sipwise
/
jitsi
mirror of https://github.com/sipwise/jitsi.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Make protocols aware of DNSSEC exceptions

Browse Source
cusax-fix
Ingo Bauersachs 14 years ago
parent 936e6cbd52
commit d931f8507e
22 changed files with 301 additions and 96 deletions
Show Stats Download Patch File Download Diff File

17
build.xml
Unescape View File

@ -888,7 +888,8 @@
<!-- - - - - - - - - - - - - - BUNDLE BUILDING TARGETS - - - - - - - - -->
<!--ALL BUNDLES-->
<target name="bundles"
depends="bundle-sc-launcher,bundle-util,bundle-configuration,bundle-configuration-slick,
depends="bundle-sc-launcher,bundle-util,bundle-util-dns,
bundle-configuration,bundle-configuration-slick,
bundle-history,bundle-history-slick,bundle-messagehistory, bundle-msghistory-slick,
bundle-callhistory, bundle-callhistory-slick, bundle-popupmessagehandler-slick,
bundle-netaddr,bundle-netaddr-slick,bundle-slickless,
@ -1048,12 +1049,24 @@
<jar compress="false" destfile="${bundles.dest}/util.jar"
manifest="${src}/net/java/sip/communicator/util/util.manifest.mf">
<zipfileset dir="${dest}/net/java/sip/communicator/util"
prefix="net/java/sip/communicator/util"/>
prefix="net/java/sip/communicator/util">
<exclude name="dns/**"/>
</zipfileset>
<zipfileset src="${lib.noinst}/dnsjava.jar" prefix=""/>
<zipfileset src="lib/installer-exclude/laf-widget.jar" prefix=""/>
</jar>
</target>
<!--BUNDLE-UTIL-DNS-->
<target name="bundle-util-dns">
<!-- Create the dns.jar-->
<jar compress="true" destfile="${bundles.dest}/dns.jar"
manifest="${src}/net/java/sip/communicator/util/dns/util.dns.manifest.mf">
<zipfileset dir="${dest}/net/java/sip/communicator/util/dns"
prefix="net/java/sip/communicator/util/dns"/>
</jar>
</target>
<!--BUNDLE-CONFIGURATION-->
<target name="bundle-configuration">
<jar

15
lib/felix.client.run.properties
Unescape View File

@ -35,11 +35,18 @@ felix.auto.start.20= \
reference:file:sc-bundles/util.jar \
reference:file:lib/bundle/log4j.jar \
reference:file:lib/bundle/commons-logging.jar \
reference:file:sc-bundles/fileaccess.jar
reference:file:sc-bundles/fileaccess.jar \
reference:file:sc-bundles/defaultresources.jar
felix.auto.start.30= \
reference:file:sc-bundles/configuration.jar \
reference:file:sc-bundles/notification-service.jar \
felix.auto.start.31= \
reference:file:sc-bundles/resourcemanager.jar \
reference:file:sc-bundles/notification-service.jar
felix.auto.start.32= \
reference:file:sc-bundles/dns.jar
felix.auto.start.35= \
reference:file:sc-bundles/commons-codec.jar \
@ -49,7 +56,6 @@ felix.auto.start.40= \
reference:file:sc-bundles/jmdnslib.jar \
reference:file:sc-bundles/jnalib.jar \
reference:file:sc-bundles/provdisc.jar \
reference:file:sc-bundles/resourcemanager.jar \
reference:file:sc-bundles/jfontchooserlib.jar \
reference:file:sc-bundles/netaddr.jar \
reference:file:sc-bundles/sysactivitynotifications.jar \
@ -58,8 +64,7 @@ felix.auto.start.40= \
felix.auto.start.42= \
reference:file:sc-bundles/credentialsstorage.jar \
reference:file:sc-bundles/packetlogging.jar \
reference:file:sc-bundles/defaultresources.jar
reference:file:sc-bundles/packetlogging.jar
felix.auto.start.45= \
reference:file:sc-bundles/ui-service.jar \

1
resources/config/defaults.properties
Unescape View File

@ -84,6 +84,7 @@ plugin.provisioning.EXIT_ON_FAIL=false
# IP address of the backup resolver
net.java.sip.communicator.util.dns.BACKUP_RESOLVER_FALLBACK_IP=8.8.8.8
net.java.sip.communicator.util.dns.DS_ROOT.1=. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
plugin.jabberaccregwizz.NEW_ACCOUNT_DEFAULT_SERVER=jit.si

6
src/net/java/sip/communicator/impl/netaddr/NetworkAddressManagerServiceImpl.java
Unescape View File

@ -18,6 +18,7 @@
import net.java.sip.communicator.service.netaddr.event.*;
import net.java.sip.communicator.util.*;
import net.java.sip.communicator.util.NetworkUtils;
import net.java.sip.communicator.util.dns.*;
import org.ice4j.*;
import org.ice4j.ice.*;
@ -639,6 +640,11 @@ public StunCandidateHarvester discoverStunServer(String domainName,
logger.info(domainName + " seems to be causing parse problems", e);
srvrAddress = null;
}
catch (DnssecException e)
{
logger.warn("DNSSEC validation for " + domainName
+ " STUN/TURN failed.", e);
}
if(srvrAddress != null)
{

