summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2015-11-10Add support for client certificate authentication in BOSHTobias Markmann
This allows to authenticate using SASL EXTERNAL over BOSH using a client TLS certificate for the HTTPS connection of the BOSH channel. The implementation also enforces the HTTPS server certificate of subsequent BOSH connections not to change. This commit also removes TLSConnection and TLSConnectionFactory as no code is using them. Test-Information: Tested against M-Link 16.3v6-0 on Debian 7.9 and Swift on OS X 10.10.5. Verified working client certificate authentication. Verified Swift not falling back to password-based authentication, in case EXTERNAL is not allowed by the server over BOSH or the client certificate is invalid. Change-Id: Ia96bcac27cac9fc9261ed847c82c6328307bfbd1
2015-11-04Fix swiften handling when client certificate is missingGurmeen Bindra
This patch prevents SWIFTEN from logging in if provided with a missing PKCS12 file. Before this patch, swiften would attempt a password based login using operator JID and pwd of the P12 file when the P12 file was missing. This patch fixes it by checking the certificate and not initialising session stream and connection if the certificate is empty. It emits a disconnect with client certificate load error. The string for certificate load error has been modified to indicate a file or password invalid. Test-information: Tested by doing a certificate based bind to an XMPP server. Removed the PKCS#12 file and checked that swift gave a certificate error instead of doing pwd connect Change-Id: I1869a13f1f7135b6606f7383cd4a0356ffd6931b
2015-10-30Fix issues with HTTPTrafficFilter for HTTP proxy / BOSH usageTobias Markmann
This patch fixes the code to handle HTTP/1.0 proxies which do not keep the connection alive after a single request. If a HTTPTrafficFilter returns a new header reply, the HTTP CONNECT proxy code will issue the request over a new connection. The final connection is kept alive, as it used for the persistent connection forwarding. In addition, the response status line is now passed to the HTTPTrafficFilter handling method to provide ability to act upon the response status code. Missing passthrough of the HTTPTrafficFilter object the down the stack to the HTTPConnectProxiedConnection is added. Test-Information: Added a unit test following an NTLM HTTP proxy authentication with a static HTTPTrafficFilter. This and other unit tests still pass. Change-Id: Ida0d1aec08a60f10c1480e1eecaecbd3f87b0dca
2015-10-16Mark removed contacts as unavailable in SwiftTobias Markmann
When removing a contact, a XMPP client will not receive an explicit unavailable presence stanza for the contact from the server. Because of that Swift used to show removed contacts still with their old presence in the Chats tab or the chat view. With this patch, the PresenceOracle will flush all known presence of a contact as soon as the JID is removed from the roster. An unavailable presence will stored under the removed bare JID and is emitted via the PresenceOracle::onPresenceChange signal. Test-Information: Added a unit test verifying this behavior. Tested the behavior with two scenarios: a) Account A and B adding each other and accepting the subscription request. Starting a chat between A and B. After removing B in A's account, B used to be shown as available in the chat view and the Chats tab. With this patch B is shown as unavailable. b) Account A and B adding each other and accepting the subscription request. A removing B, and B removing A. After A adds B again, B used to be shown with the old presence even before B accepted the subscription request. This behavior is also fixed with this patch, not showing B as online until B accepted the subscription request. Change-Id: Iba97d3bedd0ac962ea00b25a0d2ed6106ed55a55
2015-09-18Fix notification logic for signals in BlockListImplTobias Markmann
The logic for calling onItemAdded and onItemRemoved signals when setting a new list of block items using BlockListImpl::setItems used to be broken. This commit fixes and documents the correct signal notification behavior Test-Information: Added a unit test which verifies the notification behavior in case of added block list items, removed block list items and a complete change of the block list. Change-Id: I3061545e25ddfc2d9d1a3c987045a58e5c9230ac
2015-07-21Explicitly disconnect from remaining resources in destructorsTobias Markmann
Explicitly disconnect from remaining resources in the ChainedConnected and ClientSessionStanzaChannel destructors, so the event loop will not call the signal handler methods on a freed object. Test-Information: Repeating the test case of creating a Swift::Client instance, connecting it and then deleting it after a random time below one second. On Mac OS X 10.9.5 running this test case causes two ASAN heap-use-after-free errors and with this patch the errors are gone. Change-Id: I3e48150c3633f4076ca9172aad9e85ba389df950
2015-07-20Do not reallocate FileTransferManager on connect of Clientswift-3.0beta2Tobias Markmann
