summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2015-11-10Add support for client certificate authentication in BOSHTobias Markmann
This allows to authenticate using SASL EXTERNAL over BOSH using a client TLS certificate for the HTTPS connection of the BOSH channel. The implementation also enforces the HTTPS server certificate of subsequent BOSH connections not to change. This commit also removes TLSConnection and TLSConnectionFactory as no code is using them. Test-Information: Tested against M-Link 16.3v6-0 on Debian 7.9 and Swift on OS X 10.10.5. Verified working client certificate authentication. Verified Swift not falling back to password-based authentication, in case EXTERNAL is not allowed by the server over BOSH or the client certificate is invalid. Change-Id: Ia96bcac27cac9fc9261ed847c82c6328307bfbd1
2015-11-09Change virtual calls in ctors/dtors to be explicitTobias Markmann
Test-Information: Still builds and tests pass on OS X 10.10.5. Change-Id: Ic616e7b9de443ce34b46de63ac1bb0cca34b08ee
2015-10-30Fix issues with HTTPTrafficFilter for HTTP proxy / BOSH usageTobias Markmann
This patch fixes the code to handle HTTP/1.0 proxies which do not keep the connection alive after a single request. If a HTTPTrafficFilter returns a new header reply, the HTTP CONNECT proxy code will issue the request over a new connection. The final connection is kept alive, as it used for the persistent connection forwarding. In addition, the response status line is now passed to the HTTPTrafficFilter handling method to provide ability to act upon the response status code. Missing passthrough of the HTTPTrafficFilter object the down the stack to the HTTPConnectProxiedConnection is added. Test-Information: Added a unit test following an NTLM HTTP proxy authentication with a static HTTPTrafficFilter. This and other unit tests still pass. Change-Id: Ida0d1aec08a60f10c1480e1eecaecbd3f87b0dca
2015-10-30Add support for OS X Secure Transport TLS backendTobias Markmann
Added integration tests for certificate validation and revocation behavior checking. Test-Information: Tested client login over TLS against Prosody and M-Link. Verified client certificate authentication works against M-Link. Change-Id: I6ad870f17adbf279f3bac913a3076909308a0021
2015-10-14Fix compiler warnings about unused variables/argumentsTobias Markmann
Test-Informations: Code compiles without warnings and tests still pass. Change-Id: If74c615706b8125c3c5186f0d940c103749ddb80
2015-08-11Make access to deadline_timer thread-safeTobias Markmann
According to boost doucmentation shared deadline_timers are not thread-safe. Adding a mutext to protect access to boost::asio::deadline_timer instance in Swift::BoostTimer. This fixes a data-race reported by TSAN when running Swiften/QA/ClientTest/ClientTest. Test-Information: Verified that the data-race report is gone with this fix. Change-Id: I62c8c3a07d6ea16fe6e2d24c879340040406699b
2015-08-11Add note on use of Connector::stop()Kevin Smith
As the correct API usage might not be obvious Change-Id: I1d4887d7101ce59eb8f3a3dc13d94befe4a58948
2015-07-21Explicitly disconnect from remaining resources in destructorsTobias Markmann
Explicitly disconnect from remaining resources in the ChainedConnected and ClientSessionStanzaChannel destructors, so the event loop will not call the signal handler methods on a freed object. Test-Information: Repeating the test case of creating a Swift::Client instance, connecting it and then deleting it after a random time below one second. On Mac OS X 10.9.5 running this test case causes two ASAN heap-use-after-free errors and with this patch the errors are gone. Change-Id: I3e48150c3633f4076ca9172aad9e85ba389df950
