diff options
author | Remko Tronçon <git@el-tramo.be> | 2011-05-18 13:45:41 (GMT) |
---|---|---|
committer | Remko Tronçon <git@el-tramo.be> | 2011-05-18 14:24:28 (GMT) |
commit | 23fa0f462ddd0c686c677bfe5d4d743621432b7e (patch) | |
tree | b8f0ea1860640f89eafba2460cc5d45bf28fc77c /Swiften/Client | |
parent | 2456a8b12163b3249b6b9164b601c36772eb05a1 (diff) | |
download | swift-contrib-23fa0f462ddd0c686c677bfe5d4d743621432b7e.zip swift-contrib-23fa0f462ddd0c686c677bfe5d4d743621432b7e.tar.bz2 |
Introduce safe containers for storing passwords.
Diffstat (limited to 'Swiften/Client')
-rw-r--r-- | Swiften/Client/Client.cpp | 2 | ||||
-rw-r--r-- | Swiften/Client/Client.h | 2 | ||||
-rw-r--r-- | Swiften/Client/ClientSession.cpp | 9 | ||||
-rw-r--r-- | Swiften/Client/ClientSession.h | 3 | ||||
-rw-r--r-- | Swiften/Client/CoreClient.cpp | 4 | ||||
-rw-r--r-- | Swiften/Client/CoreClient.h | 6 | ||||
-rw-r--r-- | Swiften/Client/UnitTest/ClientSessionTest.cpp | 1 |
7 files changed, 17 insertions, 10 deletions
diff --git a/Swiften/Client/Client.cpp b/Swiften/Client/Client.cpp index 13071ac..c53bcaf 100644 --- a/Swiften/Client/Client.cpp +++ b/Swiften/Client/Client.cpp @@ -29,7 +29,7 @@ namespace Swift { -Client::Client(const JID& jid, const std::string& password, NetworkFactories* networkFactories, Storages* storages) : CoreClient(jid, password, networkFactories), storages(storages) { +Client::Client(const JID& jid, const SafeString& password, NetworkFactories* networkFactories, Storages* storages) : CoreClient(jid, password, networkFactories), storages(storages) { memoryStorages = new MemoryStorages(); softwareVersionResponder = new SoftwareVersionResponder(getIQRouter()); diff --git a/Swiften/Client/Client.h b/Swiften/Client/Client.h index 05c1e6e..bee9d5c 100644 --- a/Swiften/Client/Client.h +++ b/Swiften/Client/Client.h @@ -47,7 +47,7 @@ namespace Swift { * this is NULL, * all data will be stored in memory (and be lost on shutdown) */ - Client(const JID& jid, const std::string& password, NetworkFactories* networkFactories, Storages* storages = NULL); + Client(const JID& jid, const SafeString& password, NetworkFactories* networkFactories, Storages* storages = NULL); ~Client(); diff --git a/Swiften/Client/ClientSession.cpp b/Swiften/Client/ClientSession.cpp index 846a5e7..57d9c12 100644 --- a/Swiften/Client/ClientSession.cpp +++ b/Swiften/Client/ClientSession.cpp @@ -12,6 +12,7 @@ #include <boost/uuid/uuid_generators.hpp> #include <boost/smart_ptr/make_shared.hpp> +#include <Swiften/Base/SafeString.h> #include <Swiften/Elements/ProtocolHeader.h> #include <Swiften/Elements/StreamFeatures.h> #include <Swiften/Elements/StreamError.h> @@ -185,7 +186,7 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) { if (stream->hasTLSCertificate()) { if (streamFeatures->hasAuthenticationMechanism("EXTERNAL")) { state = Authenticating; - stream->writeElement(boost::make_shared<AuthRequest>("EXTERNAL", createByteArray(""))); + stream->writeElement(boost::make_shared<AuthRequest>("EXTERNAL", createSafeByteArray(""))); } else { finishSession(Error::TLSClientCertificateError); @@ -193,7 +194,7 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) { } else if (streamFeatures->hasAuthenticationMechanism("EXTERNAL")) { state = Authenticating; - stream->writeElement(boost::make_shared<AuthRequest>("EXTERNAL", createByteArray(""))); + stream->writeElement(boost::make_shared<AuthRequest>("EXTERNAL", createSafeByteArray(""))); } else if (streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1") || streamFeatures->hasAuthenticationMechanism("SCRAM-SHA-1-PLUS")) { std::ostringstream s; @@ -275,6 +276,8 @@ void ClientSession::handleElement(boost::shared_ptr<Element> element) { else if (AuthSuccess* authSuccess = dynamic_cast<AuthSuccess*>(element.get())) { checkState(Authenticating); if (authenticator && !authenticator->setChallenge(authSuccess->getValue())) { + delete authenticator; + authenticator = NULL; finishSession(Error::ServerVerificationFailedError); } else { @@ -336,7 +339,7 @@ bool ClientSession::checkState(State state) { return true; } -void ClientSession::sendCredentials(const std::string& password) { +void ClientSession::sendCredentials(const