet.query().getChildren();
2222 for (final Element element : elements) {
2223 if (element.getName().equals("item")) {
2224 final Jid jid =
2225 InvalidJid.getNullForInvalid(
2226 element.getAttributeAsJid("jid"));
2227 if (jid != null && !jid.equals(account.getDomain())) {
2228 items.add(jid);
2229 }
2230 }
2231 }
2232 for (Jid jid : items) {
2233 sendServiceDiscoveryInfo(jid);
2234 }
2235 } else {
2236 Log.d(
2237 Config.LOGTAG,
2238 account.getJid().asBareJid()
2239 + ": could not query disco items of "
2240 + server);
2241 }
2242 if (packet.getType() != IqPacket.TYPE.TIMEOUT) {
2243 if (mPendingServiceDiscoveries.decrementAndGet() == 0
2244 && mWaitForDisco.compareAndSet(true, false)) {
2245 finalizeBind();
2246 }
2247 }
2248 });
2249 }
2250
2251 private void sendEnableCarbons() {
2252 final IqPacket iq = new IqPacket(IqPacket.TYPE.SET);
2253 iq.addChild("enable", Namespace.CARBONS);
2254 this.sendIqPacket(
2255 iq,
2256 (account, packet) -> {
2257 if (packet.getType() == IqPacket.TYPE.RESULT) {
2258 Log.d(
2259 Config.LOGTAG,
2260 account.getJid().asBareJid() + ": successfully enabled carbons");
2261 features.carbonsEnabled = true;
2262 } else {
2263 Log.d(
2264 Config.LOGTAG,
2265 account.getJid().asBareJid()
2266 + ": could not enable carbons "
2267 + packet);
2268 }
2269 });
2270 }
2271
2272 private void processStreamError(final Tag currentTag) throws IOException {
2273 final Element streamError = tagReader.readElement(currentTag);
2274 if (streamError == null) {
2275 return;
2276 }
2277 if (streamError.hasChild("conflict")) {
2278 account.setResource(createNewResource());
2279 Log.d(
2280 Config.LOGTAG,
2281 account.getJid().asBareJid()
2282 + ": switching resource due to conflict ("
2283 + account.getResource()
2284 + ")");
2285 throw new IOException();
2286 } else if (streamError.hasChild("host-unknown")) {
2287 throw new StateChangingException(Account.State.HOST_UNKNOWN);
2288 } else if (streamError.hasChild("policy-violation")) {
2289 this.lastConnect = SystemClock.elapsedRealtime();
2290 final String text = streamError.findChildContent("text");
2291 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": policy violation. " + text);
2292 failPendingMessages(text);
2293 throw new StateChangingException(Account.State.POLICY_VIOLATION);
2294 } else if (streamError.hasChild("see-other-host")) {
2295 final String seeOtherHost = streamError.findChildContent("see-other-host");
2296 final Resolver.Result currentResolverResult = this.currentResolverResult;
2297 if (Strings.isNullOrEmpty(seeOtherHost) || currentResolverResult == null) {
2298 Log.d(
2299 Config.LOGTAG,
2300 account.getJid().asBareJid() + ": stream error " + streamError);
2301 throw new StateChangingException(Account.State.STREAM_ERROR);
2302 }
2303 Log.d(
2304 Config.LOGTAG,
2305 account.getJid().asBareJid()
2306 + ": see other host: "
2307 + seeOtherHost
2308 + " "
2309 + currentResolverResult);
2310 final Resolver.Result seeOtherResult = currentResolverResult.seeOtherHost(seeOtherHost);
2311 if (seeOtherResult != null) {
2312 this.seeOtherHostResolverResult = seeOtherResult;
2313 throw new StateChangingException(Account.State.SEE_OTHER_HOST);
2314 } else {
2315 throw new StateChangingException(Account.State.STREAM_ERROR);
2316 }
2317 } else {
2318 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": stream error " + streamError);
2319 throw new StateChangingException(Account.State.STREAM_ERROR);
2320 }
2321 }
2322
2323 private void failPendingMessages(final String error) {
2324 synchronized (this.mStanzaQueue) {
