InetAddress
* object. The result is in network byte order: the highest order
* byte of the address is in getAddress()[0].
*
* @return the raw IP address of this object.
* @throws java.net.UnknownHostException if IP address of host could not be determined.
*/
public byte[] getAddress() throws UnknownHostException;
/**
* Returns the IP address string in textual presentation.
*
* @return the raw IP address in a string format.
* @throws java.net.UnknownHostException if IP address of host could not be determined.
*/
public String getHostAddress() throws UnknownHostException;
/**
* Gets the host name for this IP address.
*
* If this InetAddress was created with a host name, * this host name will be remembered and returned; * otherwise, a reverse name lookup will be performed * and the result will be returned based on the system * configured name lookup service. If a lookup of the name service * is required, call * {@link java.net.InetAddress#getCanonicalHostName() getCanonicalHostName}. * *
If there is a security manager, its
* checkConnect method is first called
* with the hostname and -1
* as its arguments to see if the operation is allowed.
* If the operation is not allowed, it will return
* the textual representation of the IP address.
*
* @return the host name for this IP address, or if the operation
* is not allowed by the security check, the textual
* representation of the IP address.
* @throws java.net.UnknownHostException if IP address of host could not be determined.
*
* @see java.net.InetAddress#getCanonicalHostName
* @see SecurityManager#checkConnect
*/
public String getHostName() throws UnknownHostException;
/**
* Returns the local underlying {@link javax.security.cert.X509Certificate}
* chain for the connection.
*
* @return an ordered array of certificates, with the local certificate
* first followed by any certificate authorities. If no certificates
* is present for the connection, then null is returned.
*/
public Certificate[] getLocalCertificates();
/**
* Returns the underlying {@link javax.security.cert.X509Certificate} for
* the connection of the peer.
*
* @return an ordered array of peer certificates, with the peer's own
* certificate first followed by any certificate authorities.
*/
public Certificate[] getPeerCertificates();
/**
* Keeps track if the other peer of this session presented a self-signed certificate. When
* using self-signed certificate for server-2-server sessions then SASL EXTERNAL will not be
* used and instead server-dialback will be preferred for vcerifying the identify of the remote
* server.
*
* @param isSelfSigned true if the other peer presented a self-signed certificate.
*/
public void setUsingSelfSignedCertificate(boolean isSelfSigned);
/**
* Returns true if the other peer of this session presented a self-signed certificate. When
* using self-signed certificate for server-2-server sessions then SASL EXTERNAL will not be
* used and instead server-dialback will be preferred for vcerifying the identify of the remote
* server.
*
* @return true if the other peer of this session presented a self-signed certificate.
*/
public boolean isUsingSelfSignedCertificate();
/**
* Close this session including associated socket connection. The order of
* events for closing the session is:
*
socket.send(packet.getWriteBuffer()).
*
* @param packet the packet to deliver.
* @throws org.jivesoftware.openfire.auth.UnauthorizedException if a permission error was detected.
*/
public void deliver(Packet packet) throws UnauthorizedException;
/**
* Delivers raw text to this connection. This is a very low level way for sending
* XML stanzas to the client. This method should not be used unless you have very
* good reasons for not using {@link #deliver(org.xmpp.packet.Packet)}.
*
* This method avoids having to get the writer of this connection and mess directly
* with the writer. Therefore, this method ensures a correct delivery of the stanza
* even if other threads were sending data concurrently.
*
* @param text the XML stanzas represented kept in a String.
*/
public void deliverRawText(String text);
/**
* Returns true if the connected client is a flash client. Flash clients need
* to receive a special character (i.e. \0) at the end of each xml packet. Flash
* clients may send the character \0 in incoming packets and may start a connection
* using another openning tag such as: "flash:client".
*
* @return true if the connected client is a flash client.
*/
public boolean isFlashClient();
/**
* Sets whether the connected client is a flash client. Flash clients need to
* receive a special character (i.e. \0) at the end of each xml packet. Flash
* clients may send the character \0 in incoming packets and may start a
* connection using another openning tag such as: "flash:client".
*
* @param flashClient true if the if the connection is a flash client.
*/
public void setFlashClient(boolean flashClient);
/**
* Returns the major version of XMPP being used by this connection
* (major_version.minor_version. In most cases, the version should be
* "1.0". However, older clients using the "Jabber" protocol do not set a
* version. In that case, the version is "0.0".
*
* @return the major XMPP version being used by this connection.
*/
public int getMajorXMPPVersion();
/**
* Returns the minor version of XMPP being used by this connection
* (major_version.minor_version. In most cases, the version should be
* "1.0". However, older clients using the "Jabber" protocol do not set a
* version. In that case, the version is "0.0".
*
* @return the minor XMPP version being used by this connection.
*/
public int getMinorXMPPVersion();
/**
* Sets the XMPP version information. In most cases, the version should be "1.0".
* However, older clients using the "Jabber" protocol do not set a version. In that
* case, the version is "0.0".
*
* @param majorVersion the major version.
* @param minorVersion the minor version.