2015-06-10Add ability to limit SChannel to TLS 1.0Kevin Smith
Some servers have very restrictive TLS stacks that respond badly to a bug in the SChannel TLS implementation, meaning that TLS has to be limited to 1.0. Add ClientOptions.tlsOptions. This is a method of passing options into the TLS stack. It's currently only used for the TLS 1.0 workaround in SChannel, but we might reasonably expose other options in the future, such as limiting cypher suites. Disables use of SSLv3 for SChannel Also updates the coding style in SchannelContext a bit. Test-Information: Compiles on both OS X and Windows(SChannel). OS X doesn't show the new option. Windows shows it, and remembers it between logins. Not tested against a server requiring 1.0 only, but a previous hack with the same approach was tested. Change-Id: I1e7854d43811fd173f21f98d4dc3915fc7a4b322
2015-06-08Add missing SWIFTEN_API annotations to public Swiften APITobias Markmann
Test-Information: Tested build on Windows 8 with VS 2014 and ran unit tests. Change-Id: I3d8096df4801be6901f22564e36eecba0e7310c4
2015-05-19Consolidate Python and SCons files to tab based indentationTobias Markmann
Test-Information: Verified that SCons still runs on OS X. Change-Id: I7e9b97f90ee5581a691a959b6f2c999d93e0be53
2015-05-01Add an EventOwner to NATTraversalRequests so that accociated objects are not ↵Tobias Markmann
released early This patch also disconnects possible slots on stop() from the signals. Test-Infromation: This fixes a crash that occured during testing with ConcurrentFileTransferTest. Change-Id: I2b443f40ac3359c8142fcffc084647312b9a1e76
2015-04-08Skip name lookup if manual hostname is a valid IP addressTobias Markmann
Removed dead debugging code and unnecessary includes as well. Test-Information: Tested with Swiften/QA/ClientTest, adjusted to have a manual hostname set in the ClientOptions. Tested on OS X 10.9.5, with NDK API level 14 on an emulated Android 4.0 ARM instance. Without this patch the connector timed out during name lookup trying to resolve the IP set in the ClientOptions::manualHostname. With this patch it skips lookup and connects successfully. Tested and verified unchanged behavior with this patch and without the manual address override set. Change-Id: I737327b2e66c9da78a1963e754bcf201b7d40626
2015-04-08Fix warning about unused private member variableKevin Smith
Test-Information: Compiles without the warning, unit tests pass. Change-Id: I31bce47e4d6595b4ef405a87b56cf71db004e6a0
2015-03-19Fix for HTTPConnectProxiedConnection to support responses in piecesTobias Markmann
This fix lets HTTPConnectProxiedConnection buffer response data in pieces until the end of the HTTP header is reached. Only then it will try to parse the HTTP header. This is *not* the HTTP chunked transfer encoding. Test-Information: Adjusted one test to respond in pieces and added a new test case that verifies that response data is buffered. Change-Id: Icfb987bdf2fc5771401a8a9c6979fa9ad1eebdca
2015-03-16Add ability to modify HTTP CONNECT proxy initializationTobias Markmann
This patch adds HTTPTrafficFilter and integrates it into HTTPConnectProxiedConnection. This allows the HTTP CONNECT proxy initialization process to be customized. Test-Information: Added a unit test that verifies the new functionality. Change-Id: I0b93c319fb205487b8be65717276cd0dd38851a3
2015-02-11Fix DummyConnectionServer to use private accessors for its membersTobias Markmann
Test-Information: Builds. Change-Id: Ib5f1b4e9de814ab46723487e4d15974f0f5bd658
2015-02-11Renable SOCKS5 bytestream proxy support for Jingle file transfers.Tobias Markmann