1
src/net/java/sip/communicator/impl/netaddr/netaddr.manifest.mf
Unescape View File

@ -7,6 +7,7 @@ System-Bundle: yes
Import-Package: net.java.sip.communicator.service.configuration,
net.java.sip.communicator.service.packetlogging,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.service.sysactivity,
net.java.sip.communicator.service.sysactivity.event,
org.osgi.framework,

38
src/net/java/sip/communicator/impl/protocol/icq/ProtocolProviderServiceIcqImpl.java
Unescape View File

@ -13,6 +13,7 @@
import net.java.sip.communicator.util.*;
import net.kano.joscar.flap.*;
import net.kano.joscar.flapcmd.*;
import net.kano.joscar.net.*;
import net.kano.joscar.snaccmd.auth.*;
import net.kano.joustsim.*;
import net.kano.joustsim.oscar.*;
@ -139,18 +140,6 @@ public RegistrationState getRegistrationState()
return lastRegistrationState;
}
/**
* Converts the specified joust sim connection state to a corresponding
* RegistrationState.
* @param jsState the joust sim connection state.
* @return a RegistrationState corresponding best to the specified
* joustSimState.
*/
private RegistrationState joustSimStateToRegistrationState(State jsState)
{
return joustSimStateToRegistrationState(jsState, null);
}
/**
* Converts the specified joust sim connection state to a corresponding
* RegistrationState.
@ -757,13 +746,28 @@ else if (newState == State.DISCONNECTED)
if (logger.isDebugEnabled())
logger.debug("The aim Connection was disconnected!");
}
else
if(newState == State.FAILED)
else if(newState == State.FAILED)
{
// assume that a failure during connect&resolve is a DNSSEC
// validation error
if (oldState == State.CONNECTINGAUTH &&
conn.getLoginService() != null &&
conn.getLoginService().getOscarConnection() != null &&
conn.getLoginService().getOscarConnection()
.getConnectionState() == ClientConn.STATE_RESOLVING
)
{
if (logger.isDebugEnabled())
logger.debug("The aim Connection failed! "
+ event.getNewStateInfo());
fireRegistrationStateChanged(
getRegistrationState(),
RegistrationState.UNREGISTERED,
RegistrationStateChangeEvent.REASON_USER_REQUEST,
"Disconnected due to assumed DNSSEC failure");
return;
}
else if (logger.isDebugEnabled())
logger.debug("The aim Connection failed! "
+ event.getNewStateInfo());
}
if(event.getNewStateInfo() instanceof LoginFailureStateInfo)
{

1
src/net/java/sip/communicator/impl/protocol/icq/icq.provider.manifest.mf
Unescape View File

@ -10,6 +10,7 @@ Import-Package: org.osgi.framework,
net.java.sip.communicator.service.configuration,
net.java.sip.communicator.service.resources,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.service.protocol,
net.java.sip.communicator.service.protocol.icqconstants,
net.java.sip.communicator.service.protocol.aimconstants,

95
src/net/java/sip/communicator/impl/protocol/jabber/ProtocolProviderServiceJabberImpl.java
Unescape View File

