diff options
Diffstat (limited to 'Swiften')
-rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp | 10 | ||||
-rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContextFactory.h | 3 | ||||
-rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.cpp | 10 | ||||
-rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.h | 5 | ||||
-rw-r--r-- | Swiften/TLS/Schannel/SchannelContextFactory.cpp | 6 | ||||
-rw-r--r-- | Swiften/TLS/Schannel/SchannelContextFactory.h | 3 | ||||
-rw-r--r-- | Swiften/TLS/TLSContextFactory.h | 1 |
7 files changed, 31 insertions, 7 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp index 50f6731..4981170 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010 Isode Limited. + * Copyright (c) 2010-2015 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -20,8 +20,14 @@ TLSContext* OpenSSLContextFactory::createTLSContext(const TLSOptions&) { void OpenSSLContextFactory::setCheckCertificateRevocation(bool check) { if (check) { - assert(false); SWIFT_LOG(warning) << "CRL Checking not supported for OpenSSL" << std::endl; + assert(false); + } +} + +void OpenSSLContextFactory::setDisconnectOnCardRemoval(bool check) { + if (check) { + SWIFT_LOG(warning) << "Smart cards not supported for OpenSSL" << std::endl; } } diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h index bf7f08a..89033ad 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h +++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010 Isode Limited. + * Copyright (c) 2010-2015 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -18,5 +18,6 @@ namespace Swift { // Not supported virtual void setCheckCertificateRevocation(bool b); + virtual void setDisconnectOnCardRemoval(bool b); }; } diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp index 5f230ec..70ff7dd 100644 --- a/Swiften/TLS/Schannel/SchannelContext.cpp +++ b/Swiften/TLS/Schannel/SchannelContext.cpp @@ -21,7 +21,7 @@ namespace Swift { //------------------------------------------------------------------------ -SchannelContext::SchannelContext(bool tls1_0Workaround) : state_(Start), secContext_(0), myCertStore_(NULL), certStoreName_("MY"), certName_(), smartCardReader_(), checkCertificateRevocation_(true), tls1_0Workaround_(tls1_0Workaround) { +SchannelContext::SchannelContext(bool tls1_0Workaround) : state_(Start), secContext_(0), myCertStore_(NULL), certStoreName_("MY"), certName_(), smartCardReader_(), checkCertificateRevocation_(true), tls1_0Workaround_(tls1_0Workaround), disconnectOnCardRemoval_(true) { contextFlags_ = ISC_REQ_ALLOCATE_MEMORY | ISC_REQ_CONFIDENTIALITY | ISC_REQ_EXTENDED_ERROR | @@ -625,7 +625,9 @@ bool SchannelContext::setClientCertificate(CertificateWithKey::ref certificate) //------------------------------------------------------------------------ void SchannelContext::handleCertificateCardRemoved() { - indicateError(boost::make_shared<TLSError>(TLSError::CertificateCardRemoved)); + if (disconnectOnCardRemoval_) { + indicateError(boost::make_shared<TLSError>(TLSError::CertificateCardRemoved)); + } } //------------------------------------------------------------------------ @@ -680,5 +682,9 @@ void SchannelContext::setCheckCertificateRevocation(bool b) { checkCertificateRevocation_ = b; } +void SchannelContext::setDisconnectOnCardRemoval(bool b) { + disconnectOnCardRemoval_ = b; +} + } diff --git a/Swiften/TLS/Schannel/SchannelContext.h b/Swiften/TLS/Schannel/SchannelContext.h index 19cc473..36a3f0c 100644 --- a/Swiften/TLS/Schannel/SchannelContext.h +++ b/Swiften/TLS/Schannel/SchannelContext.h @@ -5,7 +5,7 @@ */ /* - * Copyright (c) 2012 Isode Limited. + * Copyright (c) 2012-2015 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -57,6 +57,8 @@ namespace Swift virtual void setCheckCertificateRevocation(bool b); + virtual void setDisconnectOnCardRemoval(bool b); + private: void determineStreamSizes(); void continueHandshake(const SafeByteArray& data); @@ -105,5 +107,6 @@ namespace Swift boost::shared_ptr<CAPICertificate> userCertificate_; bool checkCertificateRevocation_; bool tls1_0Workaround_; + bool disconnectOnCardRemoval_; }; } diff --git a/Swiften/TLS/Schannel/SchannelContextFactory.cpp b/Swiften/TLS/Schannel/SchannelContextFactory.cpp index 6e83b0d..c2587c5 100644 --- a/Swiften/TLS/Schannel/SchannelContextFactory.cpp +++ b/Swiften/TLS/Schannel/SchannelContextFactory.cpp @@ -15,7 +15,7 @@ namespace Swift { -SchannelContextFactory::SchannelContextFactory() : checkCertificateRevocation(true) { +SchannelContextFactory::SchannelContextFactory() : checkCertificateRevocation(true), disconnectOnCardRemoval(true) { } bool SchannelContextFactory::canCreate() const { @@ -25,6 +25,7 @@ bool SchannelContextFactory::canCreate() const { TLSContext* SchannelContextFactory::createTLSContext(const TLSOptions& tlsOptions) { SchannelContext* context = new SchannelContext(tlsOptions.schannelTLS1_0Workaround); context->setCheckCertificateRevocation(checkCertificateRevocation); + context->setDisconnectOnCardRemoval(disconnectOnCardRemoval); return context; } @@ -32,5 +33,8 @@ void SchannelContextFactory::setCheckCertificateRevocation(bool b) { checkCertificateRevocation = b; } +void SchannelContextFactory::setDisconnectOnCardRemoval(bool b) { + disconnectOnCardRemoval = b; +} } diff --git a/Swiften/TLS/Schannel/SchannelContextFactory.h b/Swiften/TLS/Schannel/SchannelContextFactory.h index 789d15f..27b7dc9 100644 --- a/Swiften/TLS/Schannel/SchannelContextFactory.h +++ b/Swiften/TLS/Schannel/SchannelContextFactory.h @@ -24,7 +24,10 @@ namespace Swift { virtual void setCheckCertificateRevocation(bool b); + virtual void setDisconnectOnCardRemoval(bool b); + public: bool checkCertificateRevocation; + bool disconnectOnCardRemoval; }; } diff --git a/Swiften/TLS/TLSContextFactory.h b/Swiften/TLS/TLSContextFactory.h index 90da4a1..b67c34f 100644 --- a/Swiften/TLS/TLSContextFactory.h +++ b/Swiften/TLS/TLSContextFactory.h @@ -20,5 +20,6 @@ namespace Swift { virtual TLSContext* createTLSContext(const TLSOptions& tlsOptions) = 0; virtual void setCheckCertificateRevocation(bool b) = 0; + virtual void setDisconnectOnCardRemoval(bool b) = 0; }; } |