Age | Commit message (Collapse) | Author |
|
Add new boolean flag to TLSOptions which when
set to true prevents system Trust Anchors being loaded into
new TLS contexts created using OpenSSL.
Add new test to Swiften QA with appropriate comment.
JIRA: SWIFT-425
Test-information:
Checked logic of change under debugger while running the
tests in CertificateTest.cpp which create TLS contexts.
Change-Id: I2d4a8410ce9cc752e6774e1d1cdb84dcd37b01d7
|
|
Remove increment of reference count on first certificate added
to a new SSL context - the call to SSL_CTX_use_certificate does
this internally. When adding extra certificates to the context
via calls to SSL_CTX_add_extra_certificate, the explicit
increment of the reference count is still required to prevent
destruction of the certificates when the SSL context is freed.
In OpenSSLContext::setPrivateKey, make sure the EVP_PKEY returned
by PEM_read_bio_PrivateKey is tidied up, by wrapping it in a
shared_ptr which calls EVP_PKEY_free.
Add a new Unit test which creates an SSL context and inserts a
multi-element certificate chain and a private key.
JIRA: SWIFT-423
Bug:
Release-notes:
Manual:
Change-Id: I82c66139a9dfe7a925eb39f73721200895a689e2
Test-information:
Leak testing performed via ASAN-compiled MLink unit tests -
now no leaks/errors reported associated with TLS Contexts and
Certificates. Swiften unit test runs as expected.
|
|
Actual implementation is in OpenSSL subclass. This allows a permanent
vector of shared certificates to be used when creating multiple OpenSSL
contexts. This replaces the existing use of a vector of unique pointers
to certificates which handed over responsibility for the underlying
OpenSSL certs to the OpenSSL context. To enable this to work, a
new method is added to the OpenSSLCertificate class which enables
the reference count on the the contained OpenSSL certificate to
be incremented - this stops the OpenSSL certificate being deleted
when the OpenSSL context is freed.
Use of conditional compilation was necessary to get the reference
counting to build with the different versions of OpenSSL in use.
Modify the method in OpenSSLCertificateFactory (and stub in CertificateFactory)
which generates a vector of certificates, so that it generates a vector
of shared_ptrs rather than unique_ptrs.
Add test of CreateCertificateChain to Swiften CertificateTest
class, together with sample certificate file in PEM form.
JIRA: LINK-1763
Bug:
Release-notes:
Manual:
Test-information:
Tested via development version of Mystique - created multiple
TLS sessions using single certificate chain.
Swift unit tests now build and run again.
New Swiften TLS unit test builds and runs.
Change-Id: I7fa4888b640c94b68712a6bff1f7aa334a358df2
|
|
The filetransfer blockSize is now an unsigned integer, as 0 could be
used to denote an invalid block size as well (and indeed, already
indicated that better than -1 did).
All use of numeric_cast in filetransfer code has been fixed to deal with
the possibility of thrown exceptions.
Test-Information:
Unit tests pass on macOS and Debian
Change-Id: I1833d553bae071238be20ebc386ef602effb78b0
|
|
Generation of TXT records might fail if any of the fields is too long,
so the result is now an optional (pending Expected). Callsites have been
updated to deal with this.
Three potentially uncaught exceptions in the Bonjour implementation have
been addressed.
Test-Information:
Unit tests pass on macOS 10.14 and Debian 9
Change-Id: Iec02c4606a18eee855362fd3c3d15614a9e72547
|
|
Network ports are now consistently stored as unsigned shorts, apart from
the options and user interface, where -1 is still used to denote the use
of default ports.
Test-Information:
Unit tests pass on macOS 10.13 and Debian 9
On macOS: tested the UI with various proxy and manual ports, behaviour
as expected.
Change-Id: I7a65f40083022887aa30ed7b21eadc56d0c52be1
|
|
ICUConverter allowed jidparts greater than 1023 bytes during
stringprep.
The SConscript of StorageTest did not work when libidn had been
disabled, which prevented test=unit from completing.
