| Age | Commit message (Collapse) | Author |
|---|
|
Initialised previously uninitialised class members. Changed
some raw pointers to std::unique_ptr for clearer and
automatically initialised code.
Test-Information:
Builds on macOS 10.12 and unit tests pass in ASAN-enabled
build.
Change-Id: I7900fe6131119c228ca92c79c0ee8125137f2e48
|
|
The tests are based on the http://www.tls-o-matic.com/
service, which is currently dysfunctional. Disabling the test
so running all system tests does not fail anymore.
Test-Information:
./scons test=all passes on OS X 10.11.5.
Change-Id: I8df2e15efa6787e01dfebd78b61e07d1d1eed5c0
|
|
Test-Information:
Test that it still builds and unit test pass on OS X 10.11.4.
Change-Id: I2eb4a0b707991aee553db36a8cd1ae28b813acab
|
|
This change was done by applying the following 'gsed'
replacement calls to all source files:
's/\#include <boost\/shared_ptr\.hpp>/\#include <memory>/g'
's/\#include <boost\/enable_shared_from_this\.hpp>/\#include <memory>/g'
's/\#include <boost\/smart_ptr\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/weak_ptr\.hpp>/\#include <memory>/g'
's/boost::make_shared/std::make_shared/g'
's/boost::dynamic_pointer_cast/std::dynamic_pointer_cast/g'
's/boost::shared_ptr/std::shared_ptr/g'
's/boost::weak_ptr/std::weak_ptr/g'
's/boost::enable_shared_from_this/std::enable_shared_from_this/g'
The remaining issues have been fixed manually.
Test-Information:
Code builds on OS X 10.11.4 and unit tests pass.
Change-Id: Ia7ae34eab869fb9ad6387a1348426b71ae4acd5f
|
|
Removed trailing spaces and whitespace on empty lines
in the process.
Changed CheckTabs.py tool to disallow hard tabs in source
files.
Test-Information:
Manually checked 30 random files that the conversion worked
as expected.
Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
|
|
Changed "" style includes to <> style.
Test-Information:
Build with Clang 3.9.0 and ran all tests on OS X 10.11.4.
Change-Id: Ic05e53f2e5dba39cc1307b116fc5f17b62ab9eb8
|
|
The jabber_org.crt was falsely modified in commit 0297fa1;
reverted the file to its previous version.
Fixed a syntax error in CertificateErrorTest.
Fixed compilation of TLS stack with external OpenSSL.
Test-Information:
Tested compilation ./scons test=system Swiften/QA/TLSTest
with OpenSSL on OS X 10.11.3.
Change-Id: I58caf94dded128d3ee725b1961e54ad2955d70aa
|
|
Test-Information:
./scons test=system Swiften/QA/TLSTest passes on Windows 8.
Change-Id: I688ec5d0022c02879ff56029d724e6dd30b89a99
|
|
Our TLS backends need to tread TLS verification errors, e.g.
outdated certificate, untrusted CA, non-matching host, etc.,
as non-fatal, so the application can apply custom key
pinning verification or similar.
This patch changes the OS X SecureTransport backend to behave
accordingly and adjusts the CertificateErrorTest to mirror
this behavior.
This commit also fixes a double-free in
SecureTransportCertificate.
Test-Information:
Connected to a host with an untrusted CA and non-matching
domain in the certificate and was prompted with the Swift
certificate trust dialog on OS X 10.11.3.
Swiften/QA/TLSTest run successfully on OS X 10.11.3.
Change-Id: I4c8ce2178540d79a5f328e2e0558d4deb4295134
|
|
This allows to authenticate using SASL EXTERNAL over BOSH
using a client TLS certificate for the HTTPS connection of
the BOSH channel.
The implementation also enforces the HTTPS server certificate
of subsequent BOSH connections not to change.
This commit also removes TLSConnection and TLSConnectionFactory
as no code is using them.
Test-Information:
Tested against M-Link 16.3v6-0 on Debian 7.9 and Swift on
OS X 10.10.5. Verified working client certificate authentication.
Verified Swift not falling back to password-based authentication,
in case EXTERNAL is not allowed by the server over BOSH or
the client certificate is invalid.
Change-Id: Ia96bcac27cac9fc9261ed847c82c6328307bfbd1
|
|
Added integration tests for certificate validation and
revocation behavior checking.
Test-Information:
Tested client login over TLS against Prosody and M-Link.
Verified client certificate authentication works against
M-Link.
Change-Id: I6ad870f17adbf279f3bac913a3076909308a0021
|
|
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
|
|
Change-Id: If4e4ef98c00f15c0a88557860f0377843a8713c0
|
|
- Use boost::filesystem::path consistently for referring to files.
- Use boost::filesystem streams for I/O, such that paths are always handled
correctly.
- Use stringToPath and pathToString for conversion between strings and
boost::filesystem::path, to ensure we have consistent unicode handling
across platforms and environments. The default constructor and string
conversion uses platform-dependent encoding, depending on the global
locale set in the application, which causes problems. So, unless you are
in platform dependent code, the default constructor and string() function
should not be used. When constructing paths from other paths (e.g. using
operator/), also use stringToPath (instead of string arguments) if the path
can contain unicode characters.
Change-Id: If286bd9e71c8414afc0b24ba67e26ab7608ef6ea
|
|
|
|
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Swift