Age | Commit message (Collapse) | Author |
|
Extend getPeerCertificateChain so that it uses the correct SSL
methods for Server and Client mode contexts, i.e.
SSL_get_peer_certificate as well as get_peer_cert_chain
when this is a server-mode context.
Tidy up error message logged on certificate verification
failure.
Always return "1" from verifyCallback; check result
of certificate verification by a call to
getPeerCertificateVerificationError() once the
TLS session is established.
JIRA: LINK-1814
Bug:
Release-notes:
Manual:
Change-Id: Ica1d90998187ec5ce2584d48bd6fbfb8f9a667c9
Test-information:
|
|
There are cases where users of this method forget to
free the pointer. This is now avoided by returning a
unique_ptr.
Test-Information:
All existing unit and integration tests, i.e. `./scons
test=all` pass.
Change-Id: I10a88c3361823074d81db7af8cec1bd70c409995
|
|
Add a new (optional) field to TLSContext, which allows a vector
of Trust Anchor certificates to be specified.
Inside OpenSSLContext::configure, pass the X509 components of
these certificates into the OpenSSL context: these are now
available for client certificate verification in any callback
method set via TLSOptions.verifyCertificateCallback.
JIRA: LINK-1765
Test-information:
Tested via MLink unit tests. No leaks reported.
Change-Id: Ie9cc2051ee212249a12a4bc71b62306b5bce3013
|
|
Remove increment of reference count on first certificate added
to a new SSL context - the call to SSL_CTX_use_certificate does
this internally. When adding extra certificates to the context
via calls to SSL_CTX_add_extra_certificate, the explicit
increment of the reference count is still required to prevent
destruction of the certificates when the SSL context is freed.
In OpenSSLContext::setPrivateKey, make sure the EVP_PKEY returned
by PEM_read_bio_PrivateKey is tidied up, by wrapping it in a
shared_ptr which calls EVP_PKEY_free.
Add a new Unit test which creates an SSL context and inserts a
multi-element certificate chain and a private key.
JIRA: SWIFT-423
Bug:
Release-notes:
Manual:
Change-Id: I82c66139a9dfe7a925eb39f73721200895a689e2
Test-information:
Leak testing performed via ASAN-compiled MLink unit tests -
now no leaks/errors reported associated with TLS Contexts and
Certificates. Swiften unit test runs as expected.
|
|
DomainJID consisting of only numbers is not treated as valid.
Test-information:
Unit tests pass on Windows 10 and Ubuntu 18.04.1 LTS.
Change-Id: If23ba8b8ea2a3c72d6f6e3acec4f587166c14e61
|
|
Test-information:
Unit tests pass on Windows 10 and Ubuntu 18.04.1 LTS.
Change-Id: Icea837d91f28f47f7b0a90bc620b26c5567c8421
|
|
XML (Expat/LibXML) parsing modified to process prefix information.
Prefixes for attributes stored within attributes.
Prefixes for elements passed in additional callback
(only if prefix present).
Test-information:
Unit tests pass on Windows 10 and Ubuntu 18.04.1 LTS.
Change-Id: Ib6b5087feed758c31895f426df6a3c7ea975f248
|
|
Actual implementation is in OpenSSL subclass. This allows a permanent
vector of shared certificates to be used when creating multiple OpenSSL
contexts. This replaces the existing use of a vector of unique pointers
to certificates which handed over responsibility for the underlying
OpenSSL certs to the OpenSSL context. To enable this to work, a
new method is added to the OpenSSLCertificate class which enables
the reference count on the the contained OpenSSL certificate to
be incremented - this stops the OpenSSL certificate being deleted
when the OpenSSL context is freed.
Use of conditional compilation was necessary to get the reference
counting to build with the different versions of OpenSSL in use.
Modify the method in OpenSSLCertificateFactory (and stub in CertificateFactory)
which generates a vector of certificates, so that it generates a vector
of shared_ptrs rather than unique_ptrs.
Add test of CreateCertificateChain to Swiften CertificateTest
class, together with sample certificate file in PEM form.
JIRA: LINK-1763
Bug:
Release-notes:
Manual:
Test-information:
Tested via development version of Mystique - created multiple
TLS sessions using single certificate chain.
Swift unit tests now build and run again.
New Swiften TLS unit test builds and runs.
Change-Id: I7fa4888b640c94b68712a6bff1f7aa334a358df2
|
|
Test-Information:
Tested that it does not request input from user anymore.
