From b1d5d5801e90ef0d4e282a78543f1435b8b7d223 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Sat, 7 May 2016 19:57:10 +0300 Subject: STARTTLS --- src/main/java/com/juick/xmpp/s2s/Connection.java | 70 +++++++++++++++++++++--- 1 file changed, 61 insertions(+), 9 deletions(-) (limited to 'src/main/java/com/juick/xmpp/s2s/Connection.java') diff --git a/src/main/java/com/juick/xmpp/s2s/Connection.java b/src/main/java/com/juick/xmpp/s2s/Connection.java index 1a14b2cc..c3e983b5 100644 --- a/src/main/java/com/juick/xmpp/s2s/Connection.java +++ b/src/main/java/com/juick/xmpp/s2s/Connection.java @@ -2,14 +2,19 @@ package com.juick.xmpp.s2s; import org.xmlpull.mxp1.MXParser; import org.xmlpull.v1.XmlPullParser; +import org.xmlpull.v1.XmlPullParserException; import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; -import java.io.FileWriter; -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.nio.channels.AsynchronousSocketChannel; -import java.util.Date; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.io.*; +import java.net.Socket; +import java.security.KeyStore; +import java.security.SecureRandom; +import java.util.UUID; import java.util.logging.Logger; /** @@ -25,12 +30,43 @@ public class Connection { public long tsLocalData = 0; public long bytesLocal = 0; public long packetsLocal = 0; - AsynchronousSocketChannel socket; - final XmlPullParser parser = new MXParser(); + Socket socket; + public static final String NS_DB = "jabber:server:dialback"; + public static final String NS_TLS = "urn:ietf:params:xml:ns:xmpp-tls"; + public static final String NS_STREAM = "http://etherx.jabber.org/streams"; + XmlPullParser parser = new MXParser(); OutputStreamWriter writer; - - public Connection() { + private boolean secured = false; + SSLContext sc; + private TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { + } + + public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { + } + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + } + }; + + + public Connection() throws Exception { tsCreated = System.currentTimeMillis(); + parser.setFeature(XmlPullParser.FEATURE_PROCESS_NAMESPACES, true); + KeyStore ks = KeyStore.getInstance("JKS"); + try (InputStream ksIs = new FileInputStream(XMPPComponent.keystore)) { + ks.load(ksIs, XMPPComponent.keystorePassword.toCharArray()); + } + + KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory + .getDefaultAlgorithm()); + kmf.init(ks, XMPPComponent.keystorePassword.toCharArray()); + sc = SSLContext.getInstance("TLSv1.2"); + + sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom()); + } public void logParser() { @@ -91,4 +127,20 @@ public class Connection { return hexkey.toString(); } + + public boolean isSecured() { + return secured; + } + + public void setSecured(boolean secured) { + this.secured = secured; + } + + public void restartParser() throws XmlPullParserException, IOException { + parser = new MXParser(); + parser.setFeature(XmlPullParser.FEATURE_PROCESS_NAMESPACES, true); + parser.setInput(new InputStreamReader(socket.getInputStream())); + writer = new OutputStreamWriter(socket.getOutputStream()); + streamID = UUID.randomUUID().toString(); + } } -- cgit v1.2.3