Swiftdiff options
Diffstat (limited to 'Swiften/TLS')
25 files changed, 137 insertions, 122 deletions
diff --git a/Swiften/TLS/CAPICertificate.cpp b/Swiften/TLS/CAPICertificate.cpp index 29bb338..a46b9f6 100644 --- a/Swiften/TLS/CAPICertificate.cpp +++ b/Swiften/TLS/CAPICertificate.cpp @@ -20,7 +20,7 @@ #define DEBUG_SCARD_STATUS(function, status) \ { \ - boost::shared_ptr<boost::system::error_code> errorCode = boost::make_shared<boost::system::error_code>(status, boost::system::system_category()); \ + std::shared_ptr<boost::system::error_code> errorCode = std::make_shared<boost::system::error_code>(status, boost::system::system_category()); \ SWIFT_LOG(debug) << std::hex << function << ": status: 0x" << status << ": " << errorCode->message() << std::endl; \ } diff --git a/Swiften/TLS/CAPICertificate.h b/Swiften/TLS/CAPICertificate.h index e0b5488..5322a03 100644 --- a/Swiften/TLS/CAPICertificate.h +++ b/Swiften/TLS/CAPICertificate.h @@ -4,6 +4,12 @@ * See Documentation/Licenses/BSD-simplified.txt for more information. */ +/* + * Copyright (c) 2016 Isode Limited. + * All rights reserved. + * See the COPYING file for more information. + */ + #pragma once #include <Swiften/Base/API.h> @@ -58,7 +64,7 @@ namespace Swift { std::string certStore_; std::string certName_; std::string smartCardReaderName_; - boost::shared_ptr<Timer> smartCardTimer_; + std::shared_ptr<Timer> smartCardTimer_; TimerFactory* timerFactory_; bool lastPollingResult_; diff --git a/Swiften/TLS/Certificate.h b/Swiften/TLS/Certificate.h index 0b45479..dbc61ad 100644 --- a/Swiften/TLS/Certificate.h +++ b/Swiften/TLS/Certificate.h @@ -1,16 +1,15 @@ /* - * Copyright (c) 2010-2015 Isode Limited. + * Copyright (c) 2010-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #pragma once +#include <memory> #include <string> #include <vector> -#include <boost/shared_ptr.hpp> - #include <Swiften/Base/API.h> #include <Swiften/Base/ByteArray.h> @@ -19,7 +18,7 @@ namespace Swift { class SWIFTEN_API Certificate { public: - typedef boost::shared_ptr<Certificate> ref; + typedef std::shared_ptr<Certificate> ref; virtual ~Certificate(); diff --git a/Swiften/TLS/CertificateTrustChecker.h b/Swiften/TLS/CertificateTrustChecker.h index bf2b891..dd2b3ec 100644 --- a/Swiften/TLS/CertificateTrustChecker.h +++ b/Swiften/TLS/CertificateTrustChecker.h @@ -6,11 +6,10 @@ #pragma once +#include <memory> #include <string> #include <vector> -#include <boost/shared_ptr.hpp> - #include <Swiften/Base/API.h> #include <Swiften/TLS/Certificate.h> diff --git a/Swiften/TLS/CertificateVerificationError.h b/Swiften/TLS/CertificateVerificationError.h index 0079e4f..02b4cca 100644 --- a/Swiften/TLS/CertificateVerificationError.h +++ b/Swiften/TLS/CertificateVerificationError.h @@ -6,7 +6,7 @@ #pragma once -#include <boost/shared_ptr.hpp> +#include <memory> #include <Swiften/Base/API.h> #include <Swiften/Base/Error.h> @@ -14,7 +14,7 @@ namespace Swift { class SWIFTEN_API CertificateVerificationError : public Error { public: - typedef boost::shared_ptr<CertificateVerificationError> ref; + typedef std::shared_ptr<CertificateVerificationError> ref; enum Type { UnknownError, diff --git a/Swiften/TLS/CertificateWithKey.h b/Swiften/TLS/CertificateWithKey.h index 3d95e5b..8414938 100644 --- a/Swiften/TLS/CertificateWithKey.h +++ b/Swiften/TLS/CertificateWithKey.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2015 Isode Limited. + * Copyright (c) 2010-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -12,7 +12,7 @@ namespace Swift { class SWIFTEN_API CertificateWithKey { public: - typedef boost::shared_ptr<CertificateWithKey> ref; + typedef std::shared_ptr<CertificateWithKey> ref; CertificateWithKey() {} virtual ~CertificateWithKey() {} diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp index 3110813..17ac8cc 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Isode Limited. + * Copyright (c) 2010-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -19,7 +19,7 @@ namespace Swift { -OpenSSLCertificate::OpenSSLCertificate(boost::shared_ptr<X509> cert) : cert(cert) { +OpenSSLCertificate::OpenSSLCertificate(std::shared_ptr<X509> cert) : cert(cert) { parse(); } @@ -30,7 +30,7 @@ OpenSSLCertificate::OpenSSLCertificate(const ByteArray& der) { #else const unsigned char* p = vecptr(der); #endif - cert = boost::shared_ptr<X509>(d2i_X509(NULL, &p, der.size()), X509_free); + cert = std::shared_ptr<X509>(d2i_X509(NULL, &p, der.size()), X509_free); if (!cert) { SWIFT_LOG(warning) << "Error creating certificate from DER data" << std::endl; } @@ -75,9 +75,9 @@ void OpenSSLCertificate::parse() { int subjectAltNameLoc = X509_get_ext_by_NID(cert.get(), NID_subject_alt_name, -1); if(subjectAltNameLoc != -1) { X509_EXTENSION* extension = X509_get_ext(cert.get(), subjectAltNameLoc); - boost::shared_ptr<GENERAL_NAMES> generalNames(reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(extension)), GENERAL_NAMES_free); - boost::shared_ptr<ASN1_OBJECT> xmppAddrObject(OBJ_txt2obj(ID_ON_XMPPADDR_OID, 1), ASN1_OBJECT_free); - boost::shared_ptr<ASN1_OBJECT> dnsSRVObject(OBJ_txt2obj(ID_ON_DNSSRV_OID, 1), ASN1_OBJECT_free); + std::shared_ptr<GENERAL_NAMES> generalNames(reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(extension)), GENERAL_NAMES_free); + std::shared_ptr<ASN1_OBJECT> xmppAddrObject(OBJ_txt2obj(ID_ON_XMPPADDR_OID, 1), ASN1_OBJECT_free); + std::shared_ptr<ASN1_OBJECT> dnsSRVObject(OBJ_txt2obj(ID_ON_DNSSRV_OID, 1), ASN1_OBJECT_free); for (int i = 0; i < sk_GENERAL_NAME_num(generalNames.get()); ++i) { GENERAL_NAME* generalName = sk_GENERAL_NAME_value(generalNames.get(), i); if (generalName->type == GEN_OTHERNAME) { diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h index 4b8b32c..186caea 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h @@ -6,10 +6,9 @@ #pragma once +#include <memory> #include <string> -#include <boost/shared_ptr.hpp> - #include <openssl/ssl.h> #include <Swiften/TLS/Certificate.h> @@ -17,7 +16,7 @@ namespace Swift { class OpenSSLCertificate : public Certificate { public: - OpenSSLCertificate(boost::shared_ptr<X509>); + OpenSSLCertificate(std::shared_ptr<X509>); OpenSSLCertificate(const ByteArray& der); std::string getSubjectName() const { @@ -42,7 +41,7 @@ namespace Swift { ByteArray toDER() const; - boost::shared_ptr<X509> getInternalX509() const { + std::shared_ptr<X509> getInternalX509() const { return cert; } @@ -62,7 +61,7 @@ namespace Swift { } private: - boost::shared_ptr<X509> cert; + std::shared_ptr<X509> cert; std::string subjectName; std::vector<std::string> commonNames; std::vector<std::string> dnsNames; diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index cc420e6..b7496a0 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Isode Limited. + * Copyright (c) 2010-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -13,7 +13,7 @@ #include <vector> #include <openssl/err.h> #include <openssl/pkcs12.h> -#include <boost/smart_ptr/make_shared.hpp> +#include <memory> #if defined(SWIFTEN_PLATFORM_MACOSX) #include <Security/Security.h> @@ -147,7 +147,7 @@ void OpenSSLContext::doConnect() { break; default: state_ = Error; - onError(boost::make_shared<TLSError>()); + onError(std::make_shared<TLSError>()); } } @@ -181,7 +181,7 @@ void OpenSSLContext::handleDataFromApplication(const SafeByteArray& data) { } else { state_ = Error; - onError(boost::make_shared<TLSError>()); + onError(std::make_shared<TLSError>()); } } @@ -197,12 +197,12 @@ void OpenSSLContext::sendPendingDataToApplication() { } if (ret < 0 && SSL_get_error(handle_, ret) != SSL_ERROR_WANT_READ) { state_ = Error; - onError(boost::make_shared<TLSError>()); + onError(std::make_shared<TLSError>()); } } bool OpenSSLContext::setClientCertificate(CertificateWithKey::ref certificate) { - boost::shared_ptr<PKCS12Certificate> pkcs12Certificate = boost::dynamic_pointer_cast<PKCS12Certificate>(certificate); + std::shared_ptr<PKCS12Certificate> pkcs12Certificate = std::dynamic_pointer_cast<PKCS12Certificate>(certificate); if (!pkcs12Certificate || pkcs12Certificate->isNull()) { return false; } @@ -210,7 +210,7 @@ bool OpenSSLContext::setClientCertificate(CertificateWithKey::ref certificate) { // Create a PKCS12 structure BIO* bio = BIO_new(BIO_s_mem()); BIO_write(bio, vecptr(pkcs12Certificate->getData()), pkcs12Certificate->getData().size()); - boost::shared_ptr<PKCS12> pkcs12(d2i_PKCS12_bio(bio, NULL), PKCS12_free); + std::shared_ptr<PKCS12> pkcs12(d2i_PKCS12_bio(bio, NULL), PKCS12_free); BIO_free(bio); if (!pkcs12) { return false; @@ -226,9 +226,9 @@ bool OpenSSLContext::setClientCertificate(CertificateWithKey::ref certificate) { if (result != 1) { return false; } - boost::shared_ptr<X509> cert(certPtr, X509_free); - boost::shared_ptr<EVP_PKEY> privateKey(privateKeyPtr, EVP_PKEY_free); - boost::shared_ptr<STACK_OF(X509)> caCerts(caCertsPtr, freeX509Stack); + std::shared_ptr<X509> cert(certPtr, X509_free); + std::shared_ptr<EVP_PKEY> privateKey(privateKeyPtr, EVP_PKEY_free); + std::shared_ptr<STACK_OF(X509)> caCerts(caCertsPtr, freeX509Stack); // Use the key & certificates if (SSL_CTX_use_certificate(context_, cert.get()) != 1) { @@ -247,21 +247,21 @@ std::vector<Certificate::ref> OpenSSLContext::getPeerCertificateChain() const { std::vector<Certificate::ref> result; STACK_OF(X509)* chain = SSL_get_peer_cert_chain(handle_); for (int i = 0; i < sk_X509_num(chain); ++i) { - boost::shared_ptr<X509> x509Cert(X509_dup(sk_X509_value(chain, i)), X509_free); + std::shared_ptr<X509> x509Cert(X509_dup(sk_X509_value(chain, i)), X509_free); - Certificate::ref cert = boost::make_shared<OpenSSLCertificate>(x509Cert); + Certificate::ref cert = std::make_shared<OpenSSLCertificate>(x509Cert); result.push_back(cert); } return