Test-Information:
Unit tests pass on Debian 9 in a build with ICU and ASan enabled.
Change-Id: I791a09457c6b852e61ce1281871e0f3ca0ce645c
|
|
Added a new element object ReferencePayload, and created the parser
and serializer to handle this element. Currently no functionality
to send references directly in swift, nor to render their contents.
Test-Information:
Unit tests written and passed for serializer and parser, testing
various types of valid and invalid references, and testing
references with embedded payloads.
Change-Id: I81fd5d9e020fac1729640f297705806af97f6388
|
|
Test-Information:
Unit tests pass OK on Windows 10 and CentOS 7.3.
Change-Id: I33c9eb6b3e6409727350a44e6d5c88c5e8907275
|
|
License:
This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
Test-Information:
Fixes FileWriteBytestreamTest by closing WriteStream before file
deletion which passes.
Tests performed under Windows 10 1703
Change-Id: I0be891af652138af23f8db9e5526d927d39c9856
|
|
Test-Infotmation:
Unit tests pass OK.
Change-Id: I1b6d3711d97daa86cccbb44aecb1b4025f2fcc8a
|
|
googletest and googlemock from release 1.8.0 have been copied
to the 3rdParty folder.
With this commit tests for Swift project can also written
using googletest and googlemock APIs. The test runners will
execute test suites written to either test library.
Passing —-xml to a test runner will now create two test
report XML files, namely $programName-report.cppunit.xml and
$programName-report.gtest.xml.
The ByteArrayTest has been converted to use googletest
instead of googlemock to serve as an example and test the
integration.
Test-Information:
Build all tests via ‘./scons test=all’ and verified all tests
are run.
Build all tests via ‘./scons test=all checker_report=1’ and
verified that two report XML files are generated per test
runner executed.
Change-Id: I81a9fb2c7ea5612fc1b34eef70ed7e711bfeea81
|
|
Test-Information:
Build on macOS 10.12.1 and all tests pass.
Change-Id: Iedaa3fa7e7672c77909fd0568bf30e9393cb87e0
|
|
Previously HostAddress had a constructor which allowed
initialisation via a std::string. This initialisation can
fail and this is heavily used for checking whether a string
is a valid IP address.
This constructor is removed in this commit and replaced by
a static method HostAddress::fromString, taking a string and
returning an optional HostAddress. This clearly communicates
that the conversion can fail.
Test-Information:
./scons test=all passes on macOS 10.12.1.
Change-Id: Idaafee6f84010ce541c55f267ac77ad6ac8f02b4
|
|
Initialised previously uninitialised class members. Changed
some raw pointers to std::unique_ptr for clearer and
automatically initialised code.
Test-Information:
Builds on macOS 10.12 and unit tests pass in ASAN-enabled
build.
Change-Id: I7900fe6131119c228ca92c79c0ee8125137f2e48
|
|
The tests are based on the http://www.tls-o-matic.com/
service, which is currently dysfunctional. Disabling the test
so running all system tests does not fail anymore.
Test-Information:
./scons test=all passes on OS X 10.11.5.
Change-Id: I8df2e15efa6787e01dfebd78b61e07d1d1eed5c0
|
|
Test-Information:
Builds and tests pass on Ubuntu 16.04.
Change-Id: If8da50619b0e029437b3b9d6b146f2ed49b5bf60
|
|
Test-Information:
Test that it still builds and unit test pass on OS X 10.11.4.
Change-Id: I2eb4a0b707991aee553db36a8cd1ae28b813acab
|
|
This cuts down our dependency on Boost further. Another
benefit is that mutex classes of C++11 standard library are
recognized by TSAN.
Test-Information:
Unit and integration tests pass on OS X 10.11.4.
Change-Id: Id4dcdb42e3d5155e107ce1d7618acbf26f913b6f
|
|
Boost.Signals was deprecated and is not improved further.
This patch removes Boost.Signals from 3rdParty and adds
Boost.Signals2 and its dependencies.
Also removed the Qt signals compatibility file
Swiften/Base/boost_bsignals.h.