@ -20,6 +20,7 @@
import net.java.sip.communicator.service.protocol.event.*;
import net.java.sip.communicator.service.protocol.jabberconstants.*;
import net.java.sip.communicator.util.*;
import net.java.sip.communicator.util.dns.*;
import net.java.sip.communicator.impl.protocol.jabber.extensions.jingle.*;
import net.java.sip.communicator.impl.protocol.jabber.extensions.jingleinfo.*;
import net.java.sip.communicator.impl.protocol.jabber.extensions.gtalk.*;
@ -576,6 +577,8 @@ private void connectAndLogin(SecurityAuthority authority,
Roster.setDefaultSubscriptionMode(Roster.SubscriptionMode.manual);
ConnectState state;
//[0] = hadDnsSecException
boolean[] hadDnsSecException = new boolean[]{false};
// try connecting with auto-detection if enabled
boolean isServerOverriden =
@ -584,8 +587,13 @@ private void connectAndLogin(SecurityAuthority authority,
if(!isServerOverriden)
{
state = connectUsingSRVRecords(
serviceName, password, serviceName);
state = connectUsingSRVRecords(serviceName, password,
serviceName, hadDnsSecException);
if(hadDnsSecException[0])
{
setDnssecLoginFailure();
return;
}
if(state == ConnectState.ABORT_CONNECTING
|| state == ConnectState.STOP_TRYING)
return;
@ -596,13 +604,19 @@ private void connectAndLogin(SecurityAuthority authority,
String customXMPPDomain = getAccountID()
.getAccountPropertyString("CUSTOM_XMPP_DOMAIN");
if(customXMPPDomain != null)
if(customXMPPDomain != null && !hadDnsSecException[0])
{
state = connectUsingSRVRecords(
customXMPPDomain, password, serviceName);
customXMPPDomain, password, serviceName,
hadDnsSecException);
if(hadDnsSecException[0])
{
setDnssecLoginFailure();
return;
}
if(state == ConnectState.ABORT_CONNECTING
|| state == ConnectState.STOP_TRYING)
return;
return;
}
// connect with specified server name
@ -625,6 +639,13 @@ private void connectAndLogin(SecurityAuthority authority,
{
logger.error("Domain not resolved", e);
}
catch (DnssecException e)
{
logger.error("DNSSEC failure for overridden server", e);
setDnssecLoginFailure();
return;
}
if (addrs == null || addrs.length == 0)
{
fireRegistrationStateChanged(
@ -633,37 +654,52 @@ private void connectAndLogin(SecurityAuthority authority,
RegistrationStateChangeEvent.REASON_SERVER_NOT_FOUND,
"No server addresses found");
}
for (InetSocketAddress isa : addrs)
else
{
try
{
state = connectAndLogin(isa, password, serviceName);
if(state == ConnectState.ABORT_CONNECTING
|| state == ConnectState.STOP_TRYING)
return;
}
catch(XMPPException ex)
for (InetSocketAddress isa : addrs)
{
disconnectAndCleanConnection();
if(isAuthenticationFailed(ex))
throw ex;
try
{
state = connectAndLogin(isa, password,
serviceName);
if(state == ConnectState.ABORT_CONNECTING
|| state == ConnectState.STOP_TRYING)
return;
}
catch(XMPPException ex)
{
disconnectAndCleanConnection();
if(isAuthenticationFailed(ex))
throw ex;
}
}
}
}
}
private void setDnssecLoginFailure()
{
eventDuringLogin = new RegistrationStateChangeEvent(
this,
getRegistrationState(),
RegistrationState.UNREGISTERED,
RegistrationStateChangeEvent.REASON_USER_REQUEST,
"No usable host found due to DNSSEC failures");
}
/**
* Connects using the domain specified and its SRV records.
* @param domain the domain to use
* @param password the password of the user
* @param serviceName the domain name of the user's login
* @param dnssecState state of possible received DNSSEC exceptions
* @return whether to continue trying or stop.
*/
private ConnectState connectUsingSRVRecords(
String domain,
String password,
String serviceName)
String serviceName,
boolean[] dnssecState)
throws XMPPException
{
// check to see is there SRV records for this server domain
@ -677,6 +713,11 @@ private ConnectState connectUsingSRVRecords(
{
logger.error("SRV record not resolved", e);
}
catch (DnssecException e)
{
logger.error("DNSSEC failure for SRV lookup", e);
dnssecState[0] = true;
}
if(srvRecords != null)
{
@ -695,14 +736,21 @@ private ConnectState connectUsingSRVRecords(
{
logger.error("Invalid SRV record target", e);
}
if (addrs == null)
catch (DnssecException e)
{
logger.error("DNSSEC failure for A/AAAA lookup of SRV", e);
dnssecState[0] = true;
}
if (addrs == null || addrs.length == 0)
continue;
for (InetSocketAddress isa : addrs)
{
try
{
return connectAndLogin(isa, password, serviceName);
ConnectState state = connectAndLogin(
isa, password, serviceName);
return state;
}
catch(XMPPException ex)
{
@ -2381,6 +2429,11 @@ public static boolean isGmailOrGoogleAppsAccount(String domain)
logger.info("Failed to get SRV records for XMPP domain");
return false;
}
catch (DnssecException e)
{
logger.error("DNSSEC failure while checking for google domains", e);
return false;
}
if(srvRecords == null)
{

1
src/net/java/sip/communicator/impl/protocol/jabber/jabber.provider.manifest.mf
Unescape View File

@ -34,6 +34,7 @@ Import-Package: org.osgi.framework,
net.java.sip.communicator.service.configuration,
net.java.sip.communicator.service.resources,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.service.packetlogging,
net.java.sip.communicator.service.protocol,
net.java.sip.communicator.service.protocol.jabberconstants,

9
src/net/java/sip/communicator/impl/protocol/msn/ProtocolProviderServiceMsnImpl.java
Unescape View File

@ -12,6 +12,7 @@
import net.java.sip.communicator.service.protocol.*;
import net.java.sip.communicator.service.protocol.event.*;
import net.java.sip.communicator.util.*;
import net.java.sip.communicator.util.dns.*;
import net.sf.jml.*;
import net.sf.jml.event.*;
import net.sf.jml.exception.*;
@ -229,6 +230,14 @@ private void connectAndLogin(SecurityAuthority authority, int reasonCode)
RegistrationStateChangeEvent.REASON_SERVER_NOT_FOUND,
null);
}
catch(DnssecRuntimeException ex)
{
fireRegistrationStateChanged(
getRegistrationState(),
RegistrationState.UNREGISTERED,
RegistrationStateChangeEvent.REASON_USER_REQUEST,
null);
}
}
}

