Swiftdiff options
| author | Edwin Mons <edwin.mons@isode.com> | 2019-11-19 13:36:05 (GMT) |
|---|---|---|
| committer | Edwin Mons <edwin.mons@isode.com> | 2019-11-19 13:58:45 (GMT) |
| commit | 261ba8d8595ed8cb90f9c4feb1d6ef642942bcba (patch) | |
| tree | c7e60d473509db8c4dbff5aa83fbde963d8dd75e /Swiften/TLS | |
| parent | 697ae6ae84512a744958b24118197ec7bfdbc1f0 (diff) | |
| download | swift-261ba8d8595ed8cb90f9c4feb1d6ef642942bcba.zip swift-261ba8d8595ed8cb90f9c4feb1d6ef642942bcba.tar.bz2 | |
Remove std::endl from SWIFT_LOG calls
The std::endl is now added by ~Log, but only for output to stderr or a
log file. Calls to the Android logging system or manually set callbacks
will not include the newline in the logging output.
JIRA: SWIFT-430
Test-Information:
Unit tests pass on Debian 9
Checked that running Swift with logging to stderr still had a newline.
Change-Id: I096fdba78a3b8f87db2097951c28c528592183e8
Diffstat (limited to 'Swiften/TLS')
| -rw-r--r-- | Swiften/TLS/CAPICertificate.cpp | 26 | ||||
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp | 4 | ||||
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.cpp | 24 | ||||
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp | 4 | ||||
| -rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.cpp | 12 | ||||
| -rw-r--r-- | Swiften/TLS/SecureTransport/SecureTransportContext.mm | 68 | ||||
| -rw-r--r-- | Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp | 4 |
7 files changed, 71 insertions, 71 deletions
diff --git a/Swiften/TLS/CAPICertificate.cpp b/Swiften/TLS/CAPICertificate.cpp index f10ad47..526b535 100644 --- a/Swiften/TLS/CAPICertificate.cpp +++ b/Swiften/TLS/CAPICertificate.cpp @@ -1,8 +1,8 @@ /* - * Copyright (c) 2012-2016 Isode Limited. + * Copyright (c) 2012-2019 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #pragma once @@ -19,13 +19,13 @@ // Size of the SHA1 hash #define SHA1_HASH_LEN 20 #define DEBUG_SCARD_STATUS(function, status) \ { \ std::shared_ptr<boost::system::error_code> errorCode = std::make_shared<boost::system::error_code>(status, boost::system::system_category()); \ - SWIFT_LOG(debug) << std::hex << function << ": status: 0x" << status << ": " << errorCode->message() << std::endl; \ + SWIFT_LOG(debug) << std::hex << function << ": status: 0x" << status << ": " << errorCode->message(); \ } namespace Swift { CAPICertificate::CAPICertificate(const std::string& capiUri, TimerFactory* timerFactory) : valid_(false), @@ -41,22 +41,22 @@ CAPICertificate::CAPICertificate(const std::string& capiUri, TimerFactory* timer assert(timerFactory_); setUri(capiUri); } CAPICertificate::~CAPICertificate() { - SWIFT_LOG(debug) << "Destroying the CAPICertificate" << std::endl; + SWIFT_LOG(debug) << "Destroying the CAPICertificate"; if (smartCardTimer_) { smartCardTimer_->stop(); smartCardTimer_->onTick.disconnect(boost::bind(&CAPICertificate::handleSmartCardTimerTick, this)); smartCardTimer_.reset(); } if (certStoreHandle_) { if (CertCloseStore(certStoreHandle_, 0) == FALSE) { - SWIFT_LOG(debug) << "Failed to close the certificate store handle" << std::endl; + SWIFT_LOG(debug) << "Failed to close the certificate store handle"; } } if (cardHandle_) { LONG result = SCardDisconnect(cardHandle_, SCARD_LEAVE_CARD); DEBUG_SCARD_STATUS("SCardDisconnect", result); @@ -158,13 +158,13 @@ void CAPICertificate::setUri(const std::string& capiUri) { DWORD len; if (!CertGetCertificateContextProperty(certContext, CERT_KEY_PROV_INFO_PROP_ID, NULL, &len)) { - SWIFT_LOG(error) << "Error while retrieving context