*/
public void setXMPPVersion(int majorVersion, int minorVersion);
/**
* Returns the language code that should be used for this connection
* (e.g. "en").
*
* @return the language code for the connection.
*/
public String getLanguage();
/**
* Sets the language code that should be used for this connection (e.g. "en").
*
* @param language the language code.
*/
public void setLanaguage(String language);
/**
* Returns true if the connection is using compression.
*
* @return true if the connection is using compression.
*/
boolean isCompressed();
/**
* Returns whether compression is optional or is disabled.
*
* @return whether compression is optional or is disabled.
*/
CompressionPolicy getCompressionPolicy();
/**
* Sets whether compression is enabled or is disabled.
*
* @param compressionPolicy whether Compression is enabled or is disabled.
*/
void setCompressionPolicy(CompressionPolicy compressionPolicy);
/**
* Returns whether TLS is mandatory, optional or is disabled. When TLS is mandatory clients
* are required to secure their connections or otherwise their connections will be closed.
* On the other hand, when TLS is disabled clients are not allowed to secure their connections
* using TLS. Their connections will be closed if they try to secure the connection. in this
* last case.
*
* @return whether TLS is mandatory, optional or is disabled.
*/
TLSPolicy getTlsPolicy();
/**
* Sets whether TLS is mandatory, optional or is disabled. When TLS is mandatory clients
* are required to secure their connections or otherwise their connections will be closed.
* On the other hand, when TLS is disabled clients are not allowed to secure their connections
* using TLS. Their connections will be closed if they try to secure the connection. in this
* last case.
*
* @param tlsPolicy whether TLS is mandatory, optional or is disabled.
*/
void setTlsPolicy(TLSPolicy tlsPolicy);
/**
* Returns the packet deliverer to use when delivering a packet over the socket fails. The
* packet deliverer will retry to send the packet using some other connection, will store
* the packet offline for later retrieval or will just drop it.
*
* @return the packet deliverer to use when delivering a packet over the socket fails.
*/
PacketDeliverer getPacketDeliverer();
/**
* Secures the plain connection by negotiating TLS with the other peer. In a server-2-server
* connection the server requesting the TLS negotiation will be the client and the other server
* will be the server during the TLS negotiation. Therefore, the server requesting the TLS
* negotiation must pass true in the clientMode parameter and the server
* receiving the TLS request must pass false in the clientMode parameter.
* Both servers should specify the xmpp domain of the other server in the remoteServer
* parameter.
*
* In the case of client-2-server the XMPP server must pass false in the
* clientMode parameter since it will behave as the server in the TLS negotiation. The
* remoteServer parameter will always be null.
*
* @param clientMode boolean indicating if this entity is a client or a server in the TLS negotiation.
* @param remoteServer xmpp domain of the remote server or null. When null a
* {@link org.jivesoftware.openfire.net.ClientTrustManager} will be used for verifying certificates
* otherwise a {@link org.jivesoftware.openfire.net.ServerTrustManager} will be used.
* @param authentication policy to use for authenticating the remote peer.
* @throws Exception if an error occured while securing the connection.
*/
void startTLS(boolean clientMode, String remoteServer, ClientAuth authentication) throws Exception;
/**
* Adds the compression filter to the connection but only filter incoming traffic. Do not filter
* outgoing traffic since we still need to send an uncompressed stanza to the client indicating
* that he can start compressing the traffic. After we sent the uncompresses stanza we can
* start compression outgoing traffic as well.
*/
void addCompression();
/**
* Start compressing outgoing traffic for this connection. Compression will only be available after
* TLS has been negotiated. This means that a connection can never be using compression before
* TLS. However, it is possible to use compression without TLS.
*/
void startCompression();
/**
* Enumeration of possible compression policies required to interact with the server.
*/
enum CompressionPolicy {
/**
* compression is optional to interact with the server.
*/
optional,
/**
* compression is not available. Entities that request a compression negotiation
* will get a stream error and their connections will be closed.
*/
disabled
}
/**
* Enumeration of possible TLS policies required to interact with the server.
*/
enum TLSPolicy {
/**
* TLS is required to interact with the server. Entities that do not secure their
* connections using TLS will get a stream error and their connections will be closed.
*/
required,
/**
* TLS is optional to interact with the server. Entities may or may not secure their
* connections using TLS.
*/
optional,
/**
* TLS is not available. Entities that request a TLS negotiation will get a stream
* error and their connections will be closed.
*/
disabled
}
/**
* Enumeration that specifies if clients should be authenticated (and how) while
* negotiating TLS.
*/
enum ClientAuth {
/**
* No authentication will be performed on the client. Client credentials will not
* be verified while negotiating TLS.
*/
disabled,
/**
* Clients will try to be authenticated. Unlike {@link #needed}, if the client
* chooses not to provide authentication information about itself, the TLS negotiations
* will stop and the connection will be dropped. This option is only useful for
* engines in the server mode.
*/
wanted,
/**
* Clients need to be authenticated. Unlike {@link #wanted}, if the client
* chooses not to provide authentication information about itself, the TLS negotiations
* will continue. This option is only useful for engines in the server mode.
*/
needed
}
}