diff options
Diffstat (limited to 'src/net/java')
6 files changed, 3 insertions, 823 deletions
diff --git a/src/net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver.java b/src/net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver.java index 5668de2..1b23af4 100644 --- a/src/net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver.java +++ b/src/net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver.java @@ -44,7 +44,6 @@ import org.xbill.DNS.*; * @author Ingo Bauersachs */ public class ConfigurableDnssecResolver - //extends UnboundResolver extends ValidatingResolver implements CustomResolver { diff --git a/src/net/java/sip/communicator/impl/dns/SecureMessage.java b/src/net/java/sip/communicator/impl/dns/SecureMessage.java index b03c340..15f77b0 100644 --- a/src/net/java/sip/communicator/impl/dns/SecureMessage.java +++ b/src/net/java/sip/communicator/impl/dns/SecureMessage.java @@ -35,10 +35,10 @@ public class SecureMessage private String bogusReason; /** - * Creates a new instance of this class based on data received from an - * Unbound resolve. + * Creates a new instance of this class based on data received from a + * dnssecjava resolve. * - * @param msg The answer of the Unbound resolver. + * @param msg The answer of the dnssecjava resolver. * @throws IOException */ public SecureMessage(Message msg) throws IOException diff --git a/src/net/java/sip/communicator/impl/dns/UnboundApi.java b/src/net/java/sip/communicator/impl/dns/UnboundApi.java deleted file mode 100644 index 9a628c0..0000000 --- a/src/net/java/sip/communicator/impl/dns/UnboundApi.java +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Jitsi, the OpenSource Java VoIP and Instant Messaging client. - * - * Copyright @ 2015 Atlassian Pty Ltd - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package net.java.sip.communicator.impl.dns; - -/** - * Wrapper for the JUnbound JNI wrapper. - * <p> - * The JavaDoc of these methods is directly copied from libunbound, licensed as - * follows: - * <p> - * Copyright (c) 2007, NLnet Labs. All rights reserved. - * - * This software is open source. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * Neither the name of the NLNET LABS nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR - * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * @author Ingo Bauersachs - */ -public class UnboundApi -{ - private static boolean isAvailable; - private static final Object syncRoot = new Object(); - - static - { - tryLoadUnbound(); - } - - /** - * Attempts to load the Unbound native library. When successful, - * {@link #isAvailable()} returns true. - */ - public static void tryLoadUnbound() - { - synchronized(syncRoot) - { - try - { - System.loadLibrary("junbound"); - isAvailable = true; - } - catch(UnsatisfiedLinkError e) - { - isAvailable = false; - } - } - } - - /** - * Indicates whether the Unbound library is loaded. - * @return True when the JNI wrapper could be loaded, false otherwise. - */ - public static boolean isAvailable() - { - return isAvailable; - } - - /** - * Set debug verbosity for the context. Output is directed to stderr. Higher - * debug level gives more output. - * - * @param context context. - * @param level The debug level. - */ - public static native void setDebugLevel(long context, int level); - - /** - * Create a resolving and validation context. - * @return a new context. default initialization. returns NULL on error. - */ - public static native long createContext(); - - /** - * Destroy a validation context and free all its resources. Outstanding - * async queries are killed and callbacks are not called for them. - * - * @param context context to delete - */ - public static native void deleteContext(long context); - - /** - * Set machine to forward DNS queries to, the caching resolver to use. - * <p> - * IP4 or IP6 address. Forwards all DNS requests to that machine, which is - * expected to run a recursive resolver. If the proxy is not DNSSEC-capable, - * validation may fail. Can be called several times, in that case the - * addresses are used as backup servers. - * - * @param context context. At this time it is only possible to set - * configuration before the first resolve is done. - * @param server address, IP4 or IP6 in string format. If the server is - * NULL, forwarding is disabled. - */ - public static native void setForwarder(long context, String server); - - /** - * Add a trust anchor to the given context. - * <p> - * The trust anchor is a string, on one line, that holds a valid DNSKEY or - * DS RR. - * - * @param context context. At this time it is only possible to add trusted - * keys before the first resolve is done. - * @param anchor string, with zone-format RR on one line. [domainname] [TTL - * optional] [type] [class optional] [rdata contents] - */ - public static native void addTrustAnchor(long context, String anchor); - - /** - * Perform resolution and validation of the target name. - * - * @param context context. The context is finalized, and can no longer - * accept config changes. - * @param name domain name in text format (a zero terminated text