Swiftdiff options
Diffstat (limited to 'Swiften/TLS')
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp | 10 | ||||
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContextFactory.h | 3 | ||||
| -rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.cpp | 10 | ||||
| -rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.h | 5 | ||||
| -rw-r--r-- | Swiften/TLS/Schannel/SchannelContextFactory.cpp | 6 | ||||
| -rw-r--r-- | Swiften/TLS/Schannel/SchannelContextFactory.h | 3 | ||||
| -rw-r--r-- | Swiften/TLS/TLSContextFactory.h | 1 |
7 files changed, 31 insertions, 7 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp index 50f6731..4981170 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* | 1 | /* |
| 2 | * Copyright (c) 2010 Isode Limited. | 2 | * Copyright (c) 2010-2015 Isode Limited. |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * See the COPYING file for more information. | 4 | * See the COPYING file for more information. |
| 5 | */ | 5 | */ |
| @@ -20,8 +20,14 @@ TLSContext* OpenSSLContextFactory::createTLSContext(const TLSOptions&) { | |||
| 20 | 20 | ||
| 21 | void OpenSSLContextFactory::setCheckCertificateRevocation(bool check) { | 21 | void OpenSSLContextFactory::setCheckCertificateRevocation(bool check) { |
| 22 | if (check) { | 22 | if (check) { |
| 23 | assert(false); | ||
| 24 | SWIFT_LOG(warning) << "CRL Checking not supported for OpenSSL" << std::endl; | 23 | SWIFT_LOG(warning) << "CRL Checking not supported for OpenSSL" << std::endl; |
| 24 | assert(false); | ||
| 25 | } | ||
| 26 | } | ||
| 27 | |||
| 28 | void OpenSSLContextFactory::setDisconnectOnCardRemoval(bool check) { | ||
| 29 | if (check) { | ||
| 30 | SWIFT_LOG(warning) << "Smart cards not supported for OpenSSL" << std::endl; | ||
| 25 | } | 31 | } |
| 26 | } | 32 | } |
| 27 | 33 | ||
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h index bf7f08a..89033ad 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h +++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* | 1 | /* |
| 2 | * Copyright (c) 2010 Isode Limited. | 2 | * Copyright (c) 2010-2015 Isode Limited. |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * See the COPYING file for more information. | 4 | * See the COPYING file for more information. |
| 5 | */ | 5 | */ |
| @@ -18,5 +18,6 @@ namespace Swift { | |||
| 18 | 18 | ||
| 19 | // Not supported | 19 | // Not supported |
| 20 | virtual void setCheckCertificateRevocation(bool b); | 20 | virtual void setCheckCertificateRevocation(bool b); |
| 21 | virtual void setDisconnectOnCardRemoval(bool b); | ||
| 21 | }; | 22 | }; |
| 22 | } | 23 | } |
diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp index 5f230ec..70ff7dd 100644 --- a/Swiften/TLS/Schannel/SchannelContext.cpp +++ b/Swiften/TLS/Schannel/SchannelContext.cpp | |||
| @@ -21,7 +21,7 @@ namespace Swift { | |||
| 21 | 21 | ||
| 22 | //------------------------------------------------------------------------ | 22 | //------------------------------------------------------------------------ |
| 23 | 23 | ||