Change-Id: I85d231dab20e124f4ee8a9575a1b0422d216abe0
|
|
Test-Information:
Tested on Windows with OpenSSL that this fixes the
compilation issue.
Change-Id: I01887c8eb758a6c1c208244cdae32aa9c0a99565
|
|
According to RFC 6120 if any disallowed XML feature is encountered,
we should close the stream with a <restricted-xml/>. The following
features of XML are prohibited in XMPP:
- processing instructions
- internal or external DTD subsets
- internal or external entity references
- comments
Test-information:
Unit tests pass on Windows 10 and Ubuntu 18.04.1 LTS
Change-Id: I475920c91b7f9da51ab37c106a4783a52f6e3cae
|
|
Adds TLSOptions to the OpenSSLContext, which invokes a new private
'configure' method which allows various OpenSSL options to be set.
Also add standard verification callbacks and external (via a
std::function field in TLSOptions) to allow the user
to specify their own method which will perform client certificate
checking when a new TLS connection is accepted. Only set up
the internal verifyCertCallback if the user-supplied hook is set.
All callback hooks are set up in the 'configure' method, and only
then if TLSOptions.verifyMode is present (i.e. not defaulted
to boost::none), to preserve compatibility for users of
this class (e.g. Swift) which want to use OpenSSL's own
internal validation functions rather than setting the
callbacks.
Test-information:
Used new code under development in M-Link when setting up a TLSContext,
setting verify-mode=require, and set up verifyCertCallback with a local
method. Making a client TLS connection which includes a client
certificate results in the local verify callback being invoked.
Change-Id: Idbb7279e1711fca8123f430bfca0dcfb65bc8da6
|
|
Test-Information:
Tested successfully on macOS 10.14.6 and Debian 9.
Change-Id: I341589b6e92e9d16b53ea247d0b91ac1a0639f66
|
|
Thanks Miroslaw Stein.
Test-Information:
After running BuildTools/InstallSwiftDependencies.sh
Swift builds fine on KDE Neon User Edition 5.16.
Change-Id: I05c074051aaecfdaf2352308285bcfaeaa4d8c2c
|
|
Test-Information:
None yet.
Change-Id: Ia5b570c918b8059561b52062e8d43496f188ee4a
|
|
Prior to calling handleStartElement, the ParserClient
handleNamespaceDeclaration will fire for each namespace declared on the
element.
Test-Information:
Unit tests pass on Debian 9 for both expat and libxml2
Change-Id: Ic42e83aee83edfbb2aa5c971997808eb6e133223
|
|
When creating a JID we were not checking if a
domain part is a valid IPv4, IPv6 addresses. We were
only checking if the domain is correct according to
internationalized domain name rules which was failing
for IPv6 addresses.
Test-Information:
Unit tests pass on Windows 10 and Ubuntu 18.04.1 LTS
Change-Id: Ia1b67089f6edfdc6a0ebf2d26a7eaab9ce8171c0
|
|
XML parse now takes an optional boolean that will signal that with the
data that is fed into the parser, the document should now be complete.
This will allow the parser to reject partial documents.
Test-Information:
Updated unit tests pass.
Checked that default behaviour wasn't changed.
Tested with various partial and complete documents.
Change-Id: Ide7c2e47c49d5667f1febcb23da366e96d0dbc21
|
|
macOS 10.14 started to deprecate some old Cocoa API.
This replaces use of the deprecated API with newer Cocoa
API.
Test-Information:
Still builds fine on macOS 10.14.3. Verified that Slimber
still works as expected.
Change-Id: Id772af58b3fd233ecf829b80eca59815184a6113
|
|
libSwiften should not ship with any main symbol. While
it is not harmful directly it bloats the library and
prevents a main symbol free library, which is useful
in some cases.
Test-Information:
All unit and integration tests pass on macOS 10.14.3.
Change-Id: Idf2294ebef04acacc8f1f95d2be58b3f96409ebb
|
|
Change-Id: I4ee9b2e6d9c8c224e428f9fa06a74315872603ef
|
|
This patch will setup Docker containers to build the source and Debian
packages. The script will use the private key under gpg-keys folder to
sign the Debian packages. If the folder is not there or doesn’t exist
then the build will fail. Keys are expected to be in .asc format,
unencrypted and not password protected.
Added .dockerignore file to avoid copying the cache files to the
container. The output is stored in out/ folder and the folder structure
is ready for update_debian_repo.sh script.
SWIFT_PACKAGE_PLATFORMS defines the platforms that it will be build for.