string). - * @param rrtype type of RR in host order, 1 is A (address). - * @param rrclass class of RR in host order, 1 is IN (for internet). - * @return the result data is returned in a newly allocated result - * structure. May be NULL on return, return value is set to an error - * in that case (out of memory). - * @throws UnboundException when an error occurred. - */ - public static native UnboundResult resolve(long context, String name, - int rrtype, int rrclass) throws UnboundException; - - /** - * Perform resolution and validation of the target name. - * <p> - * Asynchronous, after a while, the callback will be called with your data - * and the result. - * - * @param context context. If no thread or process has been created yet to - * perform the work in the background, it is created now. The - * context is finalized, and can no longer accept config changes. - * @param name domain name in text format (a string). - * @param rrtype type of RR in host order, 1 is A. - * @param rrclass class of RR in host order, 1 is IN (for internet). - * @param data this data is your own data (you can pass null), and is passed - * on to the callback function. - * @param cb this is called on completion of the resolution. - * @return an identifier number is returned for the query as it is in - * progress. It can be used to cancel the query. - * @throws UnboundException when an error occurred. - */ - public static native int resolveAsync(long context, String name, - int rrtype, int rrclass, Object data, UnboundCallback cb) - throws UnboundException; - - /** - * Cancel an async query in progress. Its callback will not be called. - * - * @param context context. - * @param asyncId which query to cancel. - * @throws UnboundException This routine can error if the async_id passed - * does not exist or has already been delivered. If another - * thread is processing results at the same time, the result may - * be delivered at the same time and the cancel fails with an - * error. Also the cancel can fail due to a system error, no - * memory or socket failures. - */ - public static native void cancelAsync(long context, int asyncId) - throws UnboundException; - - /** - * Convert error value to a human readable string. - * - * @param code error code from one of the Unbound functions. - * @return text string of the error code. - */ - public static native String errorCodeToString(int code); - - /** - * Wait for a context to finish with results. Call this routine to continue - * processing results from the validating resolver. After the wait, there - * are no more outstanding asynchronous queries. - * - * @param context context. - * @throws UnboundException when an error occurred. - */ - public static native void processAsync(long context) - throws UnboundException; - - /** - * Interface for the async resolve callback. - */ - public interface UnboundCallback - { - /** - * Called on completion of the async resolution. - * - * @param data the same object as passed to - * {@link UnboundApi#resolveAsync(long, String, int, int, - * Object, UnboundCallback)} - * @param err 0 when a result has been found, an Unbound error code - * otherwise - * @param result a newly allocated result structure. The result may be - * null, in that case err is set. - */ - public void UnboundResolveCallback(Object data, int err, - UnboundResult result); - } -} diff --git a/src/net/java/sip/communicator/impl/dns/UnboundException.java b/src/net/java/sip/communicator/impl/dns/UnboundException.java deleted file mode 100644 index a27a607..0000000 --- a/src/net/java/sip/communicator/impl/dns/UnboundException.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Jitsi, the OpenSource Java VoIP and Instant Messaging client. - * - * Copyright @ 2015 Atlassian Pty Ltd - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package net.java.sip.communicator.impl.dns; - -/** - * Exception that is being thrown when native Unbound code resulted in an error. - * - * @author Ingo Bauersachs - */ -public class UnboundException - extends Exception -{ - /** - * Serial version UID. - */ - private static final long serialVersionUID = 0L; - - /** - * Creates a new instance of this class. - * - * @param message the detail message. - */ - public UnboundException(String message) - { - super(message); - } -} diff --git a/src/net/java/sip/communicator/impl/dns/UnboundResolver.java b/src/net/java/sip/communicator/impl/dns/UnboundResolver.java deleted file mode 100644 index 3f3d8c9..0000000 --- a/src/net/java/sip/communicator/impl/dns/UnboundResolver.java +++ /dev/null @@ -1,410 +0,0 @@ -/* - * Jitsi, the OpenSource Java VoIP and Instant Messaging client. - * - * Copyright @ 2015 Atlassian Pty Ltd - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package net.java.sip.communicator.impl.dns; - -import java.io.*; -import java.net.*; -import java.util.*; -import java.util.concurrent.*; - -import net.java.sip.communicator.service.dns.*; -import net.java.sip.communicator.util.*; - -import org.xbill.DNS.