Test-Information: Tested interoperability with Swiften using FileTransferTest. Change-Id: Ic13a68a91cad199be0bfc8852ff43c25c7085f12
2015-02-08Fix data race in PlatformNATTraversalWorker reported by TSANTobias Markmann
Test-Information: Run on ClientTest as TSAN enabled build on Linux. Without the patch it reports a data race for the stopRequested member. Change-Id: I98373966c45d4c6e247f69fa8850278d885556f7
2015-02-08Fix data race in PlatformDomainNameResolver reported by TSANTobias Markmann
Test-Information: All tests still succeed on OS X and Linux. Change-Id: I2c02252b646b539b960cad18b6f88807afd84d32
2015-02-03Use "Swift" description when adding UPnP port forwardings.Tobias Markmann
Test-Information: Verified using Port Map.app tool and router supporting UPnP. Change-Id: I8d43a812f136979a70ef4dc62ff45448c6603b8b
2015-02-03Limit NAT-PMP detection timeout to 10 seconds.Tobias Markmann
libnatpmp has a high (over 2 minutes) timeout for discovery of NAT-PMP support. This leads to a bad user experience when there is no NAT-PMP support in the network. Test-Information: Tested this in an university network where neither UPnP nor NAT-PMP is available. File-transfers waited more than 2 minutes for an answer of a NAT-PMP device before starting the file-transfer. Change-Id: I3ceaac7f89c982ffa683ee367d5ea3c3d4a2c5ca
2015-02-03Update Jingle FT protocol to namespace verison ↵Tobias Markmann
urn:xmpp:jingle:apps:file-transfer:4. Test-Information: Adjusted unit tests and successfully build/run them on OS X 10.9.5. Change-Id: I63789e3fb351999f719157b54fa9fcf95f40fb07
2015-02-02Fix IPv6 name resolution on Linux systemsTobias Markmann
Boost query objects are setup with the flag address_configured by default which only does IPv6 resoltuion if a non-loopback device is found. This detection mechanism does not seem to work. At least in my test VM there was a non-loopback device with IPv6 address and it still reported no IPv6 addresses. Setting the flag to passive will have it always send queries for AAAA records. Test-Informatioon: Tested on Mac OS X 10.9.5 and Elementary OS 0.2.1 (Linux). Change-Id: I346bcb7982dee465aa7847a7bae8981a16f2d3bc
2014-12-15Update Copyright in SwiftenKevin Smith
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
2014-10-21Fix libunbound support in Swiften which was broken since API change in 8ec22a9.Tobias Markmann
Test-Information: Build for Android 4.3 (arm) and successfully ran checker in emulator VM. Change-Id: Iedaae5df367ee86bfe2375879b0e0981deef9b0a
2014-10-01Port many of Isode's local fixes upstreamKevin Smith
Includes fixes to: Build with new Visual Studio and Boost Avoid error caused when Avahi is present but Qt is not Make declaration of XMPPRosterImpl::addContact consistent with implementation Includes enhancements to: Allow user-configurable mt.exe Allow splitting openssl paths Allow disabling gconf lookup Make idn support optional Allow disabling various library detections Remove use of non-Python2.4 features in sconscripts Test-Information: Builds Change-Id: Iee91ee80291a8bdf87cc169c915e4dad1cc1055b
2014-08-21Clean up compilation errors in Swiften due to boost 1.56Kevin Smith
Can no longer implicitly convert boost::optional to bool temporaries. Also fixed assorted uses of cerr where logging was appropriate. Test-Information: Swiften compiles against boost 1.56 (link fails for me so far) Change-Id: Iec058af933a82a987da64291435a475f8b40ef96
2014-08-10Fix invalid characters being allowed in JID domainsRichard Maudsley
Test-Information: Prepare valid and invalid JIDs and make sure that isValid() is reported correctly. Added unit tests. Change-Id: Ic4d86f8b6ea9defc517ada2f8e3cc54979237cf4