Default values are: ubuntu:bionic ubuntu:cosmic debian:stretch
debian:sid.
DOCKERRUNEXTRAFLAGS variable can set additional flags for Docker
builders. Currently is set to --privileged to avoid an issue during
build with Qt5.11.1 https://bugreports.qt.io/browse/QTBUG-64490.
Updated the Debian repo scripts to new distributions and Docker changes.
Test-Information:
Run the script and created source & binaries for all the distributions.
Verified that changelog, compact, control, copyright, rules and
source/format exist under the Debian folder when building the Debian
package. Created tags and generated dev builds, rc builds, and release
builds to test the output of the different release channels.
Created a container, tested the Swift and Swiften packages, and the
installations:
Tested the following debs with piuparts in a docker container of the
system they are build for. No errors raised and a few warnings related
with chroot (which fails within a docker container)
*libswiften-dev-dbgsym*.deb,
*libswiften-dev_*.deb
*libswiften5-dbgsym_*.deb
*libswiften5_*.deb
*swift-im-dbgsym_*.deb
*swift-im_*.deb
Installed the above packages and verified the install with swift-im
–version, headers exist in /usr/include/Swiften/ and libSwiften.so under
/usr/lib/. Verified the gpg signatures on the .changes and .buildinfo
files. Tested the output with the update_debian_repo.sh and the import
was successful.
Verified the .changes and .buildinfo files with lintion which reported
the following errors and warnings (there are differences between
different channels release, beta, development):
E: swift-im changes: bad-distribution-in-changes-file development
E: swift-im changes: multiple-distributions-in-changes-file beta development
W: libswiften5: new-package-should-close-itp-bug
W: libswiften-dev: new-package-should-close-itp-bug
W: swift-im: new-package-should-close-itp-bug
Tested that the man page exists after installing in a docker container
(ubuntu xenial, debian stetch, debian sid).
Change-Id: Ic28d2731bbca34716645e76e7e7e7e8183dea4f8
|
|
This patch will fix an issue that occurs when generating the man pages
for swift-im. The man page is generated from the Swiften library using
help2man. The issue occurs when the library cannot be found during build
time and help2man is generating a man page with the output of that
error, ignoring the return error code from swift-im. To avoid this
happening in future builds, swift-im --help is run before generating the
page and checked if the execution was successful. If yes we proceed with
the generation, if not we stop the build and throw an error.
swiften-config man page generation was not affected by this issue.
Test-Information:
Build with ubuntu 18.04 on a machine that hasn’t got Swift or Swiften
installed. Build the Debian package for Debian stretch with pbuilder,
and installed on a clean docker container (Debian stretch). Repeated the
test with Debian sid but with packages build from docker containers.
Change-Id: Icf8a84ba7f4810c87e5835e5ac1a91d1324ddac8
|
|
Test-Information:
Without these fixes, the build of a Windows MSI package
is not possible on Windows Server 2012. This is due to
the fact that on Windows you must force UTF8 coding
on file open as it defaults to Windows specific codec
for everything.
Tested by building a Windows MSI package on Windows
Server 2012.
Change-Id: I32664824188775f5ba27d9644fbbf33bf7094dfa
|
|
On Windows the preferred encoding is cp1252, which makes
zero sense for text files. This change will force it
to UTF-8, which is a sensible choice that works best.
Test-Information:
Build now works on Windows 2012 with MSVC 2015 32bit,
with test=unit.
Change-Id: I3324d41fe33df98cdd5b90e0712f741f401176c3
|
|
Test-Information:
Unit tests pass on Debian 9
Change-Id: I60f95816cfa48a619f83daac1d88e229bbe228ed
|
|
Test-Information:
Compiles
Change-Id: I5bfbf270524a1a31c9105f108f47f64eb95276d1
|
|
As of Boost 1.69.0, boost/detail/endian.h is deprecated in favour of
boost/predef/other/endian.h, and BOOST_(LITTLE|BIG)_ENDIAN by
BOOST_ENDIAN_(LITTLE|BIG)_BYTE.
Test-Information:
Unit tests pass on Debian 9
Change-Id: If7076c559a4e35219ff97603f50b80cfbe05b29b
|
|
In boost 1.68.0 the conversion is implicit, but in 1.69.0 it's
explicit and we must explicitly call it.
Change-Id: I24eb78be7510c89b88342d28c539cad4977f99fd
|
|
The merge of 4.x changes onto master introduced changes to Pyhon scripts
that weren't compatible with Python 3.