properties" << std::endl; + SWIFT_LOG(error) << "Error while retrieving context properties"; return; } std::shared_ptr<CRYPT_KEY_PROV_INFO> pinfo(static_cast<CRYPT_KEY_PROV_INFO *>(malloc(len)), free); if (!pinfo) { return; @@ -284,31 +284,31 @@ bool CAPICertificate::checkIfSmartCardPresent() { if (!smartCardReaderName_.empty()) { DWORD dwState; smartcard_check_status(scardContext_, smartCardReaderName_.c_str(), cardHandle_, &cardHandle_, &dwState); switch (dwState) { case SCARD_ABSENT: - SWIFT_LOG(debug) << "Card absent." << std::endl; + SWIFT_LOG(debug) << "Card absent."; break; case SCARD_PRESENT: - SWIFT_LOG(debug) << "Card present." << std::endl; + SWIFT_LOG(debug) << "Card present."; break; case SCARD_SWALLOWED: - SWIFT_LOG(debug) << "Card swallowed." << std::endl; + SWIFT_LOG(debug) << "Card swallowed."; break; case SCARD_POWERED: - SWIFT_LOG(debug) << "Card has power." << std::endl; + SWIFT_LOG(debug) << "Card has power."; break; case SCARD_NEGOTIABLE: - SWIFT_LOG(debug) << "Card reset and waiting PTS negotiation." << std::endl; + SWIFT_LOG(debug) << "Card reset and waiting PTS negotiation."; break; case SCARD_SPECIFIC: - SWIFT_LOG(debug) << "Card has specific communication protocols set." << std::endl; + SWIFT_LOG(debug) << "Card has specific communication protocols set."; break; default: - SWIFT_LOG(debug) << "Unknown or unexpected card state." << std::endl; + SWIFT_LOG(debug) << "Unknown or unexpected card state."; break; } switch (dwState) { case SCARD_ABSENT: return false; @@ -329,13 +329,13 @@ bool CAPICertificate::checkIfSmartCardPresent() { } } void CAPICertificate::handleSmartCardTimerTick() { bool poll = checkIfSmartCardPresent(); if (lastPollingResult_ && !poll) { - SWIFT_LOG(debug) << "CAPI Certificate detected that the certificate card was removed" << std::endl; + SWIFT_LOG(debug) << "CAPI Certificate detected that the certificate card was removed"; onCertificateCardRemoved(); } lastPollingResult_ = poll; smartCardTimer_->start(); } diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp index 16b0b2b..66b650d 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp @@ -1,8 +1,8 @@ /* - * Copyright (c) 2010-2016 Isode Limited. + * Copyright (c) 2010-2019 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <Swiften/TLS/OpenSSL/OpenSSLCertificate.h> @@ -29,13 +29,13 @@ OpenSSLCertificate::OpenSSLCertificate(const ByteArray& der) { unsigned char* p = const_cast<unsigned char*>(vecptr(der)); #else const unsigned char* p = vecptr(der); #endif cert = std::shared_ptr<X509>(d2i_X509(nullptr, &p, der.size()), X509_free); if (!cert) { -// SWIFT_LOG(warning) << "Error creating certificate from DER data" << std::endl; +// SWIFT_LOG(warning) << "Error creating certificate from DER data"; } parse(); } void OpenSSLCertificate::incrementReferenceCount() const { #if OPENSSL_VERSION_NUMBER >= 0x10100000L diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index a183a75..86b0504 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp @@ -204,13 +204,13 @@ static int certVerifyCallback(X509_STORE_CTX* store_ctx, void* arg) // This callback shouldn't have been set up if the context doesn't // have a verifyCertCallback set, but it doesn't hurt to double check std::function<int (const TLSContext *)> cb = context->getVerifyCertCallback(); if (cb != nullptr) { ret = cb(static_cast<const OpenSSLContext*>(context)); } else { - SWIFT_LOG(debug) << "certVerifyCallback called but context.verifyCertCallback is unset" << std::endl; + SWIFT_LOG(debug) << "certVerifyCallback called but context.verifyCertCallback is unset"; ret = 0; } context->setX509StoreContext(nullptr); return ret; } @@ -247,18 +247,18 @@ static int verifyCallback(int preverifyOk, X509_STORE_CTX* ctx) int err = X509_STORE_CTX_get_error(ctx); int depth = X509_STORE_CTX_get_error_depth(ctx); SSL* ssl = static_cast<SSL*>(X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx())); SSL_CTX* sslctx = ssl ? SSL_get_SSL_CTX(ssl) : nullptr; if (!sslctx) { - SWIFT_LOG(debug) << "verifyCallback: internal error" << std::endl; + SWIFT_LOG(debug) << "verifyCallback: internal error"; return preverifyOk; } if (SSL_CTX_get_verify_mode(sslctx) == SSL_VERIFY_NONE) { - SWIFT_LOG(debug) << "verifyCallback: no verification required" << std::endl; + SWIFT_LOG(debug) << "verifyCallback: no verification required"; // No verification requested return 1; } X509* errCert = X509_STORE_CTX_get_current_cert(ctx); std::string subjectString; @@ -285,16 +285,16 @@ static int verifyCallback(int preverifyOk, X509_STORE_CTX* ctx) if (errCert) { X509_NAME* issuerName = X509_get_issuer_name(errCert); issuerString = X509_NAME_to_text(issuerName); } SWIFT_LOG(debug) << "verifyCallback: verification error " << X509_verify_cert_error_string(err) << " depth: " << - depth << " issuer: " << ((issuerString.length() > 0) ? issuerString : "<unknown>") << std::endl; + depth << " issuer: " << ((issuerString.length() > 0) ? issuerString : "<unknown>"); } else { SWIFT_LOG(debug) << "verifyCallback: SSL depth: " << depth << " Subject: " << - ((subjectString.length() > 0) ? subjectString : "<>") << std::endl; + ((subjectString.length() > 0) ? subjectString : "<>"); } // Always return "OK", as check on verification status // will be performed once TLS handshake has completed, // by calling OpenSSLContext::getVerificationErrorTypeForResult() to // get the value set via X509_STORE_CTX_set_error() above. return 1; @@ -302,37 +302,37 @@ static int verifyCallback(int preverifyOk, X509_STORE_CTX* ctx) bool OpenSSLContext::configure(const TLSOptions &options) { if (options.cipherSuites) { std::string cipherSuites = *(options.cipherSuites); if (SSL_CTX_set_cipher_list(context_.get(), cipherSuites.c_str()) != 1 ) { - SWIFT_LOG(debug) << "Failed to set cipher-suites" << std::endl; + SWIFT_LOG(debug) << "Failed to set cipher-suites"; return false; } } if (options.context) { const auto& contextId = *options.context; if (SSL_CTX_set_session_id_context(context_.get(), reinterpret_cast<const unsigned char *>(contextId.c_str()), contextId.length()) != 1) { - SWIFT_LOG(debug) << "Failed to set context-id" << std::endl; + SWIFT_LOG(debug) << "Failed to set context-id"; return false; } } if (options.sessionCacheTimeout) { int scto = *options.sessionCacheTimeout; if (scto <= 0) { - SWIFT_LOG(debug) << "Invalid value for session-cache-timeout" << std::endl; + SWIFT_LOG(debug) << "Invalid value for session-cache-timeout"; return false; } (void)SSL_CTX_set_timeout(context_.get(), scto); if (SSL_CTX_get_timeout(context_.get()) != scto) { - SWIFT_LOG(debug) << "Failed to set session-cache-timeout" << std::endl; + SWIFT_LOG(debug) << "Failed to set session-cache-timeout"; return false; } } if (options.verifyCertificateCallback) { verifyCertCallback = *options.verifyCertificateCallback; @@ -368,13 +368,13 @@ bool OpenSSLContext::configure(const TLSOptions &options) } } if (options.verifyDepth) { int depth = *options.verifyDepth; if (depth <= 0) { - SWIFT_LOG(debug) << "Invalid value for verify-depth" << std::endl; + SWIFT_LOG(debug) << "Invalid value for verify-depth"; return false; } // Increase depth limit by one, so that