| Age | Commit message (Collapse) | Author |
|---|
|
Add new boolean flag to TLSOptions which when
set to true prevents system Trust Anchors being loaded into
new TLS contexts created using OpenSSL.
Add new test to Swiften QA with appropriate comment.
JIRA: SWIFT-425
Test-information:
Checked logic of change under debugger while running the
tests in CertificateTest.cpp which create TLS contexts.
Change-Id: I2d4a8410ce9cc752e6774e1d1cdb84dcd37b01d7
|
|
Remove increment of reference count on first certificate added
to a new SSL context - the call to SSL_CTX_use_certificate does
this internally. When adding extra certificates to the context
via calls to SSL_CTX_add_extra_certificate, the explicit
increment of the reference count is still required to prevent
destruction of the certificates when the SSL context is freed.
In OpenSSLContext::setPrivateKey, make sure the EVP_PKEY returned
by PEM_read_bio_PrivateKey is tidied up, by wrapping it in a
shared_ptr which calls EVP_PKEY_free.
Add a new Unit test which creates an SSL context and inserts a
multi-element certificate chain and a private key.
JIRA: SWIFT-423
Bug:
Release-notes:
Manual:
Change-Id: I82c66139a9dfe7a925eb39f73721200895a689e2
Test-information:
Leak testing performed via ASAN-compiled MLink unit tests -
now no leaks/errors reported associated with TLS Contexts and
Certificates. Swiften unit test runs as expected.
|
|
Actual implementation is in OpenSSL subclass. This allows a permanent
vector of shared certificates to be used when creating multiple OpenSSL
contexts. This replaces the existing use of a vector of unique pointers
to certificates which handed over responsibility for the underlying
OpenSSL certs to the OpenSSL context. To enable this to work, a
new method is added to the OpenSSLCertificate class which enables
the reference count on the the contained OpenSSL certificate to
be incremented - this stops the OpenSSL certificate being deleted
when the OpenSSL context is freed.
Use of conditional compilation was necessary to get the reference
counting to build with the different versions of OpenSSL in use.
Modify the method in OpenSSLCertificateFactory (and stub in CertificateFactory)
which generates a vector of certificates, so that it generates a vector
of shared_ptrs rather than unique_ptrs.
Add test of CreateCertificateChain to Swiften CertificateTest
class, together with sample certificate file in PEM form.
JIRA: LINK-1763
Bug:
Release-notes:
Manual:
Test-information:
Tested via development version of Mystique - created multiple
TLS sessions using single certificate chain.
Swift unit tests now build and run again.
New Swiften TLS unit test builds and runs.
Change-Id: I7fa4888b640c94b68712a6bff1f7aa334a358df2
|
|
Test-Information:
Unit tests pass OK on Windows 10 and CentOS 7.3.
Change-Id: I33c9eb6b3e6409727350a44e6d5c88c5e8907275
|
|
Initialised previously uninitialised class members. Changed
some raw pointers to std::unique_ptr for clearer and
automatically initialised code.
Test-Information:
Builds on macOS 10.12 and unit tests pass in ASAN-enabled
build.
Change-Id: I7900fe6131119c228ca92c79c0ee8125137f2e48
|
|
Removed trailing spaces and whitespace on empty lines
in the process.
Changed CheckTabs.py tool to disallow hard tabs in source
files.
Test-Information:
Manually checked 30 random files that the conversion worked
as expected.
Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
|
|
Changed "" style includes to <> style.
Test-Information:
Build with Clang 3.9.0 and ran all tests on OS X 10.11.4.
Change-Id: Ic05e53f2e5dba39cc1307b116fc5f17b62ab9eb8
|
|
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
|
|
Change-Id: If4e4ef98c00f15c0a88557860f0377843a8713c0
|
|
- Use boost::filesystem::path consistently for referring to files.
- Use boost::filesystem streams for I/O, such that paths are always handled
correctly.
- Use stringToPath and pathToString for conversion between strings and
boost::filesystem::path, to ensure we have consistent unicode handling
across platforms and environments. The default constructor and string
conversion uses platform-dependent encoding, depending on the global
locale set in the application, which causes problems. So, unless you are
in platform dependent code, the default constructor and string() function
should not be used. When constructing paths from other paths (e.g. using
operator/), also use stringToPath (instead of string arguments) if the path
can contain unicode characters.
Change-Id: If286bd9e71c8414afc0b24ba67e26ab7608ef6ea
|
|
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Swift