1
src/net/java/sip/communicator/impl/protocol/msn/msn.provider.manifest.mf
Unescape View File

@ -33,6 +33,7 @@ Import-Package: org.apache.commons.logging,
net.java.sip.communicator.service.fileaccess,
net.java.sip.communicator.service.resources,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.service.protocol,
net.java.sip.communicator.service.protocol.msnconstants,
net.java.sip.communicator.service.protocol.event

16
src/net/java/sip/communicator/impl/protocol/sip/ProtocolProviderServiceSipImpl.java
Unescape View File

@ -15,6 +15,8 @@
import net.java.sip.communicator.service.protocol.event.*;
import net.java.sip.communicator.service.version.Version;
import net.java.sip.communicator.util.*;
import net.java.sip.communicator.util.dns.*;
import org.osgi.framework.*;
import javax.sip.*;
@ -299,13 +301,14 @@ public void register(SecurityAuthority authority)
sipSecurityManager.setSecurityAuthority(authority);
initRegistrarConnection();
//connect to the Registrar.
connection = ProxyConnection.create(this);
if(!registerUsingNextAddress())
{
logger.error("No address found for " + this);
fireRegistrationStateChanged(
RegistrationState.UNREGISTERED,
RegistrationState.REGISTERING,
RegistrationState.CONNECTION_FAILED,
RegistrationStateChangeEvent.REASON_SERVER_NOT_FOUND,
"Invalid or inaccessible server address.");
@ -2396,6 +2399,17 @@ else if(connection.getNextAddress())
return true;
}
}
catch (DnssecException e)
{
logger.error("DNSSEC failure while getting address for "
+ this, e);
fireRegistrationStateChanged(
RegistrationState.REGISTERING,
RegistrationState.UNREGISTERED,
RegistrationStateChangeEvent.REASON_USER_REQUEST,
"Invalid or inaccessible server address.");
return true;
}
catch (Throwable e)
{
logger.error("Cannot send register!", e);

16
src/net/java/sip/communicator/impl/protocol/sip/net/AutoProxyConnection.java
Unescape View File

@ -15,6 +15,7 @@
import net.java.sip.communicator.impl.protocol.sip.*;
import net.java.sip.communicator.util.*;
import net.java.sip.communicator.util.dns.*;
import static javax.sip.ListeningPoint.*;
/**
@ -52,19 +53,19 @@ public InetAddress getInetAddress(String address)
}
public String[][] getNAPTRRecords(String address)
throws ParseException
throws ParseException, DnssecException
{
return NetworkUtils.getNAPTRRecords(address);
}
public SRVRecord[] getSRVRecords(String service, String proto,
String address) throws ParseException
String address) throws ParseException, DnssecException
{
return NetworkUtils.getSRVRecords(service, proto, address);
}
public InetSocketAddress[] getAandAAAARecords(String target, int port)
throws ParseException
throws ParseException, DnssecException
{
return NetworkUtils.getAandAAAARecords(target, port);
}
@ -75,7 +76,7 @@ public boolean isValidIPAddress(String address)
}
public SRVRecord[] getSRVRecords(String domain)
throws ParseException
throws ParseException, DnssecException
{
return NetworkUtils.getSRVRecords(domain);
}
@ -152,6 +153,7 @@ protected void setNetworkUtils(LocalNetworkUtils nu)
* getNextAddressFromDns()
*/
protected boolean getNextAddressFromDns()
throws DnssecException
{
try
{
@ -167,9 +169,13 @@ protected boolean getNextAddressFromDns()
/**
* Gets the next address from DNS.
*
* @throws DnssecException When a DNSSEC failure occured during the lookup.
* @throws ParseException When a domain name (possibly returned from DNS
* itself) is invalid.
*/
private boolean getNextAddressInternal()
throws ParseException
throws DnssecException, ParseException
{
switch(state)
{

2
src/net/java/sip/communicator/impl/protocol/sip/net/ManualProxyConnection.java
Unescape View File

@ -14,6 +14,7 @@
import net.java.sip.communicator.impl.protocol.sip.*;
import net.java.sip.communicator.util.*;
import net.java.sip.communicator.util.dns.*;
/**
* Implementation of the manually configured SIP proxy connection. IP Address
@ -52,6 +53,7 @@ public ManualProxyConnection(SipAccountID account)
*/
@Override
public boolean getNextAddressFromDns()
throws DnssecException
{
if(lookups == null)
{

14
src/net/java/sip/communicator/impl/protocol/sip/net/ProxyConnection.java
Unescape View File