verifyCallback() will log it SSL_CTX_set_verify_depth(context_.get(), depth + 1); } @@ -590,13 +590,13 @@ void OpenSSLContext::sendPendingDataToApplication() { onError(std::make_shared<TLSError>(TLSError::UnknownError, openSSLInternalErrorToString())); } } bool OpenSSLContext::setCertificateChain(const std::vector<std::shared_ptr<Certificate>>& certificateChain) { if (certificateChain.size() == 0) { - SWIFT_LOG(debug) << "Trying to load empty certificate chain." << std::endl; + SWIFT_LOG(debug) << "Trying to load empty certificate chain."; return false; } // load endpoint certificate auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificateChain[0].get()); if (!openSSLCert) { @@ -613,13 +613,13 @@ bool OpenSSLContext::setCertificateChain(const std::vector<std::shared_ptr<Certi auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificate->get()); if (!openSSLCert) { return false; } if (SSL_CTX_add_extra_chain_cert(context_.get(), openSSLCert->getInternalX509().get()) != 1) { - SWIFT_LOG(debug) << "Trying to load empty certificate chain." << std::endl; + SWIFT_LOG(debug) << "Trying to load empty certificate chain."; return false; } // Have to manually increment reference count as SSL_CTX_add_extra_chain_cert does not do so openSSLCert->incrementReferenceCount(); } } diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp index 12445fd..e332ca8 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp @@ -44,20 +44,20 @@ ByteArray OpenSSLContextFactory::convertDHParametersFromPEMToDER(const std::stri } return dhParametersInDER; } void OpenSSLContextFactory::setCheckCertificateRevocation(bool check) { if (check) { - SWIFT_LOG(warning) << "CRL Checking not supported for OpenSSL" << std::endl; + SWIFT_LOG(warning) << "CRL Checking not supported for OpenSSL"; assert(false); } } void OpenSSLContextFactory::setDisconnectOnCardRemoval(bool check) { if (check) { - SWIFT_LOG(warning) << "Smart cards not supported for OpenSSL" << std::endl; + SWIFT_LOG(warning) << "Smart cards not supported for OpenSSL"; } } } diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp index c07d009..722fb4a 100644 --- a/Swiften/TLS/Schannel/SchannelContext.cpp +++ b/Swiften/TLS/Schannel/SchannelContext.cpp @@ -2,13 +2,13 @@ * Copyright (c) 2011 Soren Dreijer * Licensed under the simplified BSD license. * See Documentation/Licenses/BSD-simplified.txt for more information. */ /* - * Copyright (c) 2012-2016 Isode Limited. + * Copyright (c) 2012-2019 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <Swiften/TLS/Schannel/SchannelContext.h> @@ -37,25 +37,25 @@ SchannelContext::SchannelContext(bool tls1_0Workaround) : state_(Start), secCont ZeroMemory(&streamSizes_, sizeof(streamSizes_)); } //------------------------------------------------------------------------ SchannelContext::~SchannelContext() { - SWIFT_LOG(debug) << "Destroying SchannelContext" << std::endl; + SWIFT_LOG(debug) << "Destroying SchannelContext"; if (myCertStore_) { if (CertCloseStore(myCertStore_, 0) == FALSE) { - SWIFT_LOG(debug) << "Failed to close the certificate store" << std::endl; + SWIFT_LOG(debug) << "Failed to close the certificate store"; } } } //------------------------------------------------------------------------ void SchannelContext::determineStreamSizes() { if (QueryContextAttributes(contextHandle_, SECPKG_ATTR_STREAM_SIZES, &streamSizes_) != SEC_E_OK) { - SWIFT_LOG(debug) << "QueryContextAttributes failed to determinate the stream size" << std::endl; + SWIFT_LOG(debug) << "QueryContextAttributes failed to determinate the stream