2325 for (int i = 0; i < mStanzaQueue.size(); ++i) {
2326 final AbstractAcknowledgeableStanza stanza = mStanzaQueue.valueAt(i);
2327 if (stanza instanceof MessagePacket) {
2328 final MessagePacket packet = (MessagePacket) stanza;
2329 final String id = packet.getId();
2330 final Jid to = packet.getTo();
2331 mXmppConnectionService.markMessage(
2332 account, to.asBareJid(), id, Message.STATUS_SEND_FAILED, error);
2333 }
2334 }
2335 }
2336 }
2337
2338 private boolean establishStream(final SSLSockets.Version sslVersion)
2339 throws IOException, InterruptedException {
2340 final boolean secureConnection = sslVersion != SSLSockets.Version.NONE;
2341 final SaslMechanism quickStartMechanism;
2342 if (secureConnection) {
2343 quickStartMechanism =
2344 SaslMechanism.ensureAvailable(account.getQuickStartMechanism(), sslVersion);
2345 } else {
2346 quickStartMechanism = null;
2347 }
2348 if (secureConnection
2349 && Config.QUICKSTART_ENABLED
2350 && quickStartMechanism != null
2351 && account.isOptionSet(Account.OPTION_QUICKSTART_AVAILABLE)) {
2352 mXmppConnectionService.restoredFromDatabaseLatch.await();
2353 this.loginInfo =
2354 new LoginInfo(
2355 quickStartMechanism,
2356 SaslMechanism.Version.SASL_2,
2357 Bind2.QUICKSTART_FEATURES);
2358 final boolean usingFast = quickStartMechanism instanceof HashedToken;
2359 final Element authenticate =
2360 generateAuthenticationRequest(
2361 quickStartMechanism.getClientFirstMessage(sslSocketOrNull(this.socket)),
2362 usingFast);
2363 authenticate.setAttribute("mechanism", quickStartMechanism.getMechanism());
2364 sendStartStream(true, false);
2365 synchronized (this.mStanzaQueue) {
2366 this.stanzasSentBeforeAuthentication = this.stanzasSent;
2367 tagWriter.writeElement(authenticate);
2368 }
2369 Log.d(
2370 Config.LOGTAG,
2371 account.getJid().toString()
2372 + ": quick start with "
2373 + quickStartMechanism.getMechanism());
2374 return true;
2375 } else {
2376 sendStartStream(secureConnection, true);
2377 return false;
2378 }
2379 }
2380
2381 private void sendStartStream(final boolean from, final boolean flush) throws IOException {
2382 final Tag stream = Tag.start("stream:stream");
2383 stream.setAttribute("to", account.getServer());
2384 if (from) {
2385 stream.setAttribute("from", account.getJid().asBareJid().toEscapedString());
2386 }
2387 stream.setAttribute("version", "1.0");
2388 stream.setAttribute("xml:lang", LocalizedContent.STREAM_LANGUAGE);
2389 stream.setAttribute("xmlns", Namespace.JABBER_CLIENT);
2390 stream.setAttribute("xmlns:stream", Namespace.STREAMS);
2391 tagWriter.writeTag(stream, flush);
2392 }
2393
2394 private String createNewResource() {
2395 return mXmppConnectionService.getString(R.string.app_name) + '.' + nextRandomId(true);
2396 }
2397
2398 private String nextRandomId() {
2399 return nextRandomId(false);
2400 }
2401
2402 private String nextRandomId(final boolean s) {
2403 return CryptoHelper.random(s ? 3 : 9);
2404 }
2405
2406 public String sendIqPacket(final IqPacket packet, final OnIqPacketReceived callback) {
2407 packet.setFrom(account.getJid());
2408 return this.sendUnmodifiedIqPacket(packet, callback, false);
2409 }
2410
2411 public synchronized String sendUnmodifiedIqPacket(
2412 final IqPacket packet, final OnIqPacketReceived callback, boolean force) {
2413 if (packet.getId() == null) {
2414 packet.setAttribute("id", nextRandomId());
2415 }
2416 if (callback != null) {
2417 synchronized (this.packetCallbacks) {
2418 packetCallbacks.put(packet.getId(), new Pair<>(packet, callback));
2419 }
2420 }
2421 this.sendPacket(packet, force);