Test-Information:
Build and ran unit tests on OS X 10.11.4. Confirmed successful
login using Swift client.
Change-Id: Ie6e3b2d15aac2462cda95401582f5287a479fb54
|
|
Run 'clang-tidy -fix -checks=modernize-loop-convert' on all
source code files on OS X. This does not modernize platform
specific code on Linux and Windows
Test-Information:
Code builds and unit tests pass on OS X 10.11.4.
Change-Id: I65b99e0978cfab8ca6de2a3e5342e7a81416c12c
|
|
This change was done by applying the following 'gsed'
replacement calls to all source files:
's/\#include <boost\/shared_ptr\.hpp>/\#include <memory>/g'
's/\#include <boost\/enable_shared_from_this\.hpp>/\#include <memory>/g'
's/\#include <boost\/smart_ptr\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/weak_ptr\.hpp>/\#include <memory>/g'
's/boost::make_shared/std::make_shared/g'
's/boost::dynamic_pointer_cast/std::dynamic_pointer_cast/g'
's/boost::shared_ptr/std::shared_ptr/g'
's/boost::weak_ptr/std::weak_ptr/g'
's/boost::enable_shared_from_this/std::enable_shared_from_this/g'
The remaining issues have been fixed manually.
Test-Information:
Code builds on OS X 10.11.4 and unit tests pass.
Change-Id: Ia7ae34eab869fb9ad6387a1348426b71ae4acd5f
|
|
Run 'clang-tidy -fix -checks=modernize-use-nullptr' on all
source code files on OS X. This does not modernize platform
specific code on Linux and Windows
Test-Information:
Code builds and unit tests pass on OS X 10.11.4.
Change-Id: Ic43ffeb1b76c1a933a55af03db3c54977f5f60dd
|
|
Removed trailing spaces and whitespace on empty lines
in the process.
Changed CheckTabs.py tool to disallow hard tabs in source
files.
Test-Information:
Manually checked 30 random files that the conversion worked
as expected.
Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
|
|
Changed "" style includes to <> style.
Test-Information:
Build with Clang 3.9.0 and ran all tests on OS X 10.11.4.
Change-Id: Ic05e53f2e5dba39cc1307b116fc5f17b62ab9eb8
|
|
The jabber_org.crt was falsely modified in commit 0297fa1;
reverted the file to its previous version.
Fixed a syntax error in CertificateErrorTest.
Fixed compilation of TLS stack with external OpenSSL.
Test-Information:
Tested compilation ./scons test=system Swiften/QA/TLSTest
with OpenSSL on OS X 10.11.3.
Change-Id: I58caf94dded128d3ee725b1961e54ad2955d70aa
|
|
Previously Jingle File Transfer in Swiften only used IBB
transport as fallback mechanism. With this patch Swiften will
use IBB transport candidates directly in the first
session-initate/session-accept message if the other party
only supports IBB.
Fixed a ASAN reported heap-use-after-free in
SOCKS5BytestreamServerManager.cpp while testing.
Test-Information:
./scons test=system passed without error.
Testing all sender/receiver file-transfer option configurations
with FileTransferTest resulting in expected behavior.
Successfully transferring a file between two Swift instances.
Change-Id: Ia0ffeaa1fd54fc0da23db75344c9e94f9d03a774
|
|
WriteBytestream::write(…) now returns a boolean indicating
its success state (false in case of an error). Adjusted
FileWriteBytestream accordingly.
The QtWebKitChatView will test if the file path selected by
the user is writable before accepting it and starting the
transfer. If it is not writable a red warning message will be
added to the file-transfer element in the chat view.
Test-Information:
Added an integration test that tests the new behavior for
the FileWriteBytestream class.
Tested two file transfers on OS X 10.11.3, one to a write
protected location and another to /tmp. The first is not accepted
by the UI, and without the UI sanity check it results in a
file-transfer error. The second succeeds as expected.
Change-Id: I5aa0c617423073feb371365a23a294c149c88036
|
|
Test-Information:
./scons test=system Swiften/QA/TLSTest passes on Windows 8.
