From 843382f762f88f37d9b363fe3fc1418326894d21 Mon Sep 17 00:00:00 2001 From: Nick Hudson Date: Tue, 13 Mar 2012 09:32:17 +0000 Subject: Update CoreClient to be a bit more in line with Swiften This change - renames the "onError" signal to be "onDisconnected" (as per change 59be74ec6 in Swiften) - adds "setCertificateTrustChecker()" method and uses the supplied checker when configuring TLS Test-information: My applications still work. When I configure my server with a certificate that doesn't correspond to the requirements in RFC 6120, my CertificateTrustChecker gets called, and the session is either dropped or maintained depending on what my checker returns. diff --git a/src/com/isode/stroke/client/CoreClient.java b/src/com/isode/stroke/client/CoreClient.java index 49b6df7..cae1bdb 100644 --- a/src/com/isode/stroke/client/CoreClient.java +++ b/src/com/isode/stroke/client/CoreClient.java @@ -8,6 +8,7 @@ */ package com.isode.stroke.client; +import com.isode.stroke.base.NotNull; import com.isode.stroke.elements.Message; import com.isode.stroke.elements.Presence; import com.isode.stroke.elements.Stanza; @@ -32,7 +33,6 @@ import com.isode.stroke.signals.Slot1; import com.isode.stroke.tls.CertificateTrustChecker; import com.isode.stroke.tls.CertificateVerificationError; import com.isode.stroke.tls.CertificateWithKey; -import com.isode.stroke.tls.PKCS12Certificate; import com.isode.stroke.tls.PlatformTLSFactories; /** @@ -159,11 +159,10 @@ public class CoreClient { if (connectorConnectFinishedConnection_ != null) { connectorConnectFinishedConnection_.disconnect(); } + connector_ = null; if (connection == null) { - if (!disconnectRequested_) { - onError.emit(new ClientError(ClientError.Type.ConnectionError)); - } + onDisconnected.emit(disconnectRequested_ ? null : new ClientError(ClientError.Type.ConnectionError)); } else { assert (connection_ == null); connection_ = connection; @@ -193,6 +192,7 @@ public class CoreClient { switch (options.useTLS) { case UseTLSWhenAvailable: session_.setUseTLS(ClientSession.UseTLS.UseTLSWhenAvailable); + session_.setCertificateTrustChecker(certificateTrustChecker); break; case NeverUseTLS: session_.setUseTLS(ClientSession.UseTLS.NeverUseTLS); @@ -232,6 +232,20 @@ public class CoreClient { public void setCertificate(CertificateWithKey certificate) { certificate_ = certificate; } + + /** + * Sets the certificate trust checker. If a server presents a certificate + * which does not conform to the requirements of RFC 6120, then the + * trust checker, if configured, will be called. If the trust checker + * says the certificate is trusted, then connecting will proceed; if + * not, the connection will end with an error. + * + * @param checker a CertificateTrustChecker that will be called when + * the server sends a TLS certificate that does not validate. + */ + public void setCertificateTrustChecker(CertificateTrustChecker checker) { + certificateTrustChecker = checker; + } private void handleSessionFinished(com.isode.stroke.base.Error error) { sessionFinishedConnection_.disconnect(); @@ -245,8 +259,8 @@ public class CoreClient { connection_.disconnect(); connection_ = null; + ClientError clientError = null; if (error != null) { - ClientError clientError = null; if (error instanceof ClientSession.Error) { ClientSession.Error actualError = (ClientSession.Error) error; switch (actualError.type) { @@ -277,6 +291,7 @@ public class CoreClient { case TLSClientCertificateError: clientError = new ClientError(ClientError.Type.ClientCertificateError); break; + /* Note: no case clause for "StreamError" */ } } else if (error instanceof SessionStream.Error) { SessionStream.Error actualError = (SessionStream.Error) error; @@ -335,9 +350,12 @@ public class CoreClient { break; } } - assert clientError != null; - onError.emit(clientError); + /* If "error" was non-null, we expect to be able to derive + * a non-null "clientError". + */ + NotNull.exceptIfNull(clientError,"clientError"); } + onDisconnected.emit(clientError); } private void handleNeedCredentials() { @@ -409,9 +427,12 @@ public class CoreClient { /** * The user should add a listener to this signal, which will be called when - * a stream or connection error (not stanza error) occurs. + * the client was disconnected from tne network. + * + *

If the disconnection was due to a non-recoverable error, the type + * of error will be passed as a parameter. */ - public final Signal1 onError = new Signal1(); + public final Signal1 onDisconnected = new Signal1(); /** * The user should add a listener to this signal, which will be called when diff --git a/src/com/isode/stroke/examples/gui/StrokeGUI.java b/src/com/isode/stroke/examples/gui/StrokeGUI.java index 0422abb..e8580fc 100644 --- a/src/com/isode/stroke/examples/gui/StrokeGUI.java +++ b/src/com/isode/stroke/examples/gui/StrokeGUI.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2011, Isode Limited, London, England. + * Copyright (c) 2010-2012, Isode Limited, London, England. * All rights reserved. */ @@ -173,7 +173,7 @@ public class StrokeGUI extends javax.swing.JFrame { thisObject.handleMessageReceived(p1); } }); - client_.onError.connect(new Slot1() { + client_.onDisconnected.connect(new Slot1() { public void call(ClientError p1) { thisObject.handleClientError(p1); -- cgit v0.10.2-6-g49f6