2422 return packet.getId();
2423 }
2424
2425 public void sendMessagePacket(final MessagePacket packet) {
2426 this.sendPacket(packet);
2427 }
2428
2429 public void sendPresencePacket(final PresencePacket packet) {
2430 this.sendPacket(packet);
2431 }
2432
2433 private synchronized void sendPacket(final AbstractStanza packet) {
2434 sendPacket(packet, false);
2435 }
2436
2437 private synchronized void sendPacket(final AbstractStanza packet, final boolean force) {
2438 if (stanzasSent == Integer.MAX_VALUE) {
2439 resetStreamId();
2440 disconnect(true);
2441 return;
2442 }
2443 synchronized (this.mStanzaQueue) {
2444 if (force || isBound) {
2445 tagWriter.writeStanzaAsync(packet);
2446 } else {
2447 Log.d(
2448 Config.LOGTAG,
2449 account.getJid().asBareJid()
2450 + " do not write stanza to unbound stream "
2451 + packet.toString());
2452 }
2453 if (packet instanceof AbstractAcknowledgeableStanza) {
2454 AbstractAcknowledgeableStanza stanza = (AbstractAcknowledgeableStanza) packet;
2455
2456 if (this.mStanzaQueue.size() != 0) {
2457 int currentHighestKey = this.mStanzaQueue.keyAt(this.mStanzaQueue.size() - 1);
2458 if (currentHighestKey != stanzasSent) {
2459 throw new AssertionError("Stanza count messed up");
2460 }
2461 }
2462
2463 ++stanzasSent;
2464 if (Config.EXTENDED_SM_LOGGING) {
2465 Log.d(
2466 Config.LOGTAG,
2467 account.getJid().asBareJid()
2468 + ": counting outbound "
2469 + packet.getName()
2470 + " as #"
2471 + stanzasSent);
2472 }
2473 this.mStanzaQueue.append(stanzasSent, stanza);
2474 if (stanza instanceof MessagePacket && stanza.getId() != null && inSmacksSession) {
2475 if (Config.EXTENDED_SM_LOGGING) {
2476 Log.d(
2477 Config.LOGTAG,
2478 account.getJid().asBareJid()
2479 + ": requesting ack for message stanza #"
2480 + stanzasSent);
2481 }
2482 tagWriter.writeStanzaAsync(new RequestPacket());
2483 }
2484 }
2485 }
2486 }
2487
2488 public void sendPing() {
2489 if (!r()) {
2490 final IqPacket iq = new IqPacket(IqPacket.TYPE.GET);
2491 iq.setFrom(account.getJid());
2492 iq.addChild("ping", Namespace.PING);
2493 this.sendIqPacket(iq, null);
2494 }
2495 this.lastPingSent = SystemClock.elapsedRealtime();
2496 }
2497
2498 public void setOnMessagePacketReceivedListener(final OnMessagePacketReceived listener) {
2499 this.messageListener = listener;
2500 }
2501
2502 public void setOnUnregisteredIqPacketReceivedListener(final OnIqPacketReceived listener) {
2503 this.unregisteredIqListener = listener;
2504 }
2505
2506 public void setOnPresencePacketReceivedListener(final OnPresencePacketReceived listener) {
2507 this.presenceListener = listener;
2508 }
2509
2510 public void setOnJinglePacketReceivedListener(final OnJinglePacketReceived listener) {
2511 this.jingleListener = listener;
2512 }
2513
2514 public void setOnStatusChangedListener(final OnStatusChanged listener) {
2515 this.statusListener = listener;
2516 }
2517
2518 public void setOnBindListener(final OnBindListener listener) {
2519 this.bindListener = listener;
2520 }
2521
2522 public void setOnMessageAcknowledgeListener(final OnMessageAcknowledged listener) {
2523 this.acknowledgedListener = listener;
2524 }
2525
2526 public void addOnAdvancedStreamFeaturesAvailableListener(
2527 final OnAdvancedStreamFeaturesLoaded listener) {
2528 this.advancedStreamFeaturesLoadedListeners.add(listener);
2529 }
2530
2531 private void forceCloseSocket() {
2532 FileBackend.close(this.socket);
2533 FileBackend.close(this.tagReader);
2534 }
2535
2536 public void interrupt() {
2537 if (this.mThread != null) {
2538 this.mThread.interrupt();
2539 }
2540 }
2541