size"; } } //------------------------------------------------------------------------ void SchannelContext::connect() { @@ -650,13 +650,13 @@ std::vector<Certificate::ref> SchannelContext::getPeerCertificateChain() const { ScopedCertContext pServerCert; ScopedCertContext pIssuerCert; ScopedCertContext pCurrentCert; SECURITY_STATUS status = QueryContextAttributes(contextHandle_, SECPKG_ATTR_REMOTE_CERT_CONTEXT, pServerCert.Reset()); if (status != SEC_E_OK) { - SWIFT_LOG(debug) << "Error while Querying the Certificate Chain" << std::endl; + SWIFT_LOG(debug) << "Error while Querying the Certificate Chain"; return certificateChain; } certificateChain.push_back(std::make_shared<SchannelCertificate>(pServerCert)); pCurrentCert = pServerCert; while(pCurrentCert.GetPointer()) { @@ -685,13 +685,13 @@ ByteArray SchannelContext::getFinishMessage() const { SecPkgContext_Bindings bindings; int ret = QueryContextAttributes(contextHandle_, SECPKG_ATTR_UNIQUE_BINDINGS, &bindings); if (ret == SEC_E_OK) { return createByteArray(((unsigned char*) bindings.Bindings) + bindings.Bindings->dwApplicationDataOffset + 11 /* tls-unique:*/, bindings.Bindings->cbApplicationDataLength - 11); } else { - SWIFT_LOG(debug) << "Error while retrieving Finish Message" << std::endl; + SWIFT_LOG(debug) << "Error while retrieving Finish Message"; } return ByteArray(); } //------------------------------------------------------------------------ diff --git a/Swiften/TLS/SecureTransport/SecureTransportContext.mm b/Swiften/TLS/SecureTransport/SecureTransportContext.mm index 25f476f..b4f7842 100644 --- a/Swiften/TLS/SecureTransport/SecureTransportContext.mm +++ b/Swiften/TLS/SecureTransport/SecureTransportContext.mm @@ -1,8 +1,8 @@ /* - * Copyright (c) 2015-2016 Isode Limited. + * Copyright (c) 2015-2019 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <Swiften/TLS/SecureTransport/SecureTransportContext.h> @@ -69,20 +69,20 @@ CFArrayRef CreateClientCertificateChainAsCFArrayRef(CertificateWithKey::ref key) switch(securityError) { case errSecSuccess: break; case errSecAuthFailed: // Password did not work for decoding the certificate. - SWIFT_LOG(warning) << "Invalid password." << std::endl; + SWIFT_LOG(warning) << "Invalid password."; break; case errSecDecode: // Other decoding error. - SWIFT_LOG(warning) << "PKCS12 decoding error." << std::endl; + SWIFT_LOG(warning) << "PKCS12 decoding error."; break; default: - SWIFT_LOG(warning) << "Unknown error." << std::endl; + SWIFT_LOG(warning) << "Unknown error."; } if (securityError != errSecSuccess) { if (items) { CFRelease(items); items = nullptr; @@ -107,26 +107,26 @@ SecureTransportContext::SecureTransportContext(bool checkCertificateRevocation) sslContext_ = std::shared_ptr<SSLContext>(SSLCreateContext(nullptr, kSSLClientSide, kSSLStreamType), CFRelease); OSStatus error = noErr; // set IO callbacks error = SSLSetIOFuncs(sslContext_.get(), &SecureTransportContext::SSLSocketReadCallback, &SecureTransportContext::SSLSocketWriteCallback); if (error != noErr) { - SWIFT_LOG(error) << "Unable to set IO functions to SSL context." << std::endl; + SWIFT_LOG(error) << "Unable to set IO functions to SSL context."; sslContext_.reset(); } error = SSLSetConnection(sslContext_.get(), this); if (error != noErr) { - SWIFT_LOG(error) << "Unable to set connection to SSL context." << std::endl; + SWIFT_LOG(error) << "Unable to set connection to SSL context."; sslContext_.reset(); } error = SSLSetSessionOption(sslContext_.get(), kSSLSessionOptionBreakOnServerAuth, true); if (error != noErr) { - SWIFT_LOG(error) << "Unable