summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2017-10-13Don't require servers to advertise an SSO domainKevin Smith
This doesn't change the behaviour where domain is advertised, but does mean that SSO can be attempted where the hostname isn't advertised, where previously it would be refused. Test-Information: Light testing (not by me) against M-Link not advertising hostname. I think this is sufficient, given this is an experimental feature, hidden behind a config flag, and this only extends behaviour, rather than changing previously supported paths. (The tested version was with a ternary instead of value_or) Change-Id: I381fe23ab152486b195acff5858bf0a705b86b59
2017-04-04Verify certificates for HTTPS BOSH connectionsTobias Markmann
Test-Information: Tested against a BOSH server with a valid HTTPS certificate and against a BOSH server with an expired HTTPS certificate. Tested on macOS 10.12.3 with Qt 5.5.1. Change-Id: I9989389b271961fc4d66db56198b32715af52ae7
2016-11-28Correctly handle server initiated closing of streamTobias Markmann
If a server closes the XMPP stream, it sends a </stream:stream> tag. The client is supposed to respond with the same tag and then both parties can close the TLS/TCP socket. Previously Swift(-en) would simply ignore </stream:stream> tag if it was not directly followed by a shutdown of the TCP connection. In addition there is now a timeout timer started as soon as Swiften or the server initiates a shutdown. It will close the socket and cleanup the ClientSession if the server does not respond in time or the network is faulty. Refactored some code in ClientSession in the process. Moved ClientSession::State to a C++11 strongly typed enum class. This also fixes issues where duplicated </stream:stream> tags would be send by Swift. Test-Information: Tested against Prosody ba782a093b14 and M-Link 16.3v6-0, which provide ad-hoc commands to end a user session. Previously this was ignored by Swift. Now it correctly responds to the server, detects it as a disconnect and tries to reconnect afterwards. Added unit test for the case where the server closes the session stream. Change-Id: I59dfde3aa6b50dc117f340e5db6b9e58b54b3c60
2016-04-04Modernize code to use C++11 shared_ptr instead of Boost'sTobias Markmann
This change was done by applying the following 'gsed' replacement calls to all source files: 's/\#include <boost\/shared_ptr\.hpp>/\#include <memory>/g' 's/\#include <boost\/enable_shared_from_this\.hpp>/\#include <memory>/g' 's/\#include <boost\/smart_ptr\/make_shared\.hpp>/\#include <memory>/g' 's/\#include <boost\/make_shared\.hpp>/\#include <memory>/g' 's/\#include <boost\/weak_ptr\.hpp>/\#include <memory>/g' 's/boost::make_shared/std::make_shared/g' 's/boost::dynamic_pointer_cast/std::dynamic_pointer_cast/g' 's/boost::shared_ptr/std::shared_ptr/g' 's/boost::weak_ptr/std::weak_ptr/g' 's/boost::enable_shared_from_this/std::enable_shared_from_this/g' The remaining issues have been fixed manually. Test-Information: Code builds on OS X 10.11.4 and unit tests pass. Change-Id: Ia7ae34eab869fb9ad6387a1348426b71ae4acd5f
2016-04-01Modernize code to use C++11 nullptr using clang-tidyTobias Markmann
Run 'clang-tidy -fix -checks=modernize-use-nullptr' on all source code files on OS X. This does not modernize platform specific code on Linux and Windows Test-Information: Code builds and unit tests pass on OS X 10.11.4. Change-Id: Ic43ffeb1b76c1a933a55af03db3c54977f5f60dd
2016-03-31Convert tabs to 4 spaces for all source filesTobias Markmann
Removed trailing spaces and whitespace on empty lines in the process. Changed CheckTabs.py tool to disallow hard tabs in source files. Test-Information: Manually checked 30 random files that the conversion worked as expected. Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
2015-07-08Use GSSAPI when SSO is usedMili Verma
This patch uses the GSSAPI authenticator on Windows if the server advertises it and the client requests it. (The user is not able to request it in the UI yet) Also sends the manual port to the GSSAPI authenticator to construct the SPN if a non-default port is used. Test-information: Tested on Windows using WIP code. Tested both on TLS & without. Unit tests pass. Change-Id: I9a9ad9604fe084d5fb2003b7a91174a9512e2eec
2014-12-15Update Copyright in SwiftenKevin Smith
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
2014-08-21Clean up compilation errors in Swiften due to boost 1.56Kevin Smith
Can no longer implicitly convert boost::optional to bool temporaries. Also fixed assorted uses of cerr where logging was appropriate. Test-Information: Swiften compiles against boost 1.56 (link fails for me so far) Change-Id: Iec058af933a82a987da64291435a475f8b40ef96
2014-04-28Create ToplevelElement to replace Element.Richard Maudsley
Change-Id: I3460f6f4a2ffa9b795080664f49d9138440de72d
2014-03-24Fix SCRAM-SHA-1-PLUS channel binding negotiation code. (Thanks Kim Alvefur)Tobias Markmann
For details see section 6. Channel Binding, point 2 in RFC 5802. Change-Id: If64ebb373ed7d63c8668b03b90b1f5e87be1ab19 License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2013-04-27Removing third-party hash implementations.Remko Tronçon
Using library/platform implementation instead. Change-Id: I2457c2dad80e6fdda023a7f31c3906ff10fe09ed
2013-04-06Make IDN implementation abstract.Remko Tronçon
Change-Id: I4c64f954ddeca7147d729b8be07237baa15c1795
2012-06-18Handle unexpected challenges.Remko Tronçon
Resolves: #1132
2012-05-12Remove peer certificate from APIs.Remko Tronçon
The peer certificate chain contains the peer certificate, so this was redundant.