@ -4,6 +4,7 @@
import java.util.*;
import net.java.sip.communicator.impl.protocol.sip.*;
import net.java.sip.communicator.util.dns.DnssecException;
import static net.java.sip.communicator.service.protocol.ProtocolProviderFactory.*;
/**
@ -34,8 +35,6 @@ protected ProxyConnection(SipAccountID account)
*/
public final InetSocketAddress getAddress()
{
if(socketAddress == null)
getNextAddress();
return socketAddress;
}
@ -45,8 +44,6 @@ public final InetSocketAddress getAddress()
*/
public final String getTransport()
{
if(transport == null)
getNextAddress();
return transport;
}
@ -61,8 +58,7 @@ public final String getTransport()
public final String getOutboundProxyString()
{
if(socketAddress == null)
if(!getNextAddress())
return null;
return null;
InetAddress proxyAddress = socketAddress.getAddress();
StringBuilder proxyStringBuffer
@ -106,7 +102,7 @@ public final boolean isSameInetAddress(InetAddress addressToTest)
* false if the last address was reached. A new lookup from scratch
* can be started by calling {@link #reset()}.
*/
public final boolean getNextAddress()
public final boolean getNextAddress() throws DnssecException
{
boolean result;
String key = null;
@ -132,8 +128,10 @@ public final boolean getNextAddress()
* have to care about duplicate addresses.
*
* @return True when a further address was available.
* @throws DnssecException when a DNSSEC validation failure occured.
*/
protected abstract boolean getNextAddressFromDns();
protected abstract boolean getNextAddressFromDns()
throws DnssecException;
/**
* Resets the lookup to it's initial state. Overriders methods have to call

1
src/net/java/sip/communicator/impl/protocol/sip/sip.provider.manifest.mf
Unescape View File

@ -55,6 +55,7 @@ Import-Package: org.apache.log4j,
net.java.sip.communicator.service.resources,
net.java.sip.communicator.service.version,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.util.xml,
javax.net.ssl,
javax.security.auth.x500,

8
src/net/java/sip/communicator/impl/protocol/yahoo/ProtocolProviderServiceYahooImpl.java
Unescape View File

@ -11,6 +11,7 @@
import net.java.sip.communicator.service.protocol.*;
import net.java.sip.communicator.service.protocol.event.*;
import net.java.sip.communicator.util.*;
import net.java.sip.communicator.util.dns.*;
import ymsg.network.*;
import ymsg.network.event.*;
@ -251,6 +252,13 @@ else if(ex.getStatus() == StatusConstants.STATUS_LOCKED)
RegistrationState.CONNECTION_FAILED,
RegistrationStateChangeEvent.REASON_NOT_SPECIFIED, null);
}
catch (DnssecRuntimeException ex)
{
fireRegistrationStateChanged(
getRegistrationState(),
RegistrationState.UNREGISTERED,
RegistrationStateChangeEvent.REASON_USER_REQUEST, null);
}
}
}

1
src/net/java/sip/communicator/impl/protocol/yahoo/yahoo.provider.manifest.mf
Unescape View File

@ -16,6 +16,7 @@ Import-Package: org.osgi.framework,
net.java.sip.communicator.service.configuration,
net.java.sip.communicator.service.resources,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.service.protocol,
net.java.sip.communicator.service.protocol.yahooconstants,
net.java.sip.communicator.service.protocol.event

3
src/net/java/sip/communicator/plugin/dnsconfig/dnsconfig.manifest.mf
Unescape View File

@ -3,9 +3,10 @@ Bundle-Name: DNSConfig
Bundle-Description: DNS configuration plugin
Bundle-Vendor: sip-communicator.org
Bundle-Version: 0.0.1
System-Bundle: yes
System-Bundle: no
Import-Package: org.osgi.framework,
net.java.sip.communicator.service.configuration,
net.java.sip.communicator.service.fileaccess,
net.java.sip.communicator.service.gui,
net.java.sip.communicator.service.gui.event,
net.java.sip.communicator.service.resources,