to set kSSLSessionOptionBreakOnServerAuth on session." << std::endl; + SWIFT_LOG(error) << "Unable to set kSSLSessionOptionBreakOnServerAuth on session."; sslContext_.reset(); } } SecureTransportContext::~SecureTransportContext() { if (sslContext_) { @@ -151,49 +151,49 @@ std::string SecureTransportContext::stateToString(State state) { break; } return returnValue; } void SecureTransportContext::setState(State newState) { - SWIFT_LOG(debug) << "Switch state from " << stateToString(state_) << " to " << stateToString(newState) << "." << std::endl; + SWIFT_LOG(debug) << "Switch state from " << stateToString(state_) << " to " << stateToString(newState) << "."; state_ = newState; } void SecureTransportContext::connect() { - SWIFT_LOG_ASSERT(state_ == None, error) << "current state '" << stateToString(state_) << " invalid." << std::endl; + SWIFT_LOG_ASSERT(state_ == None, error) << "current state '" << stateToString(state_) << " invalid."; if (clientCertificate_) { CFArrayRef certs = CreateClientCertificateChainAsCFArrayRef(clientCertificate_); if (certs) { std::shared_ptr<CFArray> certRefs(certs, CFRelease); OSStatus result = SSLSetCertificate(sslContext_.get(), certRefs.get()); if (result != noErr) { - SWIFT_LOG(error) << "SSLSetCertificate failed with error " << result << "." << std::endl; + SWIFT_LOG(error) << "SSLSetCertificate failed with error " << result << "."; } } } processHandshake(); } void SecureTransportContext::processHandshake() { - SWIFT_LOG_ASSERT(state_ == None || state_ == Handshake, error) << "current state '" << stateToString(state_) << " invalid." << std::endl; + SWIFT_LOG_ASSERT(state_ == None || state_ == Handshake, error) << "current state '" << stateToString(state_) << " invalid."; OSStatus error = SSLHandshake(sslContext_.get()); if (error == errSSLWouldBlock) { setState(Handshake); } else if (error == noErr) { - SWIFT_LOG(debug) << "TLS handshake successful." << std::endl; + SWIFT_LOG(debug) << "TLS handshake successful."; setState(HandshakeDone); onConnected(); } else if (error == errSSLPeerAuthCompleted) { - SWIFT_LOG(debug) << "Received server certificate. Start verification." << std::endl; + SWIFT_LOG(debug) << "Received server certificate. Start verification."; setState(Handshake); verifyServerCertificate(); } else { - SWIFT_LOG(debug) << "Error returned from SSLHandshake call is " << error << "." << std::endl; + SWIFT_LOG(debug) << "Error returned from SSLHandshake call is " << error << "."; fatalError(nativeToTLSError(error), std::make_shared<CertificateVerificationError>()); } } #pragma clang diagnostic push @@ -223,19 +223,19 @@ void SecureTransportContext::verifyServerCertificate() { return; } OSStatus cssmResult = 0; switch(trustResult) { case kSecTrustResultUnspecified: - SWIFT_LOG(warning) << "Successful implicit validation. Result unspecified." << std::endl; + SWIFT_LOG(warning) << "Successful implicit validation. Result unspecified."; break; case kSecTrustResultProceed: - SWIFT_LOG(warning) << "Validation resulted in explicitly trusted." << std::endl; + SWIFT_LOG(warning) << "Validation resulted in explicitly trusted."; break; case kSecTrustResultRecoverableTrustFailure: - SWIFT_LOG(warning) << "recoverable trust failure" << std::endl; + SWIFT_LOG(warning) << "recoverable trust failure"; error = SecTrustGetCssmResultCode(trust, &cssmResult); if (error == errSecSuccess) { verificationError_ = CSSMErrorToVerificationError(cssmResult); if (cssmResult == CSSMERR_TP_VERIFY_ACTION_FAILED || cssmResult == CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK ) { // Find out the reason why the verification failed. CFArrayRef certChain; @@ -301,14 +301,14 @@ bool SecureTransportContext::setClientCertificate(CertificateWithKey::ref cert) else { return false; } } void SecureTransportContext::handleDataFromNetwork(const SafeByteArray& data) { - SWIFT_LOG(debug) << std::endl; - SWIFT_LOG_ASSERT(state_ == HandshakeDone || state_ == Handshake, error) << "current state '" << stateToString(state_) << " invalid." << std::endl; + SWIFT_LOG(debug); + SWIFT_LOG_ASSERT(state_ == HandshakeDone || state_ == Handshake, error) << "current state '" << stateToString(state_) << " invalid."; append(readingBuffer_, data); size_t bytesRead = 0; OSStatus error = noErr; SafeByteArray applicationData; @@ -329,13 +329,13 @@ void SecureTransportContext::handleDataFromNetwork(const SafeByteArray& data) { } else if (error == errSSLWouldBlock) { // Secure Transport does not want more data. break; } else { - SWIFT_LOG(error) << "SSLRead failed with error " << error << ", read bytes: " << bytesRead << "." << std::endl; + SWIFT_LOG(error) << "SSLRead failed with error " << error << ", read bytes: " << bytesRead << "."; fatalError(std::make_shared<TLSError>(), std::make_shared<CertificateVerificationError>()); return; } if (bytesRead > 0) { applicationData.resize(bytesRead); @@ -344,30 +344,30 @@ void SecureTransportContext::handleDataFromNetwork(const SafeByteArray& data) { else { break; } } break; case Error: - SWIFT_LOG(debug) << "Igoring received data in error state." << std::endl; + SWIFT_LOG(debug) << "Igoring received data in error state."; break; } } void SecureTransportContext::handleDataFromApplication(const SafeByteArray& data) { size_t processedBytes = 0; OSStatus error = SSLWrite(sslContext_.get(), data.data(), data.size(), &processedBytes); switch(error) { case errSSLWouldBlock: - SWIFT_LOG(warning) << "Unexpected because the write callback does not block." << std::endl; + SWIFT_LOG(warning) << "Unexpected because the write callback does not block."; return; case errSSLClosedGraceful: case noErr: return; default: - SWIFT_LOG(warning) << "SSLWrite returned error code: " << error << ", processed bytes: " << processedBytes << std::endl; + SWIFT_LOG(warning) << "SSLWrite returned error code: " << error << ", processed bytes: " << processedBytes; fatalError(std::make_shared<TLSError>(), std::shared_ptr<CertificateVerificationError>()); } } std::vector<Certificate::ref> SecureTransportContext::getPeerCertificateChain() const { std::vector<Certificate::ref> peerCertificateChain; @@ -387,25 +387,25 @@ std::vector<Certificate::ref> SecureTransportContext::getPeerCertificateChain() if (certificate) { peerCertificateChain.push_back(std::make_shared<SecureTransportCertificate>(certificate)); } } } else { - SWIFT_LOG(warning) << "Failed to obtain peer trust structure; error = " << error << "." << std::endl; + SWIFT_LOG(warning) << "Failed to obtain peer trust structure; error = " << error << "."; } } return peerCertificateChain; } CertificateVerificationError::ref SecureTransportContext::getPeerCertificateVerificationError() const { return verificationError_; } ByteArray SecureTransportContext::getFinishMessage() const { - SWIFT_LOG(warning) << "Access to TLS handshake finish message is not part of OS X Secure Transport APIs." << std::endl; + SWIFT_LOG(warning) << "Access to TLS handshake finish message is not part of OS X Secure Transport APIs."; return ByteArray(); } /** * This I/O callback simulates an asynchronous read to the read buffer of the context. If it is empty, it