/** * Method description * * @param packet * @param session * @param repo * @param results * @param settings */ @Override public void process( final Packet packet, final XMPPResourceConnection session, final NonAuthUserRepository repo, final Queue<Packet> results, final Map<String, Object> settings) { if (session == null) { return; } // end of if (session == null) if (packet.isElement("starttls", XMLNS)) { if (session.getSessionData(ID) != null) { // Somebody tries to activate multiple TLS layers. // This is possible and can even work but this can also be // a DOS attack. Blocking it now, unless someone requests he wants // to have multiple layers of TLS for his connection log.log( Level.WARNING, "Multiple TLS requests, possible DOS attack, closing connection: {0}", packet); results.offer(packet.swapFromTo(failure, null, null)); results.offer( Command.CLOSE.getPacket( packet.getTo(), packet.getFrom(), StanzaType.set, session.nextStanzaId())); return; } session.putSessionData(ID, "true"); Packet result = Command.STARTTLS.getPacket( packet.getTo(), packet.getFrom(), StanzaType.set, session.nextStanzaId(), Command.DataType.submit); Command.setData(result, proceed); results.offer(result); } else { log.log(Level.WARNING, "Unknown TLS element: {0}", packet); results.offer(packet.swapFromTo(failure, null, null)); results.offer( Command.CLOSE.getPacket( packet.getTo(), packet.getFrom(), StanzaType.set, session.nextStanzaId())); } // end of if (packet.getElement().getName().equals("starttls")) else }