fall back to regular authentication if fast fails

This commit is contained in:
Daniel Gultsch 2022-11-16 11:00:43 +01:00
parent 6ececb4d2b
commit 44bfff7e49

View file

@ -831,17 +831,17 @@ public class XmppConnection implements Runnable {
}
}
private void processFailure(final Element failure) throws StateChangingException {
private void processFailure(final Element failure) throws IOException {
final SaslMechanism.Version version;
try {
version = SaslMechanism.Version.of(failure);
} catch (final IllegalArgumentException e) {
throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
}
Log.d(Config.LOGTAG,failure.toString());
Log.d(Config.LOGTAG, failure.toString());
Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": login failure " + version);
if (SaslMechanism.hashedToken(this.saslMechanism)) {
Log.d(Config.LOGTAG,account.getJid().asBareJid() + ": resetting token");
Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": resetting token");
account.resetFastToken();
mXmppConnectionService.databaseBackend.updateAccount(account);
}
@ -866,8 +866,16 @@ public class XmppConnection implements Runnable {
}
}
}
if (SaslMechanism.hashedToken(this.saslMechanism)) {
Log.d(
Config.LOGTAG,
account.getJid().asBareJid()
+ ": fast authentication failed. falling back to regular authentication");
authenticate();
} else {
throw new StateChangingException(Account.State.UNAUTHORIZED);
}
}
private static SSLSocket sslSocketOrNull(final Socket socket) {
if (socket instanceof SSLSocket) {
@ -1332,6 +1340,17 @@ public class XmppConnection implements Runnable {
}
}
private void authenticate() throws IOException {
final boolean isSecure =
features.encryptionEnabled || Config.ALLOW_NON_TLS_CONNECTIONS || account.isOnion();
if (isSecure && this.streamFeatures.hasChild("authentication", Namespace.SASL_2)) {authenticate(SaslMechanism.Version.SASL_2);
} else if (isSecure && this.streamFeatures.hasChild("mechanisms", Namespace.SASL)) {
authenticate(SaslMechanism.Version.SASL);
} else {
throw new StateChangingException(Account.State.INCOMPATIBLE_SERVER);
}
}
private void authenticate(final SaslMechanism.Version version) throws IOException {
final Element authElement;
if (version == SaslMechanism.Version.SASL) {