| 24 | SchannelContext::SchannelContext(bool tls1_0Workaround) : state_(Start), secContext_(0), myCertStore_(NULL), certStoreName_("MY"), certName_(), smartCardReader_(), checkCertificateRevocation_(true), tls1_0Workaround_(tls1_0Workaround) { | 24 | SchannelContext::SchannelContext(bool tls1_0Workaround) : state_(Start), secContext_(0), myCertStore_(NULL), certStoreName_("MY"), certName_(), smartCardReader_(), checkCertificateRevocation_(true), tls1_0Workaround_(tls1_0Workaround), disconnectOnCardRemoval_(true) { |
| 25 | contextFlags_ = ISC_REQ_ALLOCATE_MEMORY | | 25 | contextFlags_ = ISC_REQ_ALLOCATE_MEMORY | |
| 26 | ISC_REQ_CONFIDENTIALITY | | 26 | ISC_REQ_CONFIDENTIALITY | |
| 27 | ISC_REQ_EXTENDED_ERROR | | 27 | ISC_REQ_EXTENDED_ERROR | |
| @@ -625,7 +625,9 @@ bool SchannelContext::setClientCertificate(CertificateWithKey::ref certificate) | |||
| 625 | 625 | ||
| 626 | //------------------------------------------------------------------------ | 626 | //------------------------------------------------------------------------ |
| 627 | void SchannelContext::handleCertificateCardRemoved() { | 627 | void SchannelContext::handleCertificateCardRemoved() { |
| 628 | indicateError(boost::make_shared<TLSError>(TLSError::CertificateCardRemoved)); | 628 | if (disconnectOnCardRemoval_) { |
| 629 | indicateError(boost::make_shared<TLSError>(TLSError::CertificateCardRemoved)); | ||
| 630 | } | ||
| 629 | } | 631 | } |
| 630 | 632 | ||
| 631 | //------------------------------------------------------------------------ | 633 | //------------------------------------------------------------------------ |
| @@ -680,5 +682,9 @@ void SchannelContext::setCheckCertificateRevocation(bool b) { | |||
| 680 | checkCertificateRevocation_ = b; | 682 | checkCertificateRevocation_ = b; |
| 681 | } | 683 | } |
| 682 | 684 | ||
| 685 | void SchannelContext::setDisconnectOnCardRemoval(bool b) { | ||
| 686 | disconnectOnCardRemoval_ = b; | ||
| 687 | } | ||
| 688 | |||
| 683 | 689 | ||
| 684 | } | 690 | } |
diff --git a/Swiften/TLS/Schannel/SchannelContext.h b/Swiften/TLS/Schannel/SchannelContext.h index 19cc473..36a3f0c 100644 --- a/Swiften/TLS/Schannel/SchannelContext.h +++ b/Swiften/TLS/Schannel/SchannelContext.h | |||
| @@ -5,7 +5,7 @@ | |||
| 5 | */ | 5 | */ |
| 6 | 6 | ||
| 7 | /* | 7 | /* |
| 8 | * Copyright (c) 2012 Isode Limited. | 8 | * Copyright (c) 2012-2015 Isode Limited. |
| 9 | * All rights reserved. | 9 | * All rights reserved. |
| 10 | * See the COPYING file for more information. | 10 | * See the COPYING file for more information. |
| 11 | */ | 11 | */ |
| @@ -57,6 +57,8 @@ namespace Swift | |||
| 57 | 57 | ||
| 58 | virtual void setCheckCertificateRevocation(bool b); | 58 | virtual void setCheckCertificateRevocation(bool b); |
| 59 | 59 | ||
| 60 | virtual void setDisconnectOnCardRemoval(bool b); | ||
| 61 | |||
| 60 | private: | 62 | private: |
| 61 | void determineStreamSizes(); | 63 | void determineStreamSizes(); |
| 62 | void continueHandshake(const SafeByteArray& data); | 64 | void continueHandshake(const SafeByteArray& data); |
| @@ -105,5 +107,6 @@ namespace Swift | |||
| 105 | boost::shared_ptr<CAPICertificate> userCertificate_; | 107 | boost::shared_ptr<CAPICertificate> userCertificate_; |
| 106 | bool checkCertificateRevocation_; | 108 | bool checkCertificateRevocation_; |
| 107 | bool tls1_0Workaround_; | 109 | bool tls1_0Workaround_; |
| 110 | bool disconnectOnCardRemoval_; | ||
| 108 | }; | 111 | }; |