*; - -/** - * Implementation of the {@link Resolver} interface, wrapping the native NLnet - * Labs Unbound resolver. Only the basic methods for queries are supported. - * - * @author Ingo Bauersachs - */ -public class UnboundResolver - implements CustomResolver -{ - private final static Logger logger = - Logger.getLogger(UnboundResolver.class); - - /** - * Helper class to synchronize on asynchronous queries. - */ - private static class CallbackData - { - /** - * The resolver consumer that wishes to be informed when the request - * completed. - */ - ResolverListener listener; - - /** - * The unbound session context. - */ - long context; - - /** - * The ID of the unbound async query. - */ - int asyncId; - - /** - * Java synchronization on top of unbound. - */ - CountDownLatch sync = new CountDownLatch(1); - } - - /** - * Timeout for DNS queries. - */ - private int timeout = 10000; - - /** - * The recursive DNS servers answering our queries. - */ - private String[] forwarders; - - /** - * DNSSEC trust anchors for signed zones (usually for the root zone). - */ - private List<String> trustAnchors = new LinkedList<String>(); - - /** - * Pool that executes our queries. - */ - private ExecutorService threadPool; - - /** - * Creates a new instance of this class. - */ - public UnboundResolver() - { - threadPool = Executors.newCachedThreadPool(); - } - - /** - * Sets a list of forwarders to use instead of the system default. - * - * @param forwarders list of servers to use for our queries. - */ - public void setForwarders(String[] forwarders) - { - this.forwarders = forwarders; - } - - /** - * Clears any existing trust anchors previously added. - */ - public void clearTrustAnchors() - { - trustAnchors.clear(); - } - - /** - * Adds a DNSSEC trust anchor validation of the DNSKEYs. - * - * @param anchor trust anchor in the form of - * "'zone' IN DS 'key tag' 'algorithm' 'digest type' 'digest'" - */ - public void addTrustAnchor(String anchor) - { - trustAnchors.add(anchor); - } - - /** - * {@inheritDoc} - */ - public SecureMessage send(final Message query) throws IOException - { - Future<SecureMessage> future = threadPool.submit( - new Callable<SecureMessage>() - { - public SecureMessage call() throws Exception - { - if(logger.isDebugEnabled()) - logger.debug(query); - - SecureMessage secureMessage = null; - final long context = prepareContext(); - try - { - UnboundResult result = UnboundApi.resolve( - context, - query.getQuestion().getName().toString(), - query.getQuestion().getType(), - query.getQuestion().getDClass() - ); - secureMessage = new SecureMessage(result); - validateMessage(secureMessage); - } - finally - { - UnboundApi.deleteContext(context); - if(logger.isDebugEnabled() && secureMessage != null) - logger.debug(secureMessage); - } - - return secureMessage; - } - }); - try - { - return future.get(timeout, TimeUnit.SECONDS); - } - catch (InterruptedException e) - { - logger.error(e); - throw new IOException(e.getMessage()); - } - catch (ExecutionException e) - { - if(e.getCause() instanceof DnssecRuntimeException) - throw new DnssecRuntimeException(e.getCause().getMessage()); - logger.error(e); - throw new IOException(e.getMessage()); - } - catch (TimeoutException e) - { - throw new SocketTimeoutException(e.getMessage()); - } - } - - /** - * Method to allow overriders to inspect the message. This class' - * implementation does nothing. - * - * @param msg The message to inspect. - * @throws DnssecRuntimeException if the inspector does not want the code to - * continue normal processing of the answer. - */ - protected void validateMessage(SecureMessage msg) - throws DnssecRuntimeException - { - } - - /** - * Prepares a unbound session context initialized with forwarders and trust - * anchors. - * - * @return The context id - */ - private long prepareContext() - { - final long context = UnboundApi.createContext(); - if(logger.isTraceEnabled()) - UnboundApi.setDebugLevel(context, 100); - for(String fwd : forwarders == null - ? ResolverConfig.getCurrentConfig().servers() - : forwarders) - { - fwd = fwd.trim(); - if(NetworkUtils.isValidIPAddress(fwd)) - { - if(fwd.startsWith("[")) - fwd = fwd.substring(1, fwd.length() - 1); - UnboundApi.setForwarder(context, fwd); - } - } - for(String anchor : trustAnchors) - { - UnboundApi.addTrustAnchor(context, anchor); - } - return context; - } - - /** - * Cleans up an Unbound session context. - * - * @param cbData The helper object of the asynchronous call. - * @param cancelAsync Whether an outstanding asynchronous unbound query - * should be canceled. - */ - private static synchronized void deleteContext(CallbackData cbData, - boolean cancelAsync) - { - if(cbData.context == 0) - return; - - if(cancelAsync) - { - try - { - UnboundApi.cancelAsync(cbData.context, cbData.asyncId); - } - catch (UnboundException ignore) - {} - } - UnboundApi.deleteContext(cbData.context); - cbData.context = 0; - } - - /* - * (non-Javadoc) - * - * @see org.xbill.DNS.Resolver#sendAsync(org.xbill.DNS.Message, - * org.xbill.DNS.ResolverListener) - */ - public CallbackData sendAsync(Message query, ResolverListener listener) - { - if(listener == null) - throw new IllegalArgumentException("listener cannot be