Now Client allocates a FileTransferManager in its ctor and frees it in its dtor, like all the other resources of the Client class. This fixes an ASAN crash in the use case where you do a file transfer, go offline and online again and try to start another file transfer. Test-Information: Tested that the mentioned use case does not crash anymore, that file transfers still work, and that FileTransferTest still passes. Change-Id: Iddbcd8522af7df528bdc2b030fe616ad3f0c4701
2015-07-08Use GSSAPI when SSO is usedMili Verma
This patch uses the GSSAPI authenticator on Windows if the server advertises it and the client requests it. (The user is not able to request it in the UI yet) Also sends the manual port to the GSSAPI authenticator to construct the SPN if a non-default port is used. Test-information: Tested on Windows using WIP code. Tested both on TLS & without. Unit tests pass. Change-Id: I9a9ad9604fe084d5fb2003b7a91174a9512e2eec
2015-06-29Pass an optional error codeMili Verma
This patch creates and passes on an optional boost::system::error_code variable which contains more error info which can be displayed in case of an error. Test-information: Tested using WIP code on Windows. Change-Id: I285b8aec5e9c00d3a8e0d8cc0d5e7b4c5d94c099
2015-06-18Only delete HistoryStorage if building with experimental featuresTobias Markmann
Clang raises a warning in non-experimental builds because the full type of HistoryStorage is not known and it tries to delete an instance (even though a null ptr) in the dtor. Test-Information: Tested on OS X 10.9.5 with Clang (Apple LLVM version 6.0). Change-Id: I8a06890967427af21e11e077e9ac59b67bdb810c
2015-06-14Fix Swiften DLL building on WindowsTobias Markmann
Template classes cannot have SWIFTEN_API annotations as with annotation code for instantiations of the template are expected to be in the DLL which cannot be guaranteed for any user type. With the complete implementation in available in the header it is not needed because 3rdParty Swiften users can instantiate an implementation as needed. This also conditionally includes SQLiteHistoryStorage.h conditionally in MemoryStorages.cpp, as otherwise the linker will expect an implementation of SQLiteHistoryStorage in the DLL. However, it is only built into the DLL if experimental features are turned on. Test-Information: Tested with experimental=on/off and swiften_dll=on/off. Change-Id: Ieec85675c167ec34cffd4745ac854a5949fb2037
2015-06-10Add ability to limit SChannel to TLS 1.0Kevin Smith
Some servers have very restrictive TLS stacks that respond badly to a bug in the SChannel TLS implementation, meaning that TLS has to be limited to 1.0. Add ClientOptions.tlsOptions. This is a method of passing options into the TLS stack. It's currently only used for the TLS 1.0 workaround in SChannel, but we might reasonably expose other options in the future, such as limiting cypher suites. Disables use of SSLv3 for SChannel Also updates the coding style in SchannelContext a bit. Test-Information: Compiles on both OS X and Windows(SChannel). OS X doesn't show the new option. Windows shows it, and remembers it between logins. Not tested against a server requiring 1.0 only, but a previous hack with the same approach was tested. Change-Id: I1e7854d43811fd173f21f98d4dc3915fc7a4b322
2015-06-08Add missing SWIFTEN_API annotations to public Swiften APITobias Markmann
Test-Information: Tested build on Windows 8 with VS 2014 and ran unit tests. Change-Id: I3d8096df4801be6901f22564e36eecba0e7310c4
2015-03-16Add ability to modify HTTP CONNECT proxy initializationTobias Markmann
This patch adds HTTPTrafficFilter and integrates it into HTTPConnectProxiedConnection. This allows the HTTP CONNECT proxy initialization process to be customized. Test-Information: Added a unit test that verifies the new functionality. Change-Id: I0b93c319fb205487b8be65717276cd0dd38851a3
2015-02-11Support domain names in S5B proxy <streamhost> tags.Tobias Markmann
S5BProxyManager now resolves DNS names of proxy entries discovered via service discovery. Test-Information: Tested against a XMPP installation that uses domain names in proxy entires. Change-Id: I728243333ec6e62e86f088f2a7b6e222c629757b
2015-02-09Fix memory leaks reported by LSANTobias Markmann
Qt models are not owned by their widgets. They must be deleted manually or a parent has to be specified for them which will take care of deletion. The same goes for delegates and their views. Test-Information: Tested with Clang's leak sanitizer (part of address sanitizer). The leak reports for the respective lines are gone with this fix. Change-Id: Ia7407cb20ae9e4ccc2e1cf48c88877c2f87352e1
2014-12-15Update Copyright in SwiftenKevin Smith
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
2014-11-17Add missing include gueards.Tobias Markmann
Test-Information: No testing required. Change-Id: I1411ba4dd555613beed43d864f025dde41f940db
2014-10-01Port many of Isode's local fixes upstreamKevin Smith
Includes fixes to: Build with new Visual Studio and Boost Avoid error caused when Avahi is present but Qt is not Make declaration of XMPPRosterImpl::addContact consistent with implementation Includes enhancements to: Allow user-configurable mt.exe Allow splitting openssl paths Allow disabling gconf lookup Make idn support optional Allow disabling various library detections Remove use of non-Python2.4 features in sconscripts Test-Information: Builds Change-Id: Iee91ee80291a8bdf87cc169c915e4dad1cc1055b