| 109 | } | 112 | } |
diff --git a/Swiften/TLS/Schannel/SchannelContextFactory.cpp b/Swiften/TLS/Schannel/SchannelContextFactory.cpp index 6e83b0d..c2587c5 100644 --- a/Swiften/TLS/Schannel/SchannelContextFactory.cpp +++ b/Swiften/TLS/Schannel/SchannelContextFactory.cpp | |||
| @@ -15,7 +15,7 @@ | |||
| 15 | 15 | ||
| 16 | namespace Swift { | 16 | namespace Swift { |
| 17 | 17 | ||
| 18 | SchannelContextFactory::SchannelContextFactory() : checkCertificateRevocation(true) { | 18 | SchannelContextFactory::SchannelContextFactory() : checkCertificateRevocation(true), disconnectOnCardRemoval(true) { |
| 19 | } | 19 | } |
| 20 | 20 | ||
| 21 | bool SchannelContextFactory::canCreate() const { | 21 | bool SchannelContextFactory::canCreate() const { |
| @@ -25,6 +25,7 @@ bool SchannelContextFactory::canCreate() const { | |||
| 25 | TLSContext* SchannelContextFactory::createTLSContext(const TLSOptions& tlsOptions) { | 25 | TLSContext* SchannelContextFactory::createTLSContext(const TLSOptions& tlsOptions) { |
| 26 | SchannelContext* context = new SchannelContext(tlsOptions.schannelTLS1_0Workaround); | 26 | SchannelContext* context = new SchannelContext(tlsOptions.schannelTLS1_0Workaround); |
| 27 | context->setCheckCertificateRevocation(checkCertificateRevocation); | 27 | context->setCheckCertificateRevocation(checkCertificateRevocation); |
| 28 | context->setDisconnectOnCardRemoval(disconnectOnCardRemoval); | ||
| 28 | return context; | 29 | return context; |
| 29 | } | 30 | } |
| 30 | 31 | ||
| @@ -32,5 +33,8 @@ void SchannelContextFactory::setCheckCertificateRevocation(bool b) { | |||
| 32 | checkCertificateRevocation = b; | 33 | checkCertificateRevocation = b; |
| 33 | } | 34 | } |
| 34 | 35 | ||
| 36 | void SchannelContextFactory::setDisconnectOnCardRemoval(bool b) { | ||
| 37 | disconnectOnCardRemoval = b; | ||
| 38 | } | ||
| 35 | 39 | ||
| 36 | } | 40 | } |
diff --git a/Swiften/TLS/Schannel/SchannelContextFactory.h b/Swiften/TLS/Schannel/SchannelContextFactory.h index 789d15f..27b7dc9 100644 --- a/Swiften/TLS/Schannel/SchannelContextFactory.h +++ b/Swiften/TLS/Schannel/SchannelContextFactory.h | |||
| @@ -24,7 +24,10 @@ namespace Swift { | |||
| 24 | 24 | ||
| 25 | virtual void setCheckCertificateRevocation(bool b); | 25 | virtual void setCheckCertificateRevocation(bool b); |
| 26 | 26 | ||
| 27 | virtual void setDisconnectOnCardRemoval(bool b); | ||
| 28 | |||
| 27 | public: | 29 | public: |
| 28 | bool checkCertificateRevocation; | 30 | bool checkCertificateRevocation; |
| 31 | bool disconnectOnCardRemoval; | ||
| 29 | }; | 32 | }; |
| 30 | } | 33 | } |
diff --git a/Swiften/TLS/TLSContextFactory.h b/Swiften/TLS/TLSContextFactory.h index 90da4a1..b67c34f 100644 --- a/Swiften/TLS/TLSContextFactory.h +++ b/Swiften/TLS/TLSContextFactory.h | |||
| @@ -20,5 +20,6 @@ namespace Swift { | |||
| 20 | 20 | ||
| 21 | virtual TLSContext* createTLSContext(const TLSOptions& tlsOptions) = 0; | 21 | virtual TLSContext* createTLSContext(const TLSOptions& tlsOptions) = 0; |
| 22 | virtual void setCheckCertificateRevocation(bool b) = 0; | 22 | virtual void setCheckCertificateRevocation(bool b) = 0; |
| 23 | virtual void setDisconnectOnCardRemoval(bool b) = 0; | ||
| 23 | }; | 24 | }; |
| 24 | } | 25 | } |