null"); - - final long context = prepareContext(); - final CallbackData cbData = new CallbackData(); - cbData.listener = listener; - cbData.context = context; - int asyncId; - try - { - asyncId = UnboundApi.resolveAsync( - context, - query.getQuestion().getName().toString(), - query.getQuestion().getType(), - query.getQuestion().getDClass(), - cbData, - new UnboundApi.UnboundCallback() - { - public void UnboundResolveCallback(Object data, int err, - UnboundResult result) - { - CallbackData cbData = (CallbackData)data; - deleteContext(cbData, false); - - ResolverListener l = cbData.listener; - if(err == 0) - { - try - { - l.receiveMessage(data, - new SecureMessage(result)); - } - catch (IOException e) - { - l.handleException(data, e); - } - } - else - l.handleException(data, - new Exception( - UnboundApi.errorCodeToString(err))); - - cbData.sync.countDown(); - } - } - ); - } - catch (UnboundException e) - { - listener.handleException(null, e); - return null; - } - cbData.asyncId = asyncId; - threadPool.execute(new Runnable() - { - public void run() - { - try - { - UnboundApi.processAsync(context); - } - catch(UnboundException ex) - { - cbData.listener.handleException(this, ex); - deleteContext(cbData, false); - cbData.sync.countDown(); - } - } - }); - return cbData; - } - - /** - * Not supported. - * @throws UnsupportedOperationException - */ - public void setEDNS(int level) - { - throw new UnsupportedOperationException(); - } - - /** - * Not supported. - * @throws UnsupportedOperationException - */ - @SuppressWarnings("rawtypes") - public void setEDNS(int level, int payloadSize, int flags, List options) - { - throw new UnsupportedOperationException(); - } - - /** - * Not supported. - * @throws UnsupportedOperationException - */ - public void setIgnoreTruncation(boolean flag) - { - throw new UnsupportedOperationException(); - } - - /** - * Not supported. - * @throws UnsupportedOperationException - */ - public void setPort(int port) - { - throw new UnsupportedOperationException(); - } - - /** - * Not supported. - * @throws UnsupportedOperationException - */ - public void setTCP(boolean flag) - { - throw new UnsupportedOperationException(); - } - - /** - * Not supported. - * @throws UnsupportedOperationException - */ - public void setTSIGKey(TSIG key) - { - throw new UnsupportedOperationException(); - } - - /* (non-Javadoc) - * @see org.xbill.DNS.Resolver#setTimeout(int) - */ - public void setTimeout(int secs) - { - timeout = secs * 1000; - } - - /* (non-Javadoc) - * @see org.xbill.DNS.Resolver#setTimeout(int, int) - */ - public void setTimeout(int secs, int msecs) - { - timeout = secs * 1000 + msecs; - } - - /** - * Does nothing. - */ - public void reset() - { - } -} diff --git a/src/net/java/sip/communicator/impl/dns/UnboundResult.java b/src/net/java/sip/communicator/impl/dns/UnboundResult.java deleted file mode 100644 index ef5d1ec..0000000 --- a/src/net/java/sip/communicator/impl/dns/UnboundResult.java +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Jitsi, the OpenSource Java VoIP and Instant Messaging client. - * - * Copyright @ 2015 Atlassian Pty Ltd - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package net.java.sip.communicator.impl.dns; - -/** - * Class that contains the answer to query processed by the native Unbound - * resolver. Corresponds to the <a - * href="http://unbound.net/documentation/doxygen/structub__result.html" - * >ub_result</a> data structure. - * - * The fields {@link #data} and {@link #canonname} are not filled. - * <p> - * The JavaDoc of these fields is directly copied from libunbound, licensed as - * follows: - * <p> - * Copyright (c) 2007, NLnet Labs. All rights reserved. - * - * This software is open source. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * Neither the name of the NLNET LABS nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR - * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * @author Ingo Bauersachs - */ -public class UnboundResult -{ - /** - * The original question, name text string. - */ - String qname; - - /** - * the type asked for - */ - int qtype; - - /** - * the type asked for - */ - int qclass; - - - /** - * a list of network order DNS rdata items, terminated with a NULL pointer, - * so that data[0] is the first result entry, data[1] the second, and the - * last entry is NULL. - */ - byte[][] data; - - /** - * canonical name for the result (the final cname). - */ - String canonname; - - /** - * DNS RCODE for the result. - */ - int rcode; - - /** - * The DNS answer packet. - */ - byte[] answerPacket; - - - /** - * If there is any data, this is true. - */ - boolean haveData; - - /** - * If there was no data, and the domain did not exist, this is true. - */ - boolean nxDomain; - - /** - * True, if the result is validated securely. - */ - boolean secure; - - /** - * If the result was not secure ({@link #secure} == false), and this result - * is due to a security failure, bogus is true. - */ - boolean bogus; - - /** - * If the result is bogus this contains a string (zero terminated) that - * describes the failure. - */ - String whyBogus; -} |