2014-09-18Only allocate BlockResponder and UnblockResponder once. Fixes ASANTobias Markmann
heap-used-after-free report. Tested via ASAN, report gone after applying this change. It previously occured during machine sleep/resume or logout/login. Change-Id: I8af6a3c290457a4a98f94486a225f9dfb92ca885 License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2014-08-21Clean up compilation errors in Swiften due to boost 1.56Kevin Smith
Can no longer implicitly convert boost::optional to bool temporaries. Also fixed assorted uses of cerr where logging was appropriate. Test-Information: Swiften compiles against boost 1.56 (link fails for me so far) Change-Id: Iec058af933a82a987da64291435a475f8b40ef96
2014-08-10Fix blocklist not being requested on reconnect.Richard Maudsley
Test-Information: Connect client and confirm that blocklist is requested only once. Reconnect client and confirm that blocklist is requested again. Change-Id: Iebf38c9f3c1ff9749c239b6cf785feb7a539a9b1
2014-05-18Replace accidental cerr with SWIFT_LOGKevin Smith
Change-Id: I1801265c1b65eacf97e1cd3c69bedeef63cca898
2014-05-18Fix copy paste errorRemko Tronçon
Change-Id: I4d9ecc462d90821d3232f583e2e3ebea6a9eed74
2014-05-18Fix uninitialized variablesRemko Tronçon
Change-Id: I95b6b67dcafe338561d3dfb28664bc3bba6d1159
2014-04-28Create ToplevelElement to replace Element.Richard Maudsley
Change-Id: I3460f6f4a2ffa9b795080664f49d9138440de72d
2014-03-24Fix SCRAM-SHA-1-PLUS channel binding negotiation code. (Thanks Kim Alvefur)Tobias Markmann
For details see section 6. Channel Binding, point 2 in RFC 5802. Change-Id: If64ebb373ed7d63c8668b03b90b1f5e87be1ab19 License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2014-03-22Move hardcoded XMPP SRV information from Connector into CoreClientNick Hudson
The Connector class had "_xmpp-client._tcp." hard-coded in it, which meant that it was not suitable for non-XMPP clients. This change means that the Connector can now be used by clients who are interested in arbitrary SRV records; the CoreClient class is updated accordingly. Test-information: Built and ran Swift - seems to work as expected Ran unit-tests ("scons test=unit") - reports OK Change-Id: I0fea9aa90f5d1d5e3a4b90f3362b663fe9d8e207
2014-03-21Disconnect ClientXMLTracer signals at destruction timeRemko Tronçon
This fixes a crash when disabling the XML tracer. Change-Id: Id26255610e71809901409e42d5a61b18e502d8f6
2014-02-13Fix clang warningsRemko Tronçon
Change-Id: I7cd26f00f626b64da934e9f5594db393d6184b9c
2013-09-17Don't use implicit bool conversion on shared_ptrRemko Tronçon
C++11 doesn't have implicit conversion to bool on shared_ptr. The cleanest fix is to compare against nullptr, but this only works on C++11. Change-Id: Ia2b4b5d90f99aa24c4f3bdf0d680343754e32ec2
2013-08-27PubSub implementation & Sluift refactoring.Remko Tronçon
Change-Id: I04ff7111b73565c00bff6db183451774a633344f
2013-08-15Make (Core)Component constructor consistent with (Core)Client.Remko Tronçon
Change-Id: I268e15b6fbf54d9b188a699d26d2bb1042174f5f
2013-05-11File Transfer refactoring.Remko Tronçon
Allocate S5B server lazily. Forward forts lazily. Various state machine fixes. Temporarily disabling S5B proxy support. Change-Id: I3145e85a99b15a7e457306bbfbe9c0eb570191e4
2013-04-27Removing third-party hash implementations.Remko Tronçon
Using library/platform implementation instead. Change-Id: I2457c2dad80e6fdda023a7f31c3906ff10fe09ed
2013-04-06Make IDN implementation abstract.Remko Tronçon
Change-Id: I4c64f954ddeca7147d729b8be07237baa15c1795
2013-03-27Adding support for Blocking Command (XEP-0191) to Swift(-en).Tobias Markmann
Change-Id: I7c92518dc389474d520d4cf96f96a11459f73d26 License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2013-03-04Qt5 support & warning fixes.Remko Tronçon
Change-Id: I62c7d5ca44c915e36c797c798294b7c34b465514
2012-12-31Fix more warnings.Remko Tronçon
Change-Id: I0fc27a08adb6aecd5c5775a52b7fe48570ed526a
2012-12-30Enable & fix pedantic CLang warnings.Remko Tronçon
Change-Id: I70109624b4bd7aab9ba679a3eaabc225dd64a03a
2012-09-17Support for building swiften as a DLLRemko Tronçon
Added missing SWIFTEN_API declarations. Changed test infrastructure to extend path before running tests.
2012-09-15Added URL parser.Remko Tronçon
2012-09-08Support whiteboarding.Mateusz Piekos
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-08-30History dialogCătălin Badea
Add history dialog as an experimental feature. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2012-08-13Set timeout on each connection attempt, instead of global connect timeout.Remko Tronçon
Resolves: #962
2012-07-14Initial DLL support for Swiften.Remko Tronçon
All applications succesfully link against Swiften.dll.
2012-06-20Fix proxy selectionThilo Cestonaro
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-06-18Handle unexpected challenges.Remko Tronçon
Resolves: #1132
2012-06-17Allow different connection methods for Client.Remko Tronçon
2012-05-12Remove peer certificate from APIs.Remko Tronçon
The peer certificate chain contains the peer certificate, so this was redundant.