112
src/net/java/sip/communicator/util/NetworkUtils.java
Unescape View File

@ -122,6 +122,18 @@ public class NetworkUtils
public static final String PNAME_BACKUP_RESOLVER_FALLBACK_IP
= "net.java.sip.communicator.util.dns.BACKUP_RESOLVER_FALLBACK_IP";
/**
* The name of the boolean property that defines whether all domain names
* looked up from Jitsi should be treated as absolute.
*/
public static final String PNAME_DNS_ALWAYS_ABSOLUTE
= "net.java.sip.communicator.util.dns.DNSSEC_ALWAYS_ABSOLUTE";
/**
* Default value of {@link #PNAME_DNS_ALWAYS_ABSOLUTE}.
*/
public static final boolean PDEFAULT_DNS_ALWAYS_ABSOLUTE = false;
/**
* The DNSjava resolver that we use with SRV and NAPTR queries in order to
* try and smooth the problem of DNS servers that silently drop them.
@ -334,7 +346,7 @@ else if (ipv6Expected)
*/
public static byte[] strToIPv4(String ipv4AddrStr)
{
if (ipv4AddrStr.length() == 0)
if (ipv4AddrStr == null || ipv4AddrStr.length() == 0)
return null;
byte[] address = new byte[IN4_ADDR_SIZE];
@ -435,7 +447,7 @@ public static byte[] strToIPv4(String ipv4AddrStr)
public static byte[] strToIPv6(String ipv6AddrStr)
{
// Bail out if the string is shorter than "::"
if (ipv6AddrStr.length() < 2)
if (ipv6AddrStr == null || ipv6AddrStr.length() < 2)
return null;
int colonIndex;
@ -581,9 +593,10 @@ else if (i == srcb_length)
* @return an array of SRVRecord containing records returned by the DNS
* server - address and port .
* @throws ParseException if <tt>domain</tt> is not a valid domain name.
* @throws DnssecException when a DNSSEC validation failure occurred.
*/
public static SRVRecord[] getSRVRecords(String domain)
throws ParseException
throws ParseException, DnssecException
{
Record[] records = null;
try
@ -596,6 +609,10 @@ public static SRVRecord[] getSRVRecords(String domain)
logger.error("Failed to parse domain=" + domain, tpe);
throw new ParseException(tpe.getMessage(), 0);
}
catch(DnssecRuntimeException e)
{
throw new DnssecException(e);
}
if (records == null)
{
return null;
@ -644,11 +661,12 @@ public int compare(SRVRecord obj1, SRVRecord obj2)
* @return the first InetSocketAddress containing records returned by the
* DNS server - address and port .
* @throws ParseException if <tt>domain</tt> is not a valid domain name.
* @throws DnssecException when a DNSSEC validation failure occurred.
*/
public static SRVRecord getSRVRecord(String service,
String proto,
String domain)
throws ParseException
throws ParseException, DnssecException
{
SRVRecord[] records = getSRVRecords("_" + service
+ "._" + proto
@ -672,11 +690,12 @@ public static SRVRecord getSRVRecord(String service,
* @return the InetSocketAddress[] containing records returned by the
* DNS server - address and port .
* @throws ParseException if <tt>domain</tt> is not a valid domain name.
* @throws DnssecException when a DNSSEC validation failure occurred.
*/
public static SRVRecord[] getSRVRecords(String service,
String proto,
String domain)
throws ParseException
throws ParseException, DnssecException
{
SRVRecord[] records = getSRVRecords("_" + service
+ "._" + proto
@ -698,9 +717,10 @@ public static SRVRecord[] getSRVRecords(String service,
* @return an array with the values or null if no records found.
*
* @throws ParseException if <tt>domain</tt> is not a valid domain name.
* @throws DnssecException when a DNSSEC validation failure occurred.
*/
public static String[][] getNAPTRRecords(String domain)
throws ParseException
throws ParseException, DnssecException
{
Record[] records = null;
try
@ -713,6 +733,10 @@ public static String[][] getNAPTRRecords(String domain)
logger.error("Failed to parse domain="+domain, tpe);
throw new ParseException(tpe.getMessage(), 0);
}
catch(DnssecRuntimeException e)
{
throw new DnssecException(e);
}
if (records == null)
{
@ -849,9 +873,10 @@ public static InetAddress getInetAddress(String hostAddress)
* @return an array of InetSocketAddress containing records returned by the
* DNS server - address and port .
* @throws ParseException if <tt>domain</tt> is not a valid domain name.
* @throws DnssecException when a DNSSEC validation failure occurred.
*/
public static InetSocketAddress[] getAandAAAARecords(String domain, int port)
throws ParseException
throws ParseException, DnssecException
{
byte[] address = null;
if((address = strToIPv4(domain)) != null
@ -889,7 +914,15 @@ public static InetSocketAddress[] getAandAAAARecords(String domain, int port)