2542 public void disconnect(final boolean force) {
2543 interrupt();
2544 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": disconnecting force=" + force);
2545 if (force) {
2546 forceCloseSocket();
2547 } else {
2548 final TagWriter currentTagWriter = this.tagWriter;
2549 if (currentTagWriter.isActive()) {
2550 currentTagWriter.finish();
2551 final Socket currentSocket = this.socket;
2552 final CountDownLatch streamCountDownLatch = this.mStreamCountDownLatch;
2553 try {
2554 currentTagWriter.await(1, TimeUnit.SECONDS);
2555 Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": closing stream");
2556 currentTagWriter.writeTag(Tag.end("stream:stream"));
2557 if (streamCountDownLatch != null) {
2558 if (streamCountDownLatch.await(1, TimeUnit.SECONDS)) {
2559 Log.d(
2560 Config.LOGTAG,
2561 account.getJid().asBareJid() + ": remote ended stream");
2562 } else {
2563 Log.d(
2564 Config.LOGTAG,
2565 account.getJid().asBareJid()
2566 + ": remote has not closed socket. force closing");
2567 }
2568 }
2569 } catch (InterruptedException e) {
2570 Log.d(
2571 Config.LOGTAG,
2572 account.getJid().asBareJid()
2573 + ": interrupted while gracefully closing stream");
2574 } catch (final IOException e) {
2575 Log.d(
2576 Config.LOGTAG,
2577 account.getJid().asBareJid()
2578 + ": io exception during disconnect ("
2579 + e.getMessage()
2580 + ")");
2581 } finally {
2582 FileBackend.close(currentSocket);
2583 }
2584 } else {
2585 forceCloseSocket();
2586 }
2587 }
2588 }
2589
2590 private void resetStreamId() {
2591 this.streamId = null;
2592 this.boundStreamFeatures = null;
2593 }
2594
2595 private List<Entry<Jid, ServiceDiscoveryResult>> findDiscoItemsByFeature(final String feature) {
2596 synchronized (this.disco) {
2597 final List<Entry<Jid, ServiceDiscoveryResult>> items = new ArrayList<>();
2598 for (final Entry<Jid, ServiceDiscoveryResult> cursor : this.disco.entrySet()) {
2599 if (cursor.getValue().getFeatures().contains(feature)) {
2600 items.add(cursor);
2601 }
2602 }
2603 return items;
2604 }
2605 }
2606
2607 public Jid findDiscoItemByFeature(final String feature) {
2608 final List<Entry<Jid, ServiceDiscoveryResult>> items = findDiscoItemsByFeature(feature);
2609 if (items.size() >= 1) {
2610 return items.get(0).getKey();
2611 }
2612 return null;
2613 }
2614
2615 public boolean r() {
2616 if (getFeatures().sm()) {
2617 this.tagWriter.writeStanzaAsync(new RequestPacket());
2618 return true;
2619 } else {
2620 return false;
2621 }
2622 }
2623
2624 public List<String> getMucServersWithholdAccount() {
2625 final List<String> servers = getMucServers();
2626 servers.remove(account.getDomain().toEscapedString());
2627 return servers;
2628 }
2629
2630 public List<String> getMucServers() {
2631 List<String> servers = new ArrayList<>();
2632 synchronized (this.disco) {
2633 for (final Entry<Jid, ServiceDiscoveryResult> cursor : disco.entrySet()) {
2634 final ServiceDiscoveryResult value = cursor.getValue();
2635 if (value.getFeatures().contains("http://jabber.org/protocol/muc")
2636 && value.hasIdentity("conference", "text")
2637 && !value.getFeatures().contains("jabber:iq:gateway")
2638 && !value.hasIdentity("conference", "irc")) {
2639 servers.add(cursor.getKey().toString());
2640 }
2641 }
2642 }
2643 return servers;
2644 }
2645
2646 public String getMucServer() {
2647 List<String> servers = getMucServers();
2648 return servers.size() > 0 ? servers.get(0) : null;
2649 }
2650
2651 public int getTimeToNextAttempt(final boolean aggressive) {
2652 final int interval;
2653 if (aggressive) {