result; } -boost::shared_ptr<CertificateVerificationError> OpenSSLContext::getPeerCertificateVerificationError() const { +std::shared_ptr<CertificateVerificationError> OpenSSLContext::getPeerCertificateVerificationError() const { int verifyResult = SSL_get_verify_result(handle_); if (verifyResult != X509_V_OK) { - return boost::make_shared<CertificateVerificationError>(getVerificationErrorTypeForResult(verifyResult)); + return std::make_shared<CertificateVerificationError>(getVerificationErrorTypeForResult(verifyResult)); } else { - return boost::shared_ptr<CertificateVerificationError>(); + return std::shared_ptr<CertificateVerificationError>(); } } diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.h b/Swiften/TLS/OpenSSL/OpenSSLContext.h index 7fd5af7..54a8dcb 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.h +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2015 Isode Limited. + * Copyright (c) 2010-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -29,7 +29,7 @@ namespace Swift { void handleDataFromApplication(const SafeByteArray&); std::vector<Certificate::ref> getPeerCertificateChain() const; - boost::shared_ptr<CertificateVerificationError> getPeerCertificateVerificationError() const; + std::shared_ptr<CertificateVerificationError> getPeerCertificateVerificationError() const; virtual ByteArray getFinishMessage() const; diff --git a/Swiften/TLS/Schannel/SchannelCertificate.cpp b/Swiften/TLS/Schannel/SchannelCertificate.cpp index 68dd0cf..23c2479 100644 --- a/Swiften/TLS/Schannel/SchannelCertificate.cpp +++ b/Swiften/TLS/Schannel/SchannelCertificate.cpp @@ -4,6 +4,12 @@ * See Documentation/Licenses/BSD-simplified.txt for more information. */ +/* + * Copyright (c) 2016 Isode Limited. + * All rights reserved. + * See the COPYING file for more information. + */ + #include "Swiften/TLS/Schannel/SchannelCertificate.h" #include "Swiften/Base/ByteArray.h" @@ -160,9 +166,9 @@ void SchannelCertificate::parse() // int subjectAltNameLoc = X509_get_ext_by_NID(cert.get(), NID_subject_alt_name, -1); // if(subjectAltNameLoc != -1) { // X509_EXTENSION* extension = X509_get_ext(cert.get(), subjectAltNameLoc); - // boost::shared_ptr<GENERAL_NAMES> generalNames(reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(extension)), GENERAL_NAMES_free); - // boost::shared_ptr<ASN1_OBJECT> xmppAddrObject(OBJ_txt2obj(ID_ON_XMPPADDR_OID, 1), ASN1_OBJECT_free); - // boost::shared_ptr<ASN1_OBJECT> dnsSRVObject(OBJ_txt2obj(ID_ON_DNSSRV_OID, 1), ASN1_OBJECT_free); + // std::shared_ptr<GENERAL_NAMES> generalNames(reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(extension)), GENERAL_NAMES_free); + // std::shared_ptr<ASN1_OBJECT> xmppAddrObject(OBJ_txt2obj(ID_ON_XMPPADDR_OID, 1), ASN1_OBJECT_free); + // std::shared_ptr<ASN1_OBJECT> dnsSRVObject(OBJ_txt2obj(ID_ON_DNSSRV_OID, 1), ASN1_OBJECT_free); // for (int i = 0; i < sk_GENERAL_NAME_num(generalNames.get()); ++i) { // GENERAL_NAME* generalName = sk_GENERAL_NAME_value(generalNames.get(), i); // if (generalName->type == GEN_OTHERNAME) { diff --git a/Swiften/TLS/Schannel/SchannelCertificate.h b/Swiften/TLS/Schannel/SchannelCertificate.h index 814f344..d3bd66c 100644 --- a/Swiften/TLS/Schannel/SchannelCertificate.h +++ b/Swiften/TLS/Schannel/SchannelCertificate.h @@ -12,7 +12,7 @@ #pragma once -#include <boost/shared_ptr.hpp> +#include <memory> #include <Swiften/Base/String.h> #include <Swiften/TLS/Certificate.h> @@ -23,7 +23,7 @@ namespace Swift class SchannelCertificate : public Certificate { public: - typedef boost::shared_ptr<SchannelCertificate> ref; + typedef std::shared_ptr<SchannelCertificate> ref; public: SchannelCertificate(const ScopedCertContext& certCtxt); diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp index 7b67f4c..5799157 100644 --- a/Swiften/TLS/Schannel/SchannelContext.cpp +++ b/Swiften/TLS/Schannel/SchannelContext.cpp @@ -61,14 +61,14 @@ void SchannelContext::connect() { if (myCertStore_ == NULL) { myCertStore_ = CertOpenSystemStore(0, certStoreName_.c_str()); if (!myCertStore_) { - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); return; } } pCertContext = findCertificateInStore( myCertStore_, certName_ ); if (pCertContext == NULL) { - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); return; } } @@ -115,7 +115,7 @@ void SchannelContext::connect() { if (status != SEC_E_OK) { // We failed to obtain the credentials handle - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); return; } @@ -158,7 +158,7 @@ void SchannelContext::connect() { if (status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { // We failed to initialize the security context handleCertError(status); - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); return; } @@ -181,7 +181,7 @@ void SchannelContext::connect() { //------------------------------------------------------------------------ SECURITY_STATUS SchannelContext::validateServerCertificate() { - SchannelCertificate::ref pServerCert = boost::dynamic_pointer_cast<SchannelCertificate>( getPeerCertificate() ); + SchannelCertificate::ref pServerCert = std::dynamic_pointer_cast<SchannelCertificate>( getPeerCertificate() ); if (!pServerCert) { return SEC_E_WRONG_PRINCIPAL; } @@ -359,7 +359,7 @@ void SchannelContext::continueHandshake(const SafeByteArray& data) { else { // We failed to initialize the security context handleCertError(status); - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); return; } } @@ -459,7 +459,7 @@ void SchannelContext::handleDataFromNetwork(const SafeByteArray& data) { //------------------------------------------------------------------------ -void SchannelContext::indicateError(boost::shared_ptr<TLSError> error) { +void SchannelContext::indicateError(std::shared_ptr<TLSError> error) { state_ = Error; receivedData_.clear(); onError(error); @@ -505,15 +505,15 @@ void SchannelContext::decryptAndProcessData(const SafeByteArray& data) { } else if (status == SEC_I_RENEGOTIATE) { // TODO: Handle renegotiation scenarios - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); break; } else if (status == SEC_I_CONTEXT_EXPIRED) { - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); break; } else if (status != SEC_E_OK) { - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); break; } @@ -596,7 +596,7 @@ void SchannelContext::encryptAndSendData(const SafeByteArray& data) { SECURITY_STATUS status = EncryptMessage(contextHandle_, 0, &outBufferDesc, 0); if (status != SEC_E_OK) { - indicateError(boost::make_shared<TLSError>(TLSError::UnknownError)); + indicateError(std::make_shared<TLSError>(TLSError::UnknownError)); return; } @@ -609,7 +609,7 @@ void SchannelContext::encryptAndSendData(const SafeByteArray& data) { //------------------------------------------------------------------------ bool SchannelContext::setClientCertificate(CertificateWithKey::ref certificate) { - boost::shared_ptr<CAPICertificate> capiCertificate = boost::dynamic_pointer_cast<CAPICertificate>(certificate); + std::shared_ptr<CAPICertificate> capiCertificate = std::dynamic_pointer_cast<CAPICertificate>(certificate); if (!capiCertificate || capiCertificate->isNull()) { return false; } @@ -631,7 +631,7 @@ bool SchannelContext::setClientCertificate(CertificateWithKey::ref certificate) //------------------------------------------------------------------------ void SchannelContext::handleCertificateCardRemoved() { if (disconnectOnCardRemoval_) { - indicateError(boost::make_shared<TLSError>(TLSError::CertificateCardRemoved)); + indicateError(std::make_shared<TLSError>(TLSError::CertificateCardRemoved)); } } @@ -647,7 +647,7 @@ std::vector<Certificate::ref> SchannelContext::getPeerCertificateChain() const { if (status != SEC_E_OK) { return certificateChain; } - certificateChain.push_back(boost::make_shared<SchannelCertificate>(pServerCert)); + certificateChain.push_back(std::make_shared<SchannelCertificate>(pServerCert)); pCurrentCert = pServerCert; while(pCurrentCert.GetPointer()) { @@ -656,7 +656,7 @@ std::vector<Certificate::ref> SchannelContext::getPeerCertificateChain() const { if (!(*pIssuerCert.GetPointer())) { break; } - certificateChain.push_back(boost::make_shared<SchannelCertificate>(pIssuerCert)); + certificateChain.push_back(std::make_shared<SchannelCertificate>(pIssuerCert)); pCurrentCert = pIssuerCert; pIssuerCert = NULL; @@ -667,7 +667,7 @@ std::vector<Certificate::ref> SchannelContext::getPeerCertificateChain() const { //------------------------------------------------------------------------ CertificateVerificationError::ref SchannelContext::getPeerCertificateVerificationError() const { - return verificationError_ ? boost::make_shared<CertificateVerificationError>(*verificationError_) : CertificateVerificationError::ref(); + return verificationError_ ? std::make_shared<CertificateVerificationError>(*verificationError_) : CertificateVerificationError::ref(); } //------------------------------------------------------------------------ diff --git a/Swiften/TLS/Schannel/SchannelContext.h b/Swiften/TLS/Schannel/SchannelContext.h index 2c6a3ff..4cb086e 100644 --- a/Swiften/TLS/Schannel/SchannelContext.h +++ b/Swiften/TLS/Schannel/SchannelContext.h @@ -5,7 +5,7 @@ */ /* - * Copyright (c) 2012-2015 Isode Limited. + * Copyright (c) 2012-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -34,7 +34,7 @@ namespace Swift class SchannelContext : public TLSContext, boost::noncopyable { public: - typedef boost::shared_ptr<SchannelContext> sp_t; + typedef std::shared_ptr<SchannelContext> sp_t; public: SchannelContext(bool tls1_0Workaround); @@ -62,9 +62,9 @@ namespace Swift private: void determineStreamSizes(); void continueHandshake(const SafeByteArray& data); - void