logger.error("Failed to parse domain <" + domain + ">", tpe);
throw new ParseException(tpe.getMessage(), 0);
}
Record[] records = lookup.run();
Record[] records = null;
try
{
records = lookup.run();
}
catch(DnssecRuntimeException e)
{
throw new DnssecException(e);
}
if(records != null)
{
for(Record r : records)
@ -931,9 +964,10 @@ public static InetSocketAddress[] getAandAAAARecords(String domain, int port)
* @return an array of InetSocketAddress containing records returned by the
* DNS server - address and port .
* @throws ParseException if <tt>domain</tt> is not a valid domain name.
* @throws DnssecException when a DNSSEC validation failure occurred.
*/
public static InetSocketAddress getARecord(String domain, int port)
throws ParseException
throws ParseException, DnssecException
{
byte[] address;
if((address = strToIPv4(domain)) != null)
@ -967,14 +1001,26 @@ public static InetSocketAddress getARecord(String domain, int port)
logger.error("Failed to parse domain="+domain, tpe);
throw new ParseException(tpe.getMessage(), 0);
}
catch(DnssecRuntimeException e)
{
throw new DnssecException(e);
}
if (records != null && records.length > 0)
{
if(logger.isTraceEnabled())
logger.trace("A record for " + domain + "="
+ ((ARecord)records[0]).getAddress());
return new InetSocketAddress(
((ARecord)records[0]).getAddress(),
port);
try
{
return new InetSocketAddress(
InetAddress.getByAddress(domain,
((ARecord)records[0]).getAddress().getAddress()),
port);
}
catch (UnknownHostException e)
{
return null;
}
}
else
{
@ -992,9 +1038,10 @@ public static InetSocketAddress getARecord(String domain, int port)
* @return an array of InetSocketAddress containing records returned by the
* DNS server - address and port .
* @throws ParseException if <tt>domain</tt> is not a valid domain name.
* @throws DnssecException
*/
public static InetSocketAddress getAAAARecord(String domain, int port)
throws ParseException
throws ParseException, DnssecException
{
byte[] address;
if((address = strToIPv6(domain)) != null)
@ -1028,14 +1075,26 @@ public static InetSocketAddress getAAAARecord(String domain, int port)
logger.error("Failed to parse domain="+domain, tpe);
throw new ParseException(tpe.getMessage(), 0);
}
catch(DnssecRuntimeException e)
{
throw new DnssecException(e);
}
if (records != null && records.length > 0)
{
if(logger.isTraceEnabled())
logger.trace("AAAA record for " + domain + "="
+ ((AAAARecord)records[0]).getAddress());
return new InetSocketAddress(
((AAAARecord)records[0]).getAddress(),
port);
try
{
return new InetSocketAddress(
InetAddress.getByAddress(domain,
((AAAARecord)records[0]).getAddress().getAddress()),
port);
}
catch (UnknownHostException e)
{
return null;
}
}
else
{
@ -1155,7 +1214,7 @@ private static boolean isMappedIPv4Addr(byte[] address)
/**
* Creates a new {@link Lookup} instance using our own {@link
* ParallelResolver}.
* ParallelResolver} if it is enabled and DNSSEC is not active.
*
* @param domain the domain we will be resolving
* @param type the type of the record we will be trying to obtain.
@ -1178,6 +1237,15 @@ private static Lookup createLookup(String domain, int type)
.addNetworkConfigurationChangeListener(netListener);
}
// make domain name absolute if requested
if(UtilActivator.getConfigurationService().getBoolean(
PNAME_DNS_ALWAYS_ABSOLUTE,
PDEFAULT_DNS_ALWAYS_ABSOLUTE))
{
if(!Name.fromString(domain).isAbsolute())
domain = domain + ".";
}
Lookup lookup = new Lookup(domain, type);
if(logger.isTraceEnabled())
@ -1194,8 +1262,14 @@ private static Lookup createLookup(String domain, int type)
if(!UtilActivator.getConfigurationService()
.getBoolean(PNAME_BACKUP_RESOLVER_ENABLED,
PDEFAULT_BACKUP_RESOLVER_ENABLED))
PDEFAULT_BACKUP_RESOLVER_ENABLED)
|| UtilActivator.getConfigurationService().getBoolean(
DnsUtilActivator.PNAME_DNSSEC_RESOLVER_ENABLED,
DnsUtilActivator.PDEFAULT_DNSSEC_RESOLVER_ENABLED
))
{
return lookup;
}
//Initiate our global parallel resolver if this is our first ever
//DNS query. The lock here is heavy but necessary as a) the config
@ -1340,7 +1414,7 @@ public static void reloadDnsResolverConfig()
{
// reread system dns configuration
ResolverConfig.refresh();
Lookup.refreshDefault();
DnsUtilActivator.refreshResolver();
if(parallelResolver instanceof ParallelResolver)
{
//needs a separate lock object because the parallelResolver could