The Version.py script is now compatible with both Python 2 and Python 3,
and a slightly underimplemented test has been expanded to actually live
up to its name. getGitBuildVersion has been refactored completely. It
has been simplified to require only one invocation of git describe, unit
tests for the parsing have been added, and a way to call
getGitBuildVersion from the commandline has been added to Version.py (to
avoid adding a unit test that would call out to an external tool).
DocBook.py has been made compatible with Python3, and some additional
logic to prevent emitting b'path/to/docbook/xml' instead of the desired
'path/to/docbook/xml' has been added.
Generation of COPYING in Swift/QtUI now uses the upstream version
provided with SCons 3, and our custom version has been removed.
Unused code in the SwiftenDevelopersGuide SConscript with invalid
regular expressions has been removed, and the remaining regular
expressions in SConscripts have been fixed.
Test-Information
Code has been tested on macOS 10.14.
Scons now completes a build on a clean tree using either Python 2 or
Python 3. Running it on a previouly built tree works with either, as
well, mixing versions between invocations is not an issue.
Swift unit tests pass with Python 3.7.0.
Version.py unit tests pass with Python 2.7.15 and 3.7.0.
Running with doc=1 works with both Python 2 and Python 3, even
if the docbook points to a path with unicode characters in it.
Resulting COPYING file has been verified both visually and against a
Python2 generated one on master.
Resulting XML files for documentation have been inspected.
Resulting manual HTML and PDF files have been inspected.
Change-Id: I54de909d80b8e35a8c351261ae10ce3537729c84
|
|
The previous code only worked with 1.1.0j or older.
Now the code works with 1.1.0j and OpenSSL 1.1.1.
Adjusted ClientServerTest to be more graceful in case
of errors, i.e. failing tests instead of crashing.
Test-Information:
Tested that without the changes, the tests pass with
OpenSSL 1.1.0j and test fail or crash with OpenSSL
1.1.1 and OpenSSL 1.1.1a.
Tested that with the changes, the tests pass with OpenSSL
1.1.0j, OpenSSL 1.1.1, and OpenSSL 1.1.1a.
Tested on macOS 10.14.2 with system clang.
Change-Id: Ic63774049727f6d949153166f63a8545e9a24892
|
|
OpenSSL TLS contexts assume ownership of any additional certificate
passed into it. The CertificateFactory now returns a vector of
unique_ptrs, and OpenSSLContext will do the needful with releasing
ownership at the right moment.
A unit test has been added that uses a chained certificate in
client/server context. Before the fix, this test would either fail, or
result in a segmentation fault, depending on the mood of OpenSSL.
Test-Information:
Unit tests pass on Debian 9
Ran manual tests with server test code, tested both chained and single
certificates, and no longer observed crashes when accepting a
connection.
Change-Id: I21814969e45c7d77e9a1af14f2c958c4c0311cd0
|
|
Without this you could not pass through Google Test flags
down, because they would be used as CppUnit test names
and exit the tool early as the test do not exit.
Test-Information:
Verified that flags are passed along. This allows to
filter specific Google Test test cases. Running checker
without parameters still works.
Tested that things build on Debian 9.6.
Change-Id: I4d4b97a84e2baf81a25cc2f9641c6e49594c0044
|
|
* branch 'swift-4.x':
Update for Debian
Don't crash on missing bookmark result
Add missing include for QAbstractItemModel
Update Debian changelog
Fix convertToWindowsVersion() function to handle more RCs
Fix error response handling when requesting VCards
Test-Information:
./scons test=all succeeded on macOS 10.14.2.
Change-Id: I99d20a8b0e1b0be501fbbe95adebbff15f510184
|
|
TLSError now takes an optional error message. OpenSSLContext has been
updated to send out one, and calls to SWIFT_LOG have been removed from
it for anything but setCertificateChain.
OpenSSLContext::handleDataFromApplication misinterpreted the return code
of SSL_write, triggering an onError in cases where more network I/O was
required.
Test-Information:
Unit tests pass on Debian 9
Server test code no longer emits undesirable warnings to stderr on macOS
10.14.
Change-Id: If0f932693361ef9738ae50d5445bfb4d3ed9b28f
|
|
Fix UTF-8 handling issues in
BuildTools/SCons/Tools/textfile.py .
Test-Information:
Tested that ./scons test=unit Swift works on Debain
Unstable (sid) and macOS 10.14.2. Tested that
build_for_debian.sh runs successfully on latest Debian
Unstable (sid).
