@Override public void process(Packet packet) throws UnauthorizedException, PacketException { process((Presence) packet, sessionManager.getSession(packet.getFrom())); }
private boolean matchesPacketSenderCondition(Packet packet, Roster roster, JID userJID) { if (type == null) { // This is the "fall-through" case return true; } boolean isPresence = packet.getClass().equals(Presence.class); boolean incoming = true; if (packet.getFrom() != null) { incoming = !userJID.toBareJID().equals(packet.getFrom().toBareJID()); } boolean matches = false; if (isPresence && !incoming && (filterEverything || filterPresence_out)) { // If this is an outgoing presence and we are filtering by outgoing presence // notification then use the receipient of the packet in the analysis matches = verifyJID(packet.getTo(), roster); } if (!matches && incoming && (filterEverything || filterPresence_in || filterIQ || filterMessage)) { matches = verifyJID(packet.getFrom(), roster); } return matches; }
@Override public void sendPacket(Component component, Packet packet) { if (packet != null && packet.getFrom() == null) { throw new IllegalArgumentException("Packet with no FROM address was received from component."); } PacketRouter router = XMPPServer.getInstance().getPacketRouter(); if (router != null) { router.route(packet); } }
@Override public void run() { try { channelHandler.process( packet ); } catch ( Exception e ) { Log.error( LocaleUtils.getLocalizedString( "admin.error" ), e ); try { Session session = SessionManager.getInstance().getSession( packet.getFrom() ); if ( session != null ) { Log.debug( "Closing session of '{}': {}", packet.getFrom(), session ); session.close(); } } catch ( Exception e1 ) { Log.error( "Unexpected exception while trying to close session of '{}'.", packet.getFrom(), e1 ); } } } };
@Override public void interceptPacket(Packet packet, Session session, boolean read, boolean processed) { if (!processed) { // Ignore packets sent or received by users that are present in the ignore list JID from = packet.getFrom(); JID to = packet.getTo(); if ((from == null || !ignoreList.contains(from.getNode())) && (to == null || !ignoreList.contains(to.getNode()))) { auditor.audit(packet, session); } } } }
/** * Returns true if the specified packet must be blocked based on this privacy list rules. * Rules are going to be analyzed based on their order (in ascending order). When a rule * is matched then communication will be blocked or allowed based on that rule. No more * further analysis is going to be made. * * @param packet the packet to analyze if it must be blocked. * @return true if the specified packet must be blocked based on this privacy list rules. */ public boolean shouldBlockPacket(Packet packet) { if (packet.getFrom() == null) { // Sender is the server so it's not denied return false; } // Iterate over the rules and check each rule condition Roster roster = getRoster(); for (PrivacyItem item : items) { if (item.matchesCondition(packet, roster, userJID)) { if (item.isAllow()) { return false; } if (Log.isDebugEnabled()) { Log.debug("PrivacyList: Packet was blocked: " + packet); } return true; } } // If no rule blocked the communication then allow the packet to flow return false; }
private void sendPacket(Packet packet) throws Exception { // Create a connection to the remote server from the domain where the packet has been sent boolean created; // Make sure that only one cluster node is creating the outgoing connection // TODO: Evaluate why removing the oss part causes nasty s2s and lockup issues. Lock lock = CacheFactory.getLock(domain+"oss", serversCache); try { lock.lock(); created = LocalOutgoingServerSession .authenticateDomain(packet.getFrom().getDomain(), packet.getTo().getDomain()); } finally { lock.unlock(); } if (created) { if (!routingTable.hasServerRoute(new DomainPair(packet.getFrom().getDomain(), packet.getTo().getDomain()))) { throw new Exception("Route created but not found!!!"); } // A connection to the remote server was created so get the route and send the packet routingTable.routePacket(packet.getTo(), packet, false); } else { throw new Exception("Failed to create connection to remote server"); } }
/** * Keeps a log of the XMPP traffic, releasing the wait lock on response received. */ @Override public void interceptPacket(Packet packet, Session session, boolean incoming, boolean processed) throws PacketRejectedException { if (!processed && (ping.getTo().getDomain().equals(packet.getFrom().getDomain()) || ping.getTo().getDomain().equals(packet.getTo().getDomain()))) { // Log all traffic to and from the domain. xml.append(packet.toXML()); xml.append('\n'); // If we've received our IQ response, stop the test. if ( packet instanceof IQ ) { final IQ iq = (IQ) packet; if ( iq.isResponse() && ping.getID().equals( iq.getID() ) && ping.getTo().equals( iq.getFrom() ) ) { Log.info("Successful server to server response received."); waitUntil.release(); } } } }
/** * Returns true if the specified packet must only be route to available client sessions. * * @param packet the packet to route. * @param fromServer true if the packet was created by the server. * @return true if the specified packet must only be route to available client sessions. */ private boolean routeOnlyAvailable(Packet packet, boolean fromServer) { if (fromServer) { // Packets created by the server (no matter their FROM value) must always be delivered no // matter the available presence of the user return false; } boolean onlyAvailable = true; JID from = packet.getFrom(); boolean hasSender = from != null; if (packet instanceof IQ) { onlyAvailable = hasSender && !(serverName.equals(from.getDomain()) && from.getResource() == null) && !componentsCache.containsKey(from.getDomain()); } else if (packet instanceof Message || packet instanceof Presence) { onlyAvailable = !hasSender || (!serverName.equals(from.toString()) && !componentsCache.containsKey(from.getDomain())); } return onlyAvailable; }