2654 interval = Math.min((int) (3 * Math.pow(1.3, attempt)), 60);
2655 } else {
2656 final int additionalTime =
2657 account.getLastErrorStatus() == Account.State.POLICY_VIOLATION ? 3 : 0;
2658 interval = Math.min((int) (25 * Math.pow(1.3, (additionalTime + attempt))), 300);
2659 }
2660 final int secondsSinceLast =
2661 (int) ((SystemClock.elapsedRealtime() - this.lastConnect) / 1000);
2662 return interval - secondsSinceLast;
2663 }
2664
2665 public int getAttempt() {
2666 return this.attempt;
2667 }
2668
2669 public Features getFeatures() {
2670 return this.features;
2671 }
2672
2673 public long getLastSessionEstablished() {
2674 final long diff = SystemClock.elapsedRealtime() - this.lastSessionStarted;
2675 return System.currentTimeMillis() - diff;
2676 }
2677
2678 public long getLastConnect() {
2679 return this.lastConnect;
2680 }
2681
2682 public long getLastPingSent() {
2683 return this.lastPingSent;
2684 }
2685
2686 public long getLastDiscoStarted() {
2687 return this.lastDiscoStarted;
2688 }
2689
2690 public long getLastPacketReceived() {
2691 return this.lastPacketReceived;
2692 }
2693
2694 public void sendActive() {
2695 this.sendPacket(new ActivePacket());
2696 }
2697
2698 public void sendInactive() {
2699 this.sendPacket(new InactivePacket());
2700 }
2701
2702 public void resetAttemptCount(boolean resetConnectTime) {
2703 this.attempt = 0;
2704 if (resetConnectTime) {
2705 this.lastConnect = 0;
2706 }
2707 }
2708
2709 public void setInteractive(boolean interactive) {
2710 this.mInteractive = interactive;
2711 }
2712
2713 private IqGenerator getIqGenerator() {
2714 return mXmppConnectionService.getIqGenerator();
2715 }
2716
2717 private class MyKeyManager implements X509KeyManager {
2718 @Override
2719 public String chooseClientAlias(String[] strings, Principal[] principals, Socket socket) {
2720 return account.getPrivateKeyAlias();
2721 }
2722
2723 @Override
2724 public String chooseServerAlias(String s, Principal[] principals, Socket socket) {
2725 return null;
2726 }
2727
2728 @Override
2729 public X509Certificate[] getCertificateChain(String alias) {
2730 Log.d(Config.LOGTAG, "getting certificate chain");
2731 try {
2732 return KeyChain.getCertificateChain(mXmppConnectionService, alias);
2733 } catch (final Exception e) {
2734 Log.d(Config.LOGTAG, "could not get certificate chain", e);
2735 return new X509Certificate[0];
2736 }
2737 }
2738
2739 @Override
2740 public String[] getClientAliases(String s, Principal[] principals) {
2741 final String alias = account.getPrivateKeyAlias();
2742 return alias != null ? new String[] {alias} : new String[0];
2743 }
2744
2745 @Override
2746 public String[] getServerAliases(String s, Principal[] principals) {
2747 return new String[0];
2748 }
2749
2750 @Override
2751 public PrivateKey getPrivateKey(String alias) {
2752 try {
2753 return KeyChain.getPrivateKey(mXmppConnectionService, alias);
2754 } catch (Exception e) {
2755 return null;
2756 }
2757 }
2758 }
2759
2760 private static class LoginInfo {
2761 public final SaslMechanism saslMechanism;
2762 public final SaslMechanism.Version saslVersion;
2763 public final List<String> inlineBindFeatures;
2764
2765 private LoginInfo(
2766 final SaslMechanism saslMechanism,
2767 final SaslMechanism.Version saslVersion,
2768 final Collection<String> inlineBindFeatures) {
2769 Preconditions.checkNotNull(saslMechanism, "SASL Mechanism must not be null");
2770 Preconditions.checkNotNull(saslVersion, "SASL version must not be null");
2771 this.saslMechanism = saslMechanism;
2772 this.saslVersion = saslVersion;
2773 this.inlineBindFeatures =