SafeString& password) { assert(WaitingForCredentials); state = Authenticating; authenticator->setCredentials(localJID.getNode(), password); diff --git a/Swiften/Client/ClientSession.h b/Swiften/Client/ClientSession.h index 9022b16..246388a 100644 --- a/Swiften/Client/ClientSession.h +++ b/Swiften/Client/ClientSession.h @@ -21,6 +21,7 @@ namespace Swift { class ClientAuthenticator; class CertificateTrustChecker; + class SafeString; class ClientSession : public boost::enable_shared_from_this<ClientSession> { public: @@ -104,7 +105,7 @@ namespace Swift { return getState() == Finished; } - void sendCredentials(const std::string& password); + void sendCredentials(const SafeString& password); void sendStanza(boost::shared_ptr<Stanza>); void setCertificateTrustChecker(CertificateTrustChecker* checker) { diff --git a/Swiften/Client/CoreClient.cpp b/Swiften/Client/CoreClient.cpp index a17696f..9521bd9 100644 --- a/Swiften/Client/CoreClient.cpp +++ b/Swiften/Client/CoreClient.cpp @@ -27,7 +27,7 @@ namespace Swift { -CoreClient::CoreClient(const JID& jid, const std::string& password, NetworkFactories* networkFactories) : jid_(jid), password_(password), networkFactories(networkFactories), disconnectRequested_(false), certificateTrustChecker(NULL) { +CoreClient::CoreClient(const JID& jid, const SafeString& password, NetworkFactories* networkFactories) : jid_(jid), password_(password), networkFactories(networkFactories), disconnectRequested_(false), certificateTrustChecker(NULL) { stanzaChannel_ = new ClientSessionStanzaChannel(); stanzaChannel_->onMessageReceived.connect(boost::bind(&CoreClient::handleMessageReceived, this, _1)); stanzaChannel_->onPresenceReceived.connect(boost::bind(&CoreClient::handlePresenceReceived, this, _1)); @@ -97,7 +97,7 @@ void CoreClient::handleConnectorFinished(boost::shared_ptr<Connection> connectio assert(!sessionStream_); sessionStream_ = boost::make_shared<BasicSessionStream>(ClientStreamType, connection_, getPayloadParserFactories(), getPayloadSerializers(), tlsFactories->getTLSContextFactory(), networkFactories->getTimerFactory()); if (!certificate_.empty()) { - sessionStream_->setTLSCertificate(PKCS12Certificate(certificate_, password_)); + sessionStream_->setTLSCertificate(PKCS12Certificate(certificate_, password_.toString())); } sessionStream_->onDataRead.connect(boost::bind(&CoreClient::handleDataRead, this, _1)); sessionStream_->onDataWritten.connect(boost::bind(&CoreClient::handleDataWritten, this, _1)); diff --git a/Swiften/Client/CoreClient.h b/Swiften/Client/CoreClient.h index 7c46fe7..6dc8392 100644 --- a/Swiften/Client/CoreClient.h +++ b/Swiften/Client/CoreClient.h @@ -14,6 +14,7 @@ #include <Swiften/JID/JID.h> #include <Swiften/Client/ClientError.h> #include <Swiften/Client/ClientOptions.h> +#include <Swiften/Base/SafeString.h> namespace Swift { class ChainedConnector; @@ -33,6 +34,7 @@ namespace Swift { class CertificateTrustChecker; class NetworkFactories; class ClientSessionStanzaChannel; + class SafeString; /** * The central class for communicating with an XMPP server. @@ -50,7 +52,7 @@ namespace Swift { * Constructs a client for the given JID with the given password. * The given eventLoop will be used to post events to. */ - CoreClient(const JID& jid, const std::string& password, NetworkFactories* networkFactories); + CoreClient(const JID& jid, const SafeString& password, NetworkFactories* networkFactories); ~CoreClient(); void setCertificate(const std::string& certificate); @@ -200,7 +202,7 @@ namespace Swift { private: JID jid_; - std::string password_; + SafeString password_; NetworkFactories* networkFactories; ClientSessionStanzaChannel* stanzaChannel_; IQRouter* iqRouter_; diff --git a/Swiften/Client/UnitTest/ClientSessionTest.cpp b/Swiften/Client/UnitTest/ClientSessionTest.cpp index 25476c0..6918be8 100644 --- a/Swiften/Client/UnitTest/ClientSessionTest.cpp +++ b/Swiften/Client/UnitTest/ClientSessionTest.cpp @@ -11,6 +11,7 @@ #include <boost/optional.hpp> #include <boost/smart_ptr/make_shared.hpp> +#include <Swiften/Base/SafeString.h> #include <Swiften/Session/SessionStream.h> #include <Swiften/Client/ClientSession.h> #include <Swiften/Elements/Message.h> |