summaryrefslogtreecommitdiffstats
blob: ee3992d3efd4988afc3df89d0f062dd40b5e4799 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
/*
 * Copyright (c) 2010 Remko Tronçon
 * Licensed under the GNU General Public License v3.
 * See Documentation/Licenses/GPLv3.txt for more information.
 */

#pragma once

#include "Swiften/Base/boost_bsignals.h"
#include <boost/shared_ptr.hpp>
#include <boost/enable_shared_from_this.hpp>

#include "Swiften/Base/Error.h"
#include "Swiften/Session/SessionStream.h"
#include <string>
#include "Swiften/JID/JID.h"
#include "Swiften/Elements/Element.h"
#include "Swiften/StreamManagement/StanzaAckRequester.h"
#include "Swiften/StreamManagement/StanzaAckResponder.h"

namespace Swift {
	class ClientAuthenticator;
	class CertificateTrustChecker;

	class ClientSession : public boost::enable_shared_from_this<ClientSession> {
		public:
			enum State {
				Initial,
				WaitingForStreamStart,
				Negotiating,
				Compressing,
				WaitingForEncrypt,
				Encrypting,
				WaitingForCredentials,
				Authenticating,
				EnablingSessionManagement,
				BindingResource,
				StartingSession,
				Initialized,
				Finishing,
				Finished
			};

			struct Error : public Swift::Error {
				enum Type {
					AuthenticationFailedError,
					CompressionFailedError,
					ServerVerificationFailedError,
					NoSupportedAuthMechanismsError,
					UnexpectedElementError,
					ResourceBindError,
					SessionStartError,
					TLSClientCertificateError,
					TLSError,
					StreamError,
				} type;
				Error(Type type) : type(type) {}
			};

			~ClientSession();

			static boost::shared_ptr<ClientSession> create(const JID& jid, boost::shared_ptr<SessionStream> stream) {
				return boost::shared_ptr<ClientSession>(new ClientSession(jid, stream));
			}

			State getState() const {
				return state;
			}

			void setAllowPLAINOverNonTLS(bool b) {
				allowPLAINOverNonTLS = b;
			}

			void setUseStreamCompression(bool b) {
				useStreamCompression = b;
			}

			bool getStreamManagementEnabled() const {
				return stanzaAckRequester_;
			}

			const JID& getLocalJID() const {
				return localJID;
			}

			void start();
			void finish();

			bool isFinished() const {
				return getState() == Finished;
			}

			void sendCredentials(const std::string& password);
			void sendStanza(boost::shared_ptr<Stanza>);

			void setCertificateTrustChecker(CertificateTrustChecker* checker) {
				certificateTrustChecker = checker;
			}

		public:
			boost::signal<void ()> onNeedCredentials;
			boost::signal<void ()> onInitialized;
			boost::signal<void (boost::shared_ptr<Swift::Error>)> onFinished;
			boost::signal<void (boost::shared_ptr<Stanza>)> onStanzaReceived;
			boost::signal<void (boost::shared_ptr<Stanza>)> onStanzaAcked;
		
		private:
			ClientSession(
					const JID& jid, 
					boost::shared_ptr<SessionStream>);

			void finishSession(Error::Type error);
			void finishSession(boost::shared_ptr<Swift::Error> error);

			JID getRemoteJID() const {
				return JID("", localJID.getDomain());
			}

			void sendStreamHeader();

			void handleElement(boost::shared_ptr<Element>);
			void handleStreamStart(const ProtocolHeader&);
			void handleStreamClosed(boost::shared_ptr<Swift::Error>);

			void handleTLSEncrypted();

			bool checkState(State);
			void continueSessionInitialization();

			void requestAck();
			void handleStanzaAcked(boost::shared_ptr<Stanza> stanza);
			void ack(unsigned int handledStanzasCount);
			void continueAfterTLSEncrypted();
			void checkTrustOrFinish(Certificate::ref certificate, boost::shared_ptr<CertificateVerificationError> error);

		private:
			JID localJID;
			State state;
			boost::shared_ptr<SessionStream> stream;
			bool allowPLAINOverNonTLS;
			bool useStreamCompression;
			bool needSessionStart;
			bool needResourceBind;
			bool needAcking;
			ClientAuthenticator* authenticator;
			boost::shared_ptr<StanzaAckRequester> stanzaAckRequester_;
			boost::shared_ptr<StanzaAckResponder> stanzaAckResponder_;
			boost::shared_ptr<Swift::Error> error_;
			CertificateTrustChecker* certificateTrustChecker;
	};
}