indicateError(boost::shared_ptr<TLSError> error); + void indicateError(std::shared_ptr<TLSError> error); //FIXME: Remove - void indicateError() {indicateError(boost::make_shared<TLSError>());} + void indicateError() {indicateError(std::make_shared<TLSError>());} void handleCertError(SECURITY_STATUS status) ; void sendDataOnNetwork(const void* pData, size_t dataSize); @@ -104,7 +104,7 @@ namespace Swift std::string certName_; ////Not needed, most likely std::string smartCardReader_; //Can be empty string for non SmartCard certificates - boost::shared_ptr<CAPICertificate> userCertificate_; + std::shared_ptr<CAPICertificate> userCertificate_; bool checkCertificateRevocation_; bool tls1_0Workaround_; bool disconnectOnCardRemoval_; diff --git a/Swiften/TLS/Schannel/SchannelUtil.h b/Swiften/TLS/Schannel/SchannelUtil.h index 194ec35..ec71d9d 100644 --- a/Swiften/TLS/Schannel/SchannelUtil.h +++ b/Swiften/TLS/Schannel/SchannelUtil.h @@ -4,6 +4,12 @@ * See Documentation/Licenses/BSD-simplified.txt for more information. */ +/* + * Copyright (c) 2016 Isode Limited. + * All rights reserved. + * See the COPYING file for more information. + */ + #pragma once #define SECURITY_WIN32 @@ -92,7 +98,7 @@ namespace Swift } private: - boost::shared_ptr<HandleContext> m_pHandle; + std::shared_ptr<HandleContext> m_pHandle; }; //------------------------------------------------------------------------ @@ -168,7 +174,7 @@ namespace Swift } private: - boost::shared_ptr<HandleContext> m_pHandle; + std::shared_ptr<HandleContext> m_pHandle; }; //------------------------------------------------------------------------ @@ -303,7 +309,7 @@ namespace Swift } private: - boost::shared_ptr<HandleContext> m_pHandle; + std::shared_ptr<HandleContext> m_pHandle; }; //------------------------------------------------------------------------ @@ -420,6 +426,6 @@ namespace Swift } private: - boost::shared_ptr<HandleContext> m_pHandle; + std::shared_ptr<HandleContext> m_pHandle; }; } diff --git a/Swiften/TLS/SecureTransport/SecureTransportCertificate.h b/Swiften/TLS/SecureTransport/SecureTransportCertificate.h index 625c2ae..7faf3be 100644 --- a/Swiften/TLS/SecureTransport/SecureTransportCertificate.h +++ b/Swiften/TLS/SecureTransport/SecureTransportCertificate.h @@ -1,12 +1,13 @@ /* - * Copyright (c) 2015 Isode Limited. + * Copyright (c) 2015-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #pragma once -#include <boost/shared_ptr.hpp> +#include <memory> + #include <boost/type_traits.hpp> #include <Security/SecCertificate.h> @@ -34,7 +35,7 @@ private: typedef boost::remove_pointer<SecCertificateRef>::type SecCertificate; private: - boost::shared_ptr<SecCertificate> certificateHandle_; + std::shared_ptr<SecCertificate> certificateHandle_; std::string subjectName_; std::vector<std::string> commonNames_; std::vector<std::string> srvNames_; diff --git a/Swiften/TLS/SecureTransport/SecureTransportCertificate.mm b/Swiften/TLS/SecureTransport/SecureTransportCertificate.mm index ed47f56..db0af89 100644 --- a/Swiften/TLS/SecureTransport/SecureTransportCertificate.mm +++ b/Swiften/TLS/SecureTransport/SecureTransportCertificate.mm @@ -43,7 +43,7 @@ namespace Swift { SecureTransportCertificate::SecureTransportCertificate(SecCertificateRef certificate) { assert(certificate); CFRetain(certificate); - certificateHandle_ = boost::shared_ptr<SecCertificate>(certificate, CFRelease); + certificateHandle_ = std::shared_ptr<SecCertificate>(certificate, CFRelease); parse(); } @@ -53,7 +53,7 @@ SecureTransportCertificate::SecureTransportCertificate(const ByteArray& der) { // certificate will take ownership of derData and free it on its release. SecCertificateRef certificate = SecCertificateCreateWithData(nullptr, derData); if (certificate) { - certificateHandle_ = boost::shared_ptr<SecCertificate>(certificate, CFRelease); + certificateHandle_ = std::shared_ptr<SecCertificate>(certificate, CFRelease); parse(); } } diff --git a/Swiften/TLS/SecureTransport/SecureTransportContext.h b/Swiften/TLS/SecureTransport/SecureTransportContext.h index 4d45f52..3942904 100644 --- a/Swiften/TLS/SecureTransport/SecureTransportContext.h +++ b/Swiften/TLS/SecureTransport/SecureTransportContext.