Change-Id: I29d8c97ce3b4eb3e4fd680bdc814fb0c911262ff
|
|
Test-Information:
Before the patch, boom, after the patch, no boom.
(No boom today. Boom tomorrow. There's always a boom tomorrow)
Change-Id: Id454d7b0d0cd05774d0f1ee0b3cb77057371c459
|
|
Swiften handles roster push event notifications, but those were
not passed to Sluift, so a Sluift client, when querying events,
would not be aware if an XMPP server roster pushes.
This patch adds extra events types to Sluift so that method
for_each_event reports roster pushes notifications.
Test-information:
Used sluift client to retrieve all items after adding, removing and
updating roster items, and now Sluift clients can see these events.
Change-Id: Ide5597bf2b39e3cc20014c66ba9153c551eec670
|
|
A numeric cast was added to the call to HMAC that doesn't belong there,
this commit reverts that.
Test-Information:
Unit tests pass on macOS 10.14 and Debian 9
Change-Id: I8deb568f7bff4d401fc6dd6de21edf7f061ebd59
|
|
Test-Information:
Added unit tests
Change-Id: I405d9e9c2b64c4953ca0cec8f6481b695c15e30f
|
|
We can't target 10.5 any more with the latest xcode, so instead
of thinking too much about the right thing, just bump to 10.6
for the moment.
Test-Information:
Builds again on Mojave
Change-Id: I3975a3ce0c8246ba4dabb0f86390060c4c4a1972
|
|
The filetransfer blockSize is now an unsigned integer, as 0 could be
used to denote an invalid block size as well (and indeed, already
indicated that better than -1 did).
All use of numeric_cast in filetransfer code has been fixed to deal with
the possibility of thrown exceptions.
Test-Information:
Unit tests pass on macOS and Debian
Change-Id: I1833d553bae071238be20ebc386ef602effb78b0
|
|
The two uses of numeric_casts have been rewritten as static casts, with
asserts to guarantee (and inform the developer) that the number is never
negative (code inspection showed that this should never be the case).
Test-Information:
Unit tests pass on macOS and Debian
Change-Id: I3ca63724721ecd8e351d9017e0975b6ae326f85f
|
|
Generation of TXT records might fail if any of the fields is too long,
so the result is now an optional (pending Expected). Callsites have been
updated to deal with this.
Three potentially uncaught exceptions in the Bonjour implementation have
been addressed.
Test-Information:
Unit tests pass on macOS 10.14 and Debian 9
Change-Id: Iec02c4606a18eee855362fd3c3d15614a9e72547
|
|
Exceptions thrown by boost::numeric_cast are now caught and an assert
explicitly triggered.
Test-Information:
Unit tests pass on macOS 10.13
Change-Id: I9a1cbe5ae2765e4275bf35473a871ef8468fd729
|
|
Apart from QtUI bits, this addresses use of uncaught numeric cast
exceptions in message count handling, the spell parser and the MacOS
idle querier.
The WindowsServicePrincipalName logic previously had an issue where
using ports from 32768 onwards would result in a bad_numeric_cast
exception to be thrown. This has been addressed at the same time as the
uncaught exceptions, and all ports should work now.
The tags file has been extended to ignore more files.
Change-Id: I73ced35f06517bee5c58f990d20fa437b40ac84e
|
|
The stanza ack code now uses a constexpr without numeric cast to
calculate the maximum, and test code uses the constant UINT32_MAX from
limits, both of which should result in the same number.
Test-Information:
Unit tests pass on macOS 10.14
Change-Id: Iba8fc779e52699d480d1ce458df0c6581a16ad06
|
|
Test-Information:
Unit tests pass on Debian 9 and macOS 10.14
Change-Id: I7881249c68a294679a6a9d0f6bef65cad5034687
|
|
The code has been updated to use asserts where a sensible recovery path
was deemed impossible, and a conditional return for parse. In general,
our XML parsing will fail for any single parse of a document over
roughly 2 2GiB, which is probably not going to be a practical issue soon.
Test-Information:
Unit tests pass on macOS 10.13 using Expat and Debian 9 using LibXML
Change-Id: I3a8da802860028ea278b322af081c2b22b55a442
|
|
The NAT-PMP RFC specifies lifetime as an unsigned, 32 bit integer, so
using this internally makes sense. This also removes the need for casts
in interface code.
A slight bug in the NATPMPInterface implementation to remove a mapping
has been addressed.
Test-Information:
Unit tests pass on macOS 10.13
Change-Id: I06687fd2735a8706f339f85d6c957ad7aadaaf02
|