2774 inlineBindFeatures == null
2775 ? Collections.emptyList()
2776 : ImmutableList.copyOf(inlineBindFeatures);
2777 }
2778
2779 public static SaslMechanism mechanism(final LoginInfo loginInfo) {
2780 return loginInfo == null ? null : loginInfo.saslMechanism;
2781 }
2782 }
2783
2784 private static class StreamId {
2785 public final String id;
2786 public final Resolver.Result location;
2787
2788 private StreamId(String id, Resolver.Result location) {
2789 this.id = id;
2790 this.location = location;
2791 }
2792
2793 @NonNull
2794 @Override
2795 public String toString() {
2796 return MoreObjects.toStringHelper(this)
2797 .add("id", id)
2798 .add("location", location)
2799 .toString();
2800 }
2801 }
2802
2803 private static class StateChangingError extends Error {
2804 private final Account.State state;
2805
2806 public StateChangingError(Account.State state) {
2807 this.state = state;
2808 }
2809 }
2810
2811 private static class StateChangingException extends IOException {
2812 private final Account.State state;
2813
2814 public StateChangingException(Account.State state) {
2815 this.state = state;
2816 }
2817 }
2818
2819 public class Features {
2820 XmppConnection connection;
2821 private boolean carbonsEnabled = false;
2822 private boolean encryptionEnabled = false;
2823 private boolean blockListRequested = false;
2824
2825 public Features(final XmppConnection connection) {
2826 this.connection = connection;
2827 }
2828
2829 private boolean hasDiscoFeature(final Jid server, final String feature) {
2830 synchronized (XmppConnection.this.disco) {
2831 final ServiceDiscoveryResult sdr = connection.disco.get(server);
2832 return sdr != null && sdr.getFeatures().contains(feature);
2833 }
2834 }
2835
2836 public boolean carbons() {
2837 return hasDiscoFeature(account.getDomain(), Namespace.CARBONS);
2838 }
2839
2840 public boolean commands() {
2841 return hasDiscoFeature(account.getDomain(), Namespace.COMMANDS);
2842 }
2843
2844 public boolean easyOnboardingInvites() {
2845 synchronized (commands) {
2846 return commands.containsKey(Namespace.EASY_ONBOARDING_INVITE);
2847 }
2848 }
2849
2850 public boolean bookmarksConversion() {
2851 return hasDiscoFeature(account.getJid().asBareJid(), Namespace.BOOKMARKS_CONVERSION)
2852 && pepPublishOptions();
2853 }
2854
2855 public boolean avatarConversion() {
2856 return hasDiscoFeature(account.getJid().asBareJid(), Namespace.AVATAR_CONVERSION)
2857 && pepPublishOptions();
2858 }
2859
2860 public boolean blocking() {
2861 return hasDiscoFeature(account.getDomain(), Namespace.BLOCKING);
2862 }
2863
2864 public boolean spamReporting() {
2865 return hasDiscoFeature(account.getDomain(), Namespace.REPORTING);
2866 }
2867
2868 public boolean flexibleOfflineMessageRetrieval() {
2869 return hasDiscoFeature(
2870 account.getDomain(), Namespace.FLEXIBLE_OFFLINE_MESSAGE_RETRIEVAL);
2871 }
2872
2873 public boolean register() {
2874 return hasDiscoFeature(account.getDomain(), Namespace.REGISTER);
2875 }
2876
2877 public boolean invite() {
2878 return connection.streamFeatures != null
2879 && connection.streamFeatures.hasChild("register", Namespace.INVITE);
2880 }
2881
2882 public boolean sm() {
2883 return streamId != null
2884 || (connection.streamFeatures != null
2885 && connection.streamFeatures.hasChild(
2886 "sm", Namespace.STREAM_MANAGEMENT));
2887 }
2888
2889 public boolean csi() {
2890 return connection.streamFeatures != null
2891 && connection.streamFeatures.hasChild("csi", Namespace.CSI);
2892 }
2893
2894 public boolean pep() {
2895 synchronized (XmppConnection.this.disco) {