returns errSSLWouldBlock; else * the data within the buffer is returned. @@ -450,48 +450,48 @@ std::shared_ptr<TLSError> SecureTransportContext::nativeToTLSError(OSStatus /* e } std::shared_ptr<CertificateVerificationError> SecureTransportContext::CSSMErrorToVerificationError(OSStatus resultCode) { std::shared_ptr<CertificateVerificationError> error; switch(resultCode) { case CSSMERR_TP_NOT_TRUSTED: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_NOT_TRUSTED" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_NOT_TRUSTED"; error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Untrusted); break; case CSSMERR_TP_CERT_NOT_VALID_YET: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_NOT_VALID_YET" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_NOT_VALID_YET"; error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::NotYetValid); break; case CSSMERR_TP_CERT_EXPIRED: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_EXPIRED" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_EXPIRED"; error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Expired); break; case CSSMERR_TP_CERT_REVOKED: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_REVOKED" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_REVOKED"; error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Revoked); break; case CSSMERR_TP_VERIFY_ACTION_FAILED: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_VERIFY_ACTION_FAILED" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_VERIFY_ACTION_FAILED"; break; case CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK"; if (checkCertificateRevocation_) { error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::RevocationCheckFailed); } break; case CSSMERR_APPLETP_OCSP_UNAVAILABLE: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_OCSP_UNAVAILABLE" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_OCSP_UNAVAILABLE"; if (checkCertificateRevocation_) { error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::RevocationCheckFailed); } break; case CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE: - SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE" << std::endl; + SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE"; error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::InvalidPurpose); break; default: - SWIFT_LOG(warning) << "unhandled CSSM error: " << resultCode << ", CSSM_TP_BASE_TP_ERROR: " << CSSM_TP_BASE_TP_ERROR << std::endl; + SWIFT_LOG(warning) << "unhandled CSSM error: " << resultCode << ", CSSM_TP_BASE_TP_ERROR: " << CSSM_TP_BASE_TP_ERROR; error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); break; } return error; } diff --git a/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp b/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp index cc10987..ac399e1 100644 --- a/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp +++ b/Swiften/TLS/SecureTransport/SecureTransportContextFactory.cpp @@ -1,8 +1,8 @@ /* - * Copyright (c) 2015-2018 Isode Limited. + * Copyright (c) 2015-2019 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <Swiften/TLS/SecureTransport/SecureTransportContextFactory.h> @@ -36,11 +36,11 @@ void SecureTransportContextFactory::setCheckCertificateRevocation(bool b) { checkCertificateRevocation_ = b; } void SecureTransportContextFactory::setDisconnectOnCardRemoval(bool b) { disconnectOnCardRemoval_ = b; if (disconnectOnCardRemoval_) { - SWIFT_LOG(warning) << "Smart cards have not been tested yet" << std::endl; + SWIFT_LOG(warning) << "Smart cards have not been tested yet"; } } } |