2014-07-11Apply a Connector timeout even if not using SRV lookups.Kevin Smith
Test-Information: Unit tests only Change-Id: I7bc7d48a041f33b1a8527b5be4a476c12f796b34
2014-05-18Fix uninitialized variablesRemko Tronçon
Change-Id: I95b6b67dcafe338561d3dfb28664bc3bba6d1159
2014-03-22Move hardcoded XMPP SRV information from Connector into CoreClientNick Hudson
The Connector class had "_xmpp-client._tcp." hard-coded in it, which meant that it was not suitable for non-XMPP clients. This change means that the Connector can now be used by clients who are interested in arbitrary SRV records; the CoreClient class is updated accordingly. Test-information: Built and ran Swift - seems to work as expected Ran unit-tests ("scons test=unit") - reports OK Change-Id: I0fea9aa90f5d1d5e3a4b90f3362b663fe9d8e207
2014-02-25Build with new Boostish stuff.Kevin Smith
Can no longer use a shared_ptr as a bool. Change-Id: Ic92ede082e8f923830af943bb522c64e4f5ff453
2014-01-27Fix compilation error C++11/latest clangKevin Smith
Change-Id: I33c55c300c9b387e87b2af7e08c59973ee5678fc
2014-01-03Post NAT Traversal query results to the event loop.Remko Tronçon
Change-Id: I0d61991721a5cb04b3b37784e30161531a945d61
2013-11-03Split experimental File Transfer out from History and Whiteboarding.Kevin Smith
Effectively disables whiteboarding and history in default builds so we can avoid having to do a full cleanup of them for 3.0. File transfer remains enabled in default builds as we're intending getting that ready and shipping it. Change-Id: I8c1dcc989f238b58d6d7c426485e7cf582514d8f
2013-10-29Fix unit test on MavericksRemko Tronçon
Change-Id: I11101d660bb0debe85069eb3f2ed30987fa0d5ec
2013-08-13Adding basic support for Android and Unbound (No IPv6 yet).Tobias Markmann
Change-Id: I1d74324515b20e0dc3d0ef4aa2f556fea7b4bee3 License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.s
2013-05-11File Transfer refactoring.Remko Tronçon
Allocate S5B server lazily. Forward forts lazily. Various state machine fixes. Temporarily disabling S5B proxy support. Change-Id: I3145e85a99b15a7e457306bbfbe9c0eb570191e4
2013-04-27Removing third-party hash implementations.Remko Tronçon
Using library/platform implementation instead. Change-Id: I2457c2dad80e6fdda023a7f31c3906ff10fe09ed
2013-04-21Fix compilation when 3rdParty/ is not there.Remko Tronçon
Change-Id: I6d86bf7d8dcc750ff69ff08500c9987b3c1de43e
2013-04-12File Transfer refactoring.Remko Tronçon
Rename run() to start(), and provide stop() placeholder. Change-Id: I44257a0fca89c9345054a5d6fa3c1b4768995081
2013-04-11Network refactoring.Remko Tronçon
Provide sync connection server start method. Provide NetworkEnvironment through NetworkFactories. Change-Id: Iea04349255af8aa6326968f17653e8e371a08bdd
2013-04-06Make IDN implementation abstract.Remko Tronçon
Change-Id: I4c64f954ddeca7147d729b8be07237baa15c1795
2013-03-04Qt5 support & warning fixes.Remko Tronçon
Change-Id: I62c7d5ca44c915e36c797c798294b7c34b465514
2013-01-13Merge branch 'swift-2.x'Remko Tronçon
* swift-2.x: Remove incorrect CFRelease() calls in MacOSXProxyProvider. Change-Id: Ia9fe8954839d65be9e337304ce095c7b48a64155
2013-01-13Fix more warnings.Remko Tronçon
Fix sign conversion warnings. Removing heavy unnecessary includes. Change-Id: I992f43065498823098a875badb020c7c84fc4797
2013-01-02Remove incorrect CFRelease() calls in MacOSXProxyProvider.Remko Tronçon
This avoids a potential crash when using proxies on Mac OS X. Change-Id: I393ba03a6ffd89668e31c5dad8c0d7277601fc14
2013-01-01Fix Objective-C memory bugs.Remko Tronçon
Change-Id: I8de0fc13373633cc99892bc8380072f382f685ed
2013-01-01Fix Objective-C memory leaks.Remko Tronçon
Change-Id: I62206d3813e8873f027ff46e525a30bcb2e945c9