2012-05-12Show Certificate dialog from certificate error window.Remko Tronçon
2012-04-29Fixed previous commit.Remko Tronçon
2012-04-29Added debug message to double finishSession.Remko Tronçon
2012-04-24Fixed compilation problems on windows.Remko Tronçon
2012-02-28Make Swift more usable in a FIPS-140 environmentKevin Smith
Don't allow DIGEST-MD5 when Windows is set to FIPS mode. Use platform-provided hashing for SHA1.
2011-12-13BOSH Support for SwiftenKevin Smith
This adds support for BOSH to Swiften. It does not expose it to Swift. Release-Notes: Swiften now allows connects over BOSH, if used appropriately.
2011-11-03Quick brush up after previous patch.Kevin Smith
Includes: Initial cleanup of SChannel code; compiling on non-Windows Be willing to compile Swift with SChannel Undo some (presumably accidental) OpenSSL changes Where TLS doesn't support finish messages (SChannel), don't try -PLUS
2011-10-18Use the oldest error when closing streams.Kevin Smith
Stops new errors overwriting cert validation errors and preventing Swift from prompting the user to trust the cert.
2011-09-26Fixed compilation warnings & errors.Remko Tronçon
2011-09-26Allow disabling of 198-acks in SwiftenKevin Smith
2011-09-20Swiften support for requiring TLSKevin Smith
2011-06-03Limit the use of the SafeString type.Remko Tronçon
2011-05-18Introduce safe containers for storing passwords.Remko Tronçon
2011-05-14Ack pending stanzas on logout.Remko Tronçon
Resolves: #877
2011-05-13Removed some explicit new's.Remko Tronçon
2011-05-05Replace ByteArray by typedef.Remko Tronçon
2011-04-30Replace #icnlude "" by #include <> in Swiften.Remko Tronçon
2011-04-18Added XEP-0237 Roster Versioning support.Remko Tronçon
Resolves: #803 Release-Notes: Added support for XEP-0237 Roster Versioning
2011-03-01Some more Sluift enhancements.Remko Tronçon
2011-02-26Added an option to not use stream compression.Remko Tronçon
2011-02-14Removed Swift::String.Remko Tronçon
2011-02-06Only assume we are logged in when we have bound our resource.Remko Tronçon
Resolves: #758
2011-01-22Close connection properly before quitting.Remko Tronçon
2011-01-22Renaming SessionStream::onError to SessionStream::onClosed.Remko Tronçon
2010-12-11Added SCRAM-SHA-1-PLUS support.Remko Tronçon
Release-Notes: Swift now supports SCRAM-SHA-1-PLUS authentication.
2010-12-10Added TLS channel binding support to SCRAMSHA1ClientAuthenticator.Remko Tronçon
2010-12-09Handle stream errors in client session.Remko Tronçon
2010-12-05Added plumbing for persistent certificate trust checking.Remko Tronçon
2010-11-11Added server identity check.Remko Tronçon
2010-11-07Refactoring certificates & certificate checking.Remko Tronçon
2010-11-07Added security error handling to Swiften.Remko Tronçon
2010-10-07Fix crashes on disconnect during connect.Remko Tronçon
Resolves: #588
2010-09-11Fixed some memory leaks.Remko Tronçon
2010-09-03Establish stream management after resource bind.Remko Tronçon
2010-08-29Added stanza acking support to client.Remko Tronçon