~samwhited/xmpp

ref: 8a516e9e064619dcb3d84499b66e1562546be918 xmpp/features.go -rw-r--r-- 11.1 KiB
xmpp: check every feature in the list for required

Previously if a required feature in a list of stream features could not
be negotiated (eg. because one of its necessary state bits wasn't set)
it would be skipped over and the stream features list would not be
marked as containing required features. This means that if no feature in
the list was marked as required, we would assume that was the end of
stream negotiation and bail out early. Instead, make sure to always
parse every feature and check if it's required, even if it can't be
negotiated. This way we know that we need to try again and negotiate one
of the required features after negotiating the optional features.

Fixes #47

Signed-off-by: Sam Whited <sam@samwhited.com>
xmpp: remove duplicate stream feature data cache

Data returned for caching from stream feature negotiation is always
stored on the session so that it can be accessed later.
Previously it was also being stored on the current stream features list
cache, but this is redundant since we always have access to the session.

Signed-off-by: Sam Whited <sam@samwhited.com>
all: move stream namespaces into stream package
all: move session Flush into TokenWriter
all: add new API to make reading tokens safer
all: add new API to make writing tokens safe
all: bump to new xmlstream and fix flushing
Revert "all: new session XML read/write API"

This reverts commit 5265955b9c79963ea0c1b9f392db0e56b6a242a8.
all: new session XML read/write API
xmpp: fix StartTLS downgrade prevention check
xmpp: always attempt StartTLS negotiation

Even if the feature is not advertised we should always attempt StartTLS
negotiation to prevent downgrade attacks per RFC 7590.

Fixes #21
xmpp: make localpart of features element a const

[ci skip]
xmpp: minor documentation fixes and tweaks

[ci skip]
all: update copyright message

[ci skip]
all: rewrap copyright comments/use xml.TokenReader
all: use xmlstream.TokenWriter in features

Fixes #39
xmpp: return error when features out of order
xmpp: fix bug in feature negotiation
xml: add TODO about stream feature error checking

[ci skip]
xmpp: move features out of config

This is a first step towards getting rid of the config struct, and means
that custom Negotiator's are decoupled from the StreamFeature type (they
can use them if they want, but they don't get access to a list of them
by default).

See #38
all: remove use of session.Encoder method
Next