@Override public void process(Packet packet) throws UnauthorizedException, PacketException { boolean handled = false; String host = packet.getTo().getDomain(); for (Channel<Packet> channel : transports.values()) { if (channel.getName().equalsIgnoreCase(host)) { channel.add(packet); handled = true; } } if (!handled) { JID recipient = packet.getTo(); JID sender = packet.getFrom(); packet.setError(PacketError.Condition.remote_server_timeout); packet.setFrom(recipient); packet.setTo(sender); try { deliverer.deliver(packet); } catch (PacketException e) { Log.error(LocaleUtils.getLocalizedString("admin.error"), e); } } }
/** * Make sure that the received packet has a TO and FROM values defined and that it was sent * from a previously validated domain. If the packet does not matches any of the above * conditions then a PacketRejectedException will be thrown. * * @param packet the received packet. * @throws UnauthorizedException if the packet does not include a TO or FROM or if the packet * was sent from a domain that was not previously validated. */ private void packetReceived(Packet packet) throws UnauthorizedException { if (packet.getTo() == null || packet.getFrom() == null) { Log.debug("ServerStanzaHandler: Closing IncomingServerSession due to packet with no TO or FROM: " + packet.toXML()); // Send a stream error saying that the packet includes no TO or FROM StreamError error = new StreamError(StreamError.Condition.improper_addressing); connection.deliverRawText(error.toXML()); throw new UnauthorizedException("Packet with no TO or FROM attributes"); } else if (!((LocalIncomingServerSession) session).isValidDomain(packet.getFrom().getDomain())) { Log.debug("ServerStanzaHandler: Closing IncomingServerSession due to packet with invalid domain: " + packet.toXML()); // Send a stream error saying that the packet includes an invalid FROM StreamError error = new StreamError(StreamError.Condition.invalid_from); connection.deliverRawText(error.toXML()); throw new UnauthorizedException("Packet with no TO or FROM attributes"); } }
if ( isAnonymousRoute( packet.getFrom() ) ) Log.info( "The anonymous user '{}' attempted to send data to '{}', which is on a remote domain. Openfire is configured to not allow anonymous users to send data to remote domains.", packet.getFrom(), jid ); routed = false; return routed; DomainPair pair = new DomainPair(packet.getFrom().getDomain(), jid.getDomain()); byte[] nodeID = serversCache.get(pair); if (nodeID != null) {
@Override boolean canProcess(Packet packet) { final String senderDomain = packet.getFrom().getDomain(); final String recipDomain = packet.getTo().getDomain(); boolean processed = true; if (!checkOutgoingDomainPair(senderDomain, recipDomain)) { synchronized (("Auth::" + senderDomain).intern()) { if (!checkOutgoingDomainPair(senderDomain, recipDomain) && !authenticateSubdomain(senderDomain, packet.getTo().getDomain())) { // Return error since sender domain was not validated by remote server processed = false; } } } if (!processed) { returnErrorToSender(packet); } return processed; }
if (packet.getTo() == null || packet.getFrom() == null) { Log.debug("Closing IncomingServerSession due to packet with no TO or FROM: " + packet.toXML()); throw new PacketRejectedException("Packet with no TO or FROM attributes"); else if (!((LocalIncomingServerSession) session).isValidDomain(packet.getFrom().getDomain())) { Log.debug("Closing IncomingServerSession due to packet with invalid domain: " + packet.toXML());
for (JID address : routingTable.getRoutes(recipient.asBareJID(), packet.getFrom())) { ClientSession session = routingTable.getClientRoute(address); if (session != null && session.isInitialized()) {
@Override public void process(Packet packet) throws UnauthorizedException, PacketException { try { JID recipient = packet.getTo(); // Check if the target domain belongs to a remote server or a component if (server.matchesComponent(recipient) || server.isRemote(recipient)) { routingTable.routePacket(recipient, packet, false); } // The target domain belongs to the local server else if (recipient == null || (recipient.getNode() == null && recipient.getResource() == null)) { // no TO was found so send back the packet to the sender routingTable.routePacket(packet.getFrom(), packet, false); } else if (recipient.getResource() != null || !(packet instanceof Presence)) { // JID is of the form <user@domain/resource> routingTable.routePacket(recipient, packet, false); } else { // JID is of the form <user@domain> for (JID route : routingTable.getRoutes(recipient, null)) { routingTable.routePacket(route, packet, false); } } } catch (Exception e) { Log.error(LocaleUtils.getLocalizedString("admin.error.deliver") + "\n" + packet.toString(), e); } } }
reply.setTo(packet.getFrom()); reply.setFrom(packet.getTo()); reply.setChildElement(((IQ) packet).getChildElement().createCopy()); reply.setTo(packet.getFrom()); reply.setFrom(packet.getTo()); reply.setType(Presence.Type.error); reply.setTo(packet.getFrom()); reply.setFrom(packet.getTo()); reply.setType(Message.Type.error);
/** * Generate a conflict packet to indicate that the nickname being requested/used is already in * use by another user. * * @param packet the packet to be bounced. * @param error the reason why the operation failed. */ private void sendErrorPacket(Packet packet, PacketError.Condition error) { if (packet instanceof IQ) { IQ reply = IQ.createResultIQ((IQ) packet); reply.setChildElement(((IQ) packet).getChildElement().createCopy()); reply.setError(error); router.route(reply); } else { Packet reply = packet.createCopy(); reply.setError(error); reply.setFrom(packet.getTo()); reply.setTo(packet.getFrom()); router.route(reply); } }