2
src/net/java/sip/communicator/util/util.manifest.mf
Unescape View File

@ -29,6 +29,7 @@ Import-Package: org.xml.sax,
javax.security.auth.x500,
net.java.sip.communicator.util.xml,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.service.resources,
net.java.sip.communicator.service.keybindings,
net.java.sip.communicator.service.netaddr,
@ -47,6 +48,5 @@ Export-Package: net.java.sip.communicator.util.xml,
net.java.sip.communicator.util.swing.transparent,
net.java.sip.communicator.util.swing.border,
net.java.sip.communicator.util,
net.java.sip.communicator.util.dns,
net.java.sip.communicator.util.skin,
net.java.sip.communicator.util.launchutils

37
test/net/java/sip/communicator/slick/protocol/sip/TestAutoProxyDetection.java
Unescape View File

@ -16,6 +16,7 @@
import net.java.sip.communicator.impl.protocol.sip.SipAccountID;
import net.java.sip.communicator.impl.protocol.sip.net.AutoProxyConnection;
import net.java.sip.communicator.util.SRVRecord;
import net.java.sip.communicator.util.dns.DnssecException;
import static net.java.sip.communicator.service.protocol.ProtocolProviderFactory.*;
import junit.framework.TestCase;
@ -103,7 +104,7 @@ public void setUp()
a4 = new InetSocketAddress(ia4, 5063);
}
private void prepareOneNaptrOneSrv() throws ParseException
private void prepareOneNaptrOneSrv() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{
{"0", "udp", "_sip._udp." + DOMAIN}
@ -112,7 +113,7 @@ private void prepareOneNaptrOneSrv() throws ParseException
.andReturn(new SRVRecord[]{ srv1 });
}
private void prepareOneNaptrTwoSrv() throws ParseException
private void prepareOneNaptrTwoSrv() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{
{"0", "udp", "_sip._udp." + DOMAIN}
@ -121,7 +122,7 @@ private void prepareOneNaptrTwoSrv() throws ParseException
.andReturn(new SRVRecord[]{ srv1, srv2 });
}
public void testOneNaptrNoSrv() throws ParseException
public void testOneNaptrNoSrv() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{
{"0", "udp", "_sip._udp." + DOMAIN}
@ -133,7 +134,7 @@ public void testOneNaptrNoSrv() throws ParseException
verify(account, nu);
}
public void testOneNaptrOneSrvOneA() throws ParseException
public void testOneNaptrOneSrvOneA() throws ParseException, DnssecException
{
prepareOneNaptrOneSrv();
expect(nu.getAandAAAARecords("proxy1." + DOMAIN, 5060))
@ -147,7 +148,7 @@ public void testOneNaptrOneSrvOneA() throws ParseException
verify(account, nu, srv1);
}
public void testOneNaptrOneSrvTwoA() throws ParseException
public void testOneNaptrOneSrvTwoA() throws ParseException, DnssecException
{
prepareOneNaptrOneSrv();
expect(nu.getAandAAAARecords("proxy1." + DOMAIN, 5060))
@ -166,7 +167,7 @@ public void testOneNaptrOneSrvTwoA() throws ParseException
//-----------------------
public void testOneNaptrTwoSrvOneA() throws ParseException
public void testOneNaptrTwoSrvOneA() throws ParseException, DnssecException
{
prepareOneNaptrTwoSrv();
expect(nu.getAandAAAARecords("proxy1." + DOMAIN, 5060))
@ -185,7 +186,7 @@ public void testOneNaptrTwoSrvOneA() throws ParseException
verify(account, nu, srv1, srv2);
}
public void testOneNaptrTwoSrvTwoA() throws ParseException
public void testOneNaptrTwoSrvTwoA() throws ParseException, DnssecException
{
prepareOneNaptrTwoSrv();
expect(nu.getAandAAAARecords("proxy1." + DOMAIN, 5060))
@ -215,7 +216,9 @@ public void testOneNaptrTwoSrvTwoA() throws ParseException
//-------------------
public void testThreeNaptrOneSrvEachOneAEach() throws ParseException
public void testThreeNaptrOneSrvEachOneAEach()
throws ParseException,
DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{
{"0", "udp", "_sip._udp." + DOMAIN},
@ -254,7 +257,7 @@ public void testThreeNaptrOneSrvEachOneAEach() throws ParseException
//-----------------------
public void testNoSrvOneA() throws ParseException
public void testNoSrvOneA() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{});
expect(nu.getSRVRecords("sips", "TCP", DOMAIN)).andReturn(null);
@ -272,7 +275,7 @@ public void testNoSrvOneA() throws ParseException
verify(account, nu);
}
public void testOneSrvOneA() throws ParseException
public void testOneSrvOneA() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{});
expect(nu.getSRVRecords("sips", "TCP", DOMAIN)).andReturn(null);
@ -291,7 +294,7 @@ public void testOneSrvOneA() throws ParseException
verify(account, nu, srv1);
}
public void testOneSrvTwoA() throws ParseException
public void testOneSrvTwoA() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{});
expect(nu.getSRVRecords("sips", "TCP", DOMAIN)).andReturn(null);
@ -314,7 +317,7 @@ public void testOneSrvTwoA() throws ParseException
verify(account, nu, srv1);
}
public void testTwoSrvOneA() throws ParseException
public void testTwoSrvOneA() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{});
expect(nu.getSRVRecords("sips", "TCP", DOMAIN))
@ -342,7 +345,7 @@ public void testTwoSrvOneA() throws ParseException
//----------------------
public void testNoA() throws ParseException
public void testNoA() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{});
expect(nu.getSRVRecords("sips", "TCP", DOMAIN)).andReturn(null);
@ -357,7 +360,7 @@ public void testNoA() throws ParseException
verify(account, nu);
}
public void testOneA() throws ParseException
public void testOneA() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{});
expect(nu.getSRVRecords("sips", "TCP", DOMAIN)).andReturn(null);
@ -375,7 +378,7 @@ public void testOneA() throws ParseException
verify(account, nu);
}
public void testTwoA() throws ParseException
public void testTwoA() throws ParseException, DnssecException
{
expect(nu.getNAPTRRecords(DOMAIN)).andReturn(new String[][]{});
expect(nu.getSRVRecords("sips", "TCP", DOMAIN)).andReturn(null);
@ -397,7 +400,9 @@ public void testTwoA() throws ParseException
verify(account, nu);
}
public void testNotReturningSameAddressTwice() throws ParseException
public void testNotReturningSameAddressTwice()
throws ParseException,
DnssecException
{
expect(srv1.getTarget()).andReturn("proxy1."+DOMAIN);
expect(srv1.getPort()).andReturn(5060);

Write Preview
Loading…
Cancel
Save