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015 Isode Limited. + * Copyright (c) 2015-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -38,16 +38,16 @@ class SecureTransportContext : public TLSContext { static std::string stateToString(State state); void setState(State newState); - static boost::shared_ptr<TLSError> nativeToTLSError(OSStatus error); - boost::shared_ptr<CertificateVerificationError> CSSMErrorToVerificationError(OSStatus resultCode); + static std::shared_ptr<TLSError> nativeToTLSError(OSStatus error); + std::shared_ptr<CertificateVerificationError> CSSMErrorToVerificationError(OSStatus resultCode); void processHandshake(); void verifyServerCertificate(); - void fatalError(boost::shared_ptr<TLSError> error, boost::shared_ptr<CertificateVerificationError> certificateError); + void fatalError(std::shared_ptr<TLSError> error, std::shared_ptr<CertificateVerificationError> certificateError); private: - boost::shared_ptr<SSLContext> sslContext_; + std::shared_ptr<SSLContext> sslContext_; SafeByteArray readingBuffer_; State state_; CertificateVerificationError::ref verificationError_; diff --git a/Swiften/TLS/SecureTransport/SecureTransportContext.mm b/Swiften/TLS/SecureTransport/SecureTransportContext.mm index 1c5e3ab..970d270 100644 --- a/Swiften/TLS/SecureTransport/SecureTransportContext.mm +++ b/Swiften/TLS/SecureTransport/SecureTransportContext.mm @@ -39,7 +39,7 @@ namespace { CFArrayRef CreateClientCertificateChainAsCFArrayRef(CertificateWithKey::ref key) { - boost::shared_ptr<PKCS12Certificate> pkcs12 = boost::dynamic_pointer_cast<PKCS12Certificate>(key); + std::shared_ptr<PKCS12Certificate> pkcs12 = std::dynamic_pointer_cast<PKCS12Certificate>(key); if (!key) { return nullptr; } @@ -104,7 +104,7 @@ CFArrayRef CreateClientCertificateChainAsCFArrayRef(CertificateWithKey::ref key) } SecureTransportContext::SecureTransportContext(bool checkCertificateRevocation) : state_(None), checkCertificateRevocation_(checkCertificateRevocation) { - sslContext_ = boost::shared_ptr<SSLContext>(SSLCreateContext(nullptr, kSSLClientSide, kSSLStreamType), CFRelease); + sslContext_ = std::shared_ptr<SSLContext>(SSLCreateContext(nullptr, kSSLClientSide, kSSLStreamType), CFRelease); OSStatus error = noErr; // set IO callbacks @@ -163,7 +163,7 @@ void SecureTransportContext::connect() { if (clientCertificate_) { CFArrayRef certs = CreateClientCertificateChainAsCFArrayRef(clientCertificate_); if (certs) { - boost::shared_ptr<CFArray> certRefs(certs, CFRelease); + std::shared_ptr<CFArray> certRefs(certs, CFRelease); OSStatus result = SSLSetCertificate(sslContext_.get(), certRefs.get()); if (result != noErr) { SWIFT_LOG(error) << "SSLSetCertificate failed with error " << result << "." << std::endl; @@ -191,7 +191,7 @@ void SecureTransportContext::processHandshake() { } else { SWIFT_LOG(debug) << "Error returned from SSLHandshake call is " << error << "." << std::endl; - fatalError(nativeToTLSError(error), boost::make_shared<CertificateVerificationError>()); + fatalError(nativeToTLSError(error), std::make_shared<CertificateVerificationError>()); } } @@ -203,15 +203,15 @@ void SecureTransportContext::verifyServerCertificate() { SecTrustRef trust = nullptr; OSStatus error = SSLCopyPeerTrust(sslContext_.get(), &trust); if (error != noErr) { - fatalError(boost::make_shared<TLSError>(), boost::make_shared<CertificateVerificationError>()); + fatalError(std::make_shared<TLSError>(), std::make_shared<CertificateVerificationError>()); return; } - boost::shared_ptr<SecTrust> trustRef = boost::shared_ptr<SecTrust>(trust, CFRelease); + std::shared_ptr<SecTrust> trustRef = std::shared_ptr<SecTrust>(trust, CFRelease); if (checkCertificateRevocation_) { error = SecTrustSetOptions(trust, kSecTrustOptionRequireRevPerCert | kSecTrustOptionFetchIssuerFromNet); if (error != noErr) { - fatalError(boost::make_shared<TLSError>(), boost::make_shared<CertificateVerificationError>()); + fatalError(std::make_shared<TLSError>(), std::make_shared<CertificateVerificationError>()); return; } } @@ -219,7 +219,7 @@ void SecureTransportContext::verifyServerCertificate() { SecTrustResultType trustResult; error = SecTrustEvaluate(trust, &trustResult); if (error != errSecSuccess) { - fatalError(boost::make_shared<TLSError>(), boost::make_shared<CertificateVerificationError>()); + fatalError(std::make_shared<TLSError>(), std::make_shared<CertificateVerificationError>()); return; } @@ -242,7 +242,7 @@ void SecureTransportContext::verifyServerCertificate() { CSSM_TP_APPLE_EVIDENCE_INFO* statusChain; error = SecTrustGetResult(trustRef.get(), &trustResult, &certChain, &statusChain); if (error == errSecSuccess) { - boost::shared_ptr<CFArray> certChainRef = boost::shared_ptr<CFArray>(certChain, CFRelease); + std::shared_ptr<CFArray> certChainRef = std::shared_ptr<CFArray>(certChain, CFRelease); for (CFIndex index = 0; index < CFArrayGetCount(certChainRef.get()); index++) { for (CFIndex n = 0; n < statusChain[index].NumStatusCodes; n++) { // Even though Secure Transport reported CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK on the whole certificate @@ -259,11 +259,11 @@ void SecureTransportContext::verifyServerCertificate() { } } else { - verificationError_ = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); + verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); } break; case kSecTrustResultOtherError: - verificationError_ = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); + verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); break; default: SWIFT_LOG(warning) << "Unhandled trust result " << trustResult << "." << std::endl; @@ -321,7 +321,7 @@ void SecureTransportContext::handleDataFromNetwork(const SafeByteArray& data) { } else { SWIFT_LOG(error) << "SSLRead failed with error " << error << ", read bytes: " << bytesRead << "." << std::endl; - fatalError(boost::make_shared<TLSError>(), boost::make_shared<CertificateVerificationError>()); + fatalError(std::make_shared<TLSError>(), std::make_shared<CertificateVerificationError>()); return; } @@ -353,7 +353,7 @@ void SecureTransportContext::handleDataFromApplication(const SafeByteArray& data return; default: SWIFT_LOG(warning) << "SSLWrite returned error code: " << error << ", processed bytes: " << processedBytes << std::endl; - fatalError(boost::make_shared<TLSError>(), boost::shared_ptr<CertificateVerificationError>()); + fatalError(std::make_shared<TLSError>(), std::shared_ptr<CertificateVerificationError>()); } } @@ -362,18 +362,18 @@ std::vector<Certificate::ref> SecureTransportContext::getPeerCertificateChain() if (sslContext_) { typedef boost::remove_pointer<SecTrustRef>::type SecTrust; - boost::shared_ptr<SecTrust> securityTrust; + std::shared_ptr<SecTrust> securityTrust; SecTrustRef secTrust = nullptr;; OSStatus error = SSLCopyPeerTrust(sslContext_.get(), &secTrust); if (error == noErr) { - securityTrust = boost::shared_ptr<SecTrust>(secTrust, CFRelease); + securityTrust = std::shared_ptr<SecTrust>(secTrust, CFRelease); CFIndex chainSize = SecTrustGetCertificateCount(securityTrust.get()); for (CFIndex n = 0; n < chainSize; n++) { SecCertificateRef certificate = SecTrustGetCertificateAtIndex(securityTrust.get(), n); if (certificate) { - peerCertificateChain.push_back(boost::make_shared<SecureTransportCertificate>(certificate)); + peerCertificateChain.push_back(std::make_shared<SecureTransportCertificate>(certificate)); } } } @@ -431,30 +431,30 @@ OSStatus SecureTransportContext::SSLSocketWriteCallback(SSLConnectionRef connect return retValue; } -boost::shared_ptr<TLSError> SecureTransportContext::nativeToTLSError(OSStatus /* error */) { - boost::shared_ptr<TLSError> swiftenError; - swiftenError = boost::make_shared<TLSError>(); +std::shared_ptr<TLSError> SecureTransportContext::nativeToTLSError(OSStatus /* error */) { + std::shared_ptr<TLSError> swiftenError; + swiftenError = std::make_shared<TLSError>(); return swiftenError; } -boost::shared_ptr<CertificateVerificationError> SecureTransportContext::CSSMErrorToVerificationError(OSStatus resultCode) { - boost::shared_ptr<CertificateVerificationError> error; +std::shared_ptr<CertificateVerificationError> SecureTransportContext::CSSMErrorToVerificationError(OSStatus resultCode) { + std::shared_ptr<CertificateVerificationError> error; switch(resultCode) { case CSSMERR_TP_NOT_TRUSTED: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_NOT_TRUSTED" << std::endl; - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::Untrusted); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Untrusted); break; case CSSMERR_TP_CERT_NOT_VALID_YET: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_NOT_VALID_YET" << std::endl; - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::NotYetValid); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::NotYetValid); break; case CSSMERR_TP_CERT_EXPIRED: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_EXPIRED" << std::endl; - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::Expired); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Expired); break; case CSSMERR_TP_CERT_REVOKED: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_CERT_REVOKED" << std::endl; - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::Revoked); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Revoked); break; case CSSMERR_TP_VERIFY_ACTION_FAILED: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_TP_VERIFY_ACTION_FAILED" << std::endl; @@ -462,28 +462,28 @@ boost::shared_ptr<CertificateVerificationError> SecureTransportContext::CSSMErro case CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK" << std::endl; if (checkCertificateRevocation_) { - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::RevocationCheckFailed); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::RevocationCheckFailed); } break; case CSSMERR_APPLETP_OCSP_UNAVAILABLE: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_OCSP_UNAVAILABLE" << std::endl; if (checkCertificateRevocation_) { - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::RevocationCheckFailed); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::RevocationCheckFailed); } break; case CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE: SWIFT_LOG(debug) << "CSSM result code: CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE" << std::endl; - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::InvalidPurpose); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::InvalidPurpose); break; default: SWIFT_LOG(warning) << "unhandled CSSM error: " << resultCode << ", CSSM_TP_BASE_TP_ERROR: " << CSSM_TP_BASE_TP_ERROR << std::endl; - error = boost::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); + error = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); break; } return error; } -void SecureTransportContext::fatalError(boost::shared_ptr<TLSError> error, boost::shared_ptr<CertificateVerificationError> certificateError) { +void SecureTransportContext::fatalError(std::shared_ptr<TLSError> error, std::shared_ptr<CertificateVerificationError> certificateError) { setState(Error); if (sslContext_) { SSLClose(sslContext_.get()); diff --git a/Swiften/TLS/ServerIdentityVerifier.h b/Swiften/TLS/ServerIdentityVerifier.h index ca92180..f40c683 100644 --- a/Swiften/TLS/ServerIdentityVerifier.h +++ b/Swiften/TLS/ServerIdentityVerifier.h @@ -6,10 +6,9 @@ #pragma once +#include <memory> #include <string> -#include <boost/shared_ptr.hpp> - #include <Swiften/Base/API.h> #include <Swiften/JID/JID.h> #include <Swiften/TLS/Certificate.h> diff --git a/Swiften/TLS/SimpleCertificate.h b/Swiften/TLS/SimpleCertificate.h index 4dbf847..08cf1e3 100644 --- a/Swiften/TLS/SimpleCertificate.h +++ b/Swiften/TLS/SimpleCertificate.h @@ -14,7 +14,7 @@ namespace Swift { class SWIFTEN_API SimpleCertificate : public Certificate { public: - typedef boost::shared_ptr<SimpleCertificate> ref; + typedef std::shared_ptr<SimpleCertificate> ref; void setSubjectName(const std::string& name) { subjectName = name; diff --git a/Swiften/TLS/TLSContext.h b/Swiften/TLS/TLSContext.h index d7b33d4..b0d9296 100644 --- a/Swiften/TLS/TLSContext.h +++ b/Swiften/TLS/TLSContext.h @@ -6,7 +6,7 @@ #pragma once -#include <boost/shared_ptr.hpp> +#include <memory> #include <Swiften/Base/API.h> #include <Swiften/Base/SafeByteArray.h> @@ -38,7 +38,7 @@ namespace Swift { public: boost::signal<void (const SafeByteArray&)> onDataForNetwork; boost::signal<void (const SafeByteArray&)> onDataForApplication; - boost::signal<void (boost::shared_ptr<TLSError>)> onError; + boost::signal<void (std::shared_ptr<TLSError>)> onError; boost::signal<void ()> onConnected; }; } diff --git a/Swiften/TLS/TLSError.h b/Swiften/TLS/TLSError.h index bed5be9..ae775e6 100644 --- a/Swiften/TLS/TLSError.h +++ b/Swiften/TLS/TLSError.h @@ -6,7 +6,7 @@ #pragma once -#include <boost/shared_ptr.hpp> +#include <memory> #include <Swiften/Base/API.h> #include <Swiften/Base/Error.h> @@ -14,7 +14,7 @@ namespace Swift { class SWIFTEN_API TLSError : public Error { public: - typedef boost::shared_ptr<TLSError> ref; + typedef std::shared_ptr<TLSError> ref; enum Type { UnknownError, diff --git a/Swiften/TLS/UnitTest/CertificateTest.cpp b/Swiften/TLS/UnitTest/CertificateTest.cpp index f7bb93e..2483dae 100644 --- a/Swiften/TLS/UnitTest/CertificateTest.cpp +++ b/Swiften/TLS/UnitTest/CertificateTest.cpp @@ -4,7 +4,7 @@ * See the COPYING file for more information. */ -#include <boost/smart_ptr/make_shared.hpp> +#include <memory> #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> @@ -24,10 +24,10 @@ class CertificateTest : public CppUnit::TestFixture { public: void testGetSHA1Fingerprint() { - SimpleCertificate::ref testling = boost::make_shared<SimpleCertificate>(); + SimpleCertificate::ref testling = std::make_shared<SimpleCertificate>(); testling->setDER(createByteArray("abcdefg")); - CPPUNIT_ASSERT_EQUAL(std::string("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40"), Certificate::getSHA1Fingerprint(testling, boost::shared_ptr<CryptoProvider>(PlatformCryptoProvider::create()).get())); + CPPUNIT_ASSERT_EQUAL(std::string("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40"), Certificate::getSHA1Fingerprint(testling, std::shared_ptr<CryptoProvider>(PlatformCryptoProvider::create()).get())); } }; diff --git a/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp b/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp index 1fe936d..30fe423 100644 --- a/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp +++ b/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp @@ -39,7 +39,7 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture { public: void setUp() { - idnConverter = boost::shared_ptr<IDNConverter>(PlatformIDNConverter::create()); + idnConverter = std::shared_ptr<IDNConverter>(PlatformIDNConverter::create()); } void testCertificateVerifies_WithoutMatchingDNSName() { @@ -172,7 +172,7 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture { CPPUNIT_ASSERT(!testling.certificateVerifies(certificate)); } - boost::shared_ptr<IDNConverter> idnConverter; + std::shared_ptr<IDNConverter> idnConverter; }; CPPUNIT_TEST_SUITE_REGISTRATION(ServerIdentityVerifierTest); |