Hi, I'm currently doing some work on XEP-0198, and I'm encountering different issues with the SMACK integration.
Today, I checked the order of events when logging in (for session resumption, this needs to be: STARTTLS, auth, compression, resume or bind).
While looking at the code, I found several issues:
- compression is negotiated after binding (compression restarts the <stream>, and therefore violates http://xmpp.org/rfcs/rfc6120.html#bind-rules-restart)
- there is no way to insert a callback between auth and binding
- binding is done in SASLAuthentication.bindResourceAndEstablishSession(), even though it does not have anything in common with authentication.
The latter (#3) is probably due to the fact that SMACK falls back to NonSASLAuthentication, which does both auth and binding in a single step.
Now, I would suggest the following refactorings:
- completely remove NonSASLAuthentication and all related code (http://xmpp.org/extensions/xep-0078.html is deprecated since 2008!)
- move the binding code to Connection or XMPPConnection/BOSHConnection, allowing for callbacks/filters (like compression and XEP-0198) to be inserted between auth and binding.
I am willing to provide patches for both, if they have a chance to land in the official repo.
P.S: I encounter many small and middle-scale issues (like typos) in the code, and I would be grateful if I could directly create issues in the tracker. So far, Florian (flowdalic) is doing a great job in helping me out, but bugging him with every single case is rather cumbersome.