2896 ServiceDiscoveryResult info = disco.get(account.getJid().asBareJid());
2897 return info != null && info.hasIdentity("pubsub", "pep");
2898 }
2899 }
2900
2901 public boolean pepPersistent() {
2902 synchronized (XmppConnection.this.disco) {
2903 ServiceDiscoveryResult info = disco.get(account.getJid().asBareJid());
2904 return info != null
2905 && info.getFeatures()
2906 .contains("http://jabber.org/protocol/pubsub#persistent-items");
2907 }
2908 }
2909
2910 public boolean pepPublishOptions() {
2911 return hasDiscoFeature(account.getJid().asBareJid(), Namespace.PUBSUB_PUBLISH_OPTIONS);
2912 }
2913
2914 public boolean pepOmemoWhitelisted() {
2915 return hasDiscoFeature(
2916 account.getJid().asBareJid(), AxolotlService.PEP_OMEMO_WHITELISTED);
2917 }
2918
2919 public boolean mam() {
2920 return MessageArchiveService.Version.has(getAccountFeatures());
2921 }
2922
2923 public List<String> getAccountFeatures() {
2924 ServiceDiscoveryResult result = connection.disco.get(account.getJid().asBareJid());
2925 return result == null ? Collections.emptyList() : result.getFeatures();
2926 }
2927
2928 public boolean push() {
2929 return hasDiscoFeature(account.getJid().asBareJid(), Namespace.PUSH)
2930 || hasDiscoFeature(account.getDomain(), Namespace.PUSH);
2931 }
2932
2933 public boolean rosterVersioning() {
2934 return connection.streamFeatures != null && connection.streamFeatures.hasChild("ver");
2935 }
2936
2937 public void setBlockListRequested(boolean value) {
2938 this.blockListRequested = value;
2939 }
2940
2941 public boolean httpUpload(long filesize) {
2942 if (Config.DISABLE_HTTP_UPLOAD) {
2943 return false;
2944 } else {
2945 for (String namespace :
2946 new String[] {Namespace.HTTP_UPLOAD, Namespace.HTTP_UPLOAD_LEGACY}) {
2947 List<Entry<Jid, ServiceDiscoveryResult>> items =
2948 findDiscoItemsByFeature(namespace);
2949 if (items.size() > 0) {
2950 try {
2951 long maxsize =
2952 Long.parseLong(
2953 items.get(0)
2954 .getValue()
2955 .getExtendedDiscoInformation(
2956 namespace, "max-file-size"));
2957 if (filesize <= maxsize) {
2958 return true;
2959 } else {
2960 Log.d(
2961 Config.LOGTAG,
2962 account.getJid().asBareJid()
2963 + ": http upload is not available for files with size "
2964 + filesize
2965 + " (max is "
2966 + maxsize
2967 + ")");
2968 return false;
2969 }
2970 } catch (Exception e) {
2971 return true;
2972 }
2973 }
2974 }
2975 return false;
2976 }
2977 }
2978
2979 public boolean useLegacyHttpUpload() {
2980 return findDiscoItemByFeature(Namespace.HTTP_UPLOAD) == null
2981 && findDiscoItemByFeature(Namespace.HTTP_UPLOAD_LEGACY) != null;
2982 }
2983
2984 public long getMaxHttpUploadSize() {
2985 for (String namespace :
2986 new String[] {Namespace.HTTP_UPLOAD, Namespace.HTTP_UPLOAD_LEGACY}) {
2987 List<Entry<Jid, ServiceDiscoveryResult>> items = findDiscoItemsByFeature(namespace);
2988 if (items.size() > 0) {
2989 try {
2990 return Long.parseLong(
2991 items.get(0)
2992 .getValue()
2993 .getExtendedDiscoInformation(namespace, "max-file-size"));
2994 } catch (Exception e) {
2995 // ignored
2996 }
2997 }
2998 }
2999 return -1;
3000 }
3001
3002 public boolean stanzaIds() {
3003 return hasDiscoFeature(account.getJid().asBareJid(), Namespace.STANZA_IDS);
3004 }
3005
3006 public boolean bookmarks2() {
3007 return pepPublishOptions()
3008 && hasDiscoFeature(account.getJid().asBareJid(), Namespace.BOOKMARKS2_COMPAT);
3009 }
3010
3011 public boolean externalServiceDiscovery() {
3012 return hasDiscoFeature(account.getDomain(), Namespace.EXTERNAL_SERVICE_DISCOVERY);
3013 }
3014 }
3015}