From e5db842dd6adab95f89876f87c75283ffb80d399 Mon Sep 17 00:00:00 2001 From: MD <1917406+mdcfe@users.noreply.github.com> Date: Sun, 21 Feb 2021 15:46:32 +0000 Subject: [PATCH] Document XMPP config and require server TLS by default (#4002) Small changes related to #3962. --- .../earth2me/essentials/xmpp/XMPPManager.java | 9 ++++++ EssentialsXMPP/src/main/resources/config.yml | 28 +++++++++++++++---- 2 files changed, 31 insertions(+), 6 deletions(-) diff --git a/EssentialsXMPP/src/main/java/com/earth2me/essentials/xmpp/XMPPManager.java b/EssentialsXMPP/src/main/java/com/earth2me/essentials/xmpp/XMPPManager.java index 4fc9a2dbf..ae1cb4d16 100644 --- a/EssentialsXMPP/src/main/java/com/earth2me/essentials/xmpp/XMPPManager.java +++ b/EssentialsXMPP/src/main/java/com/earth2me/essentials/xmpp/XMPPManager.java @@ -111,6 +111,7 @@ public class XMPPManager extends Handler implements MessageListener, ChatManager final String serviceName = config.getString("xmpp.servicename", server); final String xmppuser = config.getString("xmpp.user"); final String password = config.getString("xmpp.password"); + final boolean requireTLS = config.getBoolean("xmpp.require-server-tls", false); final ConnectionConfiguration connConf = new ConnectionConfiguration(server, port, serviceName); final String stringBuilder = "Connecting to xmpp server " + server + ":" + port + " as user " + xmppuser + "."; logger.log(Level.INFO, stringBuilder); @@ -118,6 +119,10 @@ public class XMPPManager extends Handler implements MessageListener, ChatManager connConf.setSendPresence(true); connConf.setReconnectionAllowed(true); connConf.setDebuggerEnabled(config.getBoolean("debug", false)); + if (requireTLS) { + // "enabled" (TLS optional) is the default + connConf.setSecurityMode(ConnectionConfiguration.SecurityMode.required); + } connection = new XMPPConnection(connConf); try { connection.connect(); @@ -131,6 +136,10 @@ public class XMPPManager extends Handler implements MessageListener, ChatManager return true; } catch (final XMPPException ex) { logger.log(Level.WARNING, "Failed to connect to server: " + server, ex); + logger.log(Level.WARNING, "Connected: " + connection.isConnected()); + logger.log(Level.WARNING, "Secure: " + connection.isSecureConnection()); + logger.log(Level.WARNING, "Using TLS: " + connection.isUsingTLS()); + logger.log(Level.WARNING, "Authenticated: " + connection.getSASLAuthentication().isAuthenticated()); return false; } } diff --git a/EssentialsXMPP/src/main/resources/config.yml b/EssentialsXMPP/src/main/resources/config.yml index 3826dd773..c9d07b923 100644 --- a/EssentialsXMPP/src/main/resources/config.yml +++ b/EssentialsXMPP/src/main/resources/config.yml @@ -1,17 +1,33 @@ +# Settings for the XMPP server to connect to. xmpp: + # The server address to connect to, eg 'blabber.im' server: 'example.com' - user: 'name@example.com' + # The username to log in with. This is usually the half before the @ symbol. + user: 'username' + # The password to log in with. password: 'password' -# servicename: 'example.com' -# port: 5222 -# sasl-enabled: false + # The service name. By default, EssentialsX XMPP will use the server address specified above. + # Only uncomment if you need to change this default. + #servicename: 'example.com' + # The port to connect to. + #port: 5222 + # Whether or not to use SASL for login. + #sasl-enabled: false + # Whether to require the server to use TLS before logging in. + #require-server-tls: true +# A list of XMPP users allowed to run console commands. op-users: # - 'name@example.com' +# Whether to enable the Smack debug GUI. This only works in graphical environments. debug: false + +# Whether to enable sending the server log over XMPP. log-enabled: false -# Level is minimum level that should be send: info, warning, severe +# The minimum log level message that should be sent over XMPP. +# Possible values include: info, warning, severe log-level: warning +# The users to send the server log to. log-users: -# - 'name@example.com' \ No newline at end of file +# - 'name@example.com'