Document XMPP config and require server TLS by default (#4002)

Small changes related to #3962.
This commit is contained in:
MD 2021-02-21 15:46:32 +00:00 committed by GitHub
parent 657a11b1f4
commit e5db842dd6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 31 additions and 6 deletions

View File

@ -111,6 +111,7 @@ public class XMPPManager extends Handler implements MessageListener, ChatManager
final String serviceName = config.getString("xmpp.servicename", server); final String serviceName = config.getString("xmpp.servicename", server);
final String xmppuser = config.getString("xmpp.user"); final String xmppuser = config.getString("xmpp.user");
final String password = config.getString("xmpp.password"); final String password = config.getString("xmpp.password");
final boolean requireTLS = config.getBoolean("xmpp.require-server-tls", false);
final ConnectionConfiguration connConf = new ConnectionConfiguration(server, port, serviceName); final ConnectionConfiguration connConf = new ConnectionConfiguration(server, port, serviceName);
final String stringBuilder = "Connecting to xmpp server " + server + ":" + port + " as user " + xmppuser + "."; final String stringBuilder = "Connecting to xmpp server " + server + ":" + port + " as user " + xmppuser + ".";
logger.log(Level.INFO, stringBuilder); logger.log(Level.INFO, stringBuilder);
@ -118,6 +119,10 @@ public class XMPPManager extends Handler implements MessageListener, ChatManager
connConf.setSendPresence(true); connConf.setSendPresence(true);
connConf.setReconnectionAllowed(true); connConf.setReconnectionAllowed(true);
connConf.setDebuggerEnabled(config.getBoolean("debug", false)); connConf.setDebuggerEnabled(config.getBoolean("debug", false));
if (requireTLS) {
// "enabled" (TLS optional) is the default
connConf.setSecurityMode(ConnectionConfiguration.SecurityMode.required);
}
connection = new XMPPConnection(connConf); connection = new XMPPConnection(connConf);
try { try {
connection.connect(); connection.connect();
@ -131,6 +136,10 @@ public class XMPPManager extends Handler implements MessageListener, ChatManager
return true; return true;
} catch (final XMPPException ex) { } catch (final XMPPException ex) {
logger.log(Level.WARNING, "Failed to connect to server: " + server, ex); logger.log(Level.WARNING, "Failed to connect to server: " + server, ex);
logger.log(Level.WARNING, "Connected: " + connection.isConnected());
logger.log(Level.WARNING, "Secure: " + connection.isSecureConnection());
logger.log(Level.WARNING, "Using TLS: " + connection.isUsingTLS());
logger.log(Level.WARNING, "Authenticated: " + connection.getSASLAuthentication().isAuthenticated());
return false; return false;
} }
} }

View File

@ -1,17 +1,33 @@
# Settings for the XMPP server to connect to.
xmpp: xmpp:
# The server address to connect to, eg 'blabber.im'
server: 'example.com' server: 'example.com'
user: 'name@example.com' # The username to log in with. This is usually the half before the @ symbol.
user: 'username'
# The password to log in with.
password: 'password' password: 'password'
# The service name. By default, EssentialsX XMPP will use the server address specified above.
# Only uncomment if you need to change this default.
#servicename: 'example.com' #servicename: 'example.com'
# The port to connect to.
#port: 5222 #port: 5222
# Whether or not to use SASL for login.
#sasl-enabled: false #sasl-enabled: false
# Whether to require the server to use TLS before logging in.
#require-server-tls: true
# A list of XMPP users allowed to run console commands.
op-users: op-users:
# - 'name@example.com' # - 'name@example.com'
# Whether to enable the Smack debug GUI. This only works in graphical environments.
debug: false debug: false
# Whether to enable sending the server log over XMPP.
log-enabled: false log-enabled: false
# Level is minimum level that should be send: info, warning, severe # The minimum log level message that should be sent over XMPP.
# Possible values include: info, warning, severe
log-level: warning log-level: warning
# The users to send the server log to.
log-users: log-users:
# - 'name@example.com' # - 'name@example.com'