Change-Id: I688ec5d0022c02879ff56029d724e6dd30b89a99
|
|
Our TLS backends need to tread TLS verification errors, e.g.
outdated certificate, untrusted CA, non-matching host, etc.,
as non-fatal, so the application can apply custom key
pinning verification or similar.
This patch changes the OS X SecureTransport backend to behave
accordingly and adjusts the CertificateErrorTest to mirror
this behavior.
This commit also fixes a double-free in
SecureTransportCertificate.
Test-Information:
Connected to a host with an untrusted CA and non-matching
domain in the certificate and was prompted with the Swift
certificate trust dialog on OS X 10.11.3.
Swiften/QA/TLSTest run successfully on OS X 10.11.3.
Change-Id: I4c8ce2178540d79a5f328e2e0558d4deb4295134
|
|
Test-Information:
./scons test=system passes without any ASAN reports on OS X
10.11.3.
Change-Id: I6825414e2f3c5e5aec48289395f44ccdc14d8f95
|
|
FileTransferTest would attempt to remove files while the
file-transfer objects still have a file handle open to them
in form of FileReadBytestream and FileWriteBytestream
references.
Test-Information:
./scons test=system Swiften/QA/FileTransferTest passed
successfully on Windows 8.
Change-Id: Iba45fa5df7e6f55667dd76fee4624733bb363fe5
|
|
This should enable IPv4/IPv6 dual-stack support for Swift(-en)
Jingle file-transfer support.
Add Connection::getRemoteAddress() method.
Test-Information:
Tested IPv6 file-transfer and IPv4 file-transfer between two
Swift instances.
Added integration test verifying IPv4 only, IPv6 only and
IPv4/IPv6 dual-stack support on the running platform.
Additionally added test to verify remote addresses on dual-stack
server.
Change-Id: Ie384a71833eacca554f69e6f12a1c8330d0d747f
|
|
Use values instead of define names for _WIN32_WINNT and
NTDDI_VERSION defined needed for Windows.h configuration.
Using the names boost fails to correctly detect getaddrinfo()
support on Windows.
Only run IPv6 related test cases in DomainNameResolverTest on
Windows, if test_ipv6=1 is passed to the scons arguments.
This is because on Windows getaddrinfo() will not return
IPv6 related results when called with the AF_UNSPEC hint,
unless the Windows host has global IPv6 connectivity.
Changed the BoostConnectionTest to time out and not endlessly
wait on a response from the remote host.
Test-Information:
Ran the following test configurations:
* (SUCCESS) On Windows 8 with HE.net IPv6 tunnel to provide
full IPv6 connectiviy:
scons.bat test=system test_ipv6=1 Swiften/QA/NetworkTest
* (SUCCESS) On Windows 8 with HE.net IPv6 tunnel to provide
full IPv6 connectiviy:
scons.bat test=system Swiften/QA/NetworkTest
* (EXPECTED FAIL) On Windows 8 with no IPv6 connectiviy:
scons.bat test=system test_ipv6=1 Swiften/QA/NetworkTest
* (SUCCESS) On Windows 8 with no IPv6 connectiviy:
scons.bat test=system Swiften/QA/NetworkTest
Change-Id: I5adcd28e09e22acf61f7cca40b614e71df75dd70
|
|
Test-Information:
Tested on OS X 10.11.1.
Change-Id: If63370404ac6586e2e48a19cbe7a0f0df9359c36
|
|
This allows to authenticate using SASL EXTERNAL over BOSH
using a client TLS certificate for the HTTPS connection of
the BOSH channel.
The implementation also enforces the HTTPS server certificate
of subsequent BOSH connections not to change.
This commit also removes TLSConnection and TLSConnectionFactory
as no code is using them.
Test-Information:
Tested against M-Link 16.3v6-0 on Debian 7.9 and Swift on
OS X 10.10.5. Verified working client certificate authentication.
Verified Swift not falling back to password-based authentication,
in case EXTERNAL is not allowed by the server over BOSH or
the client certificate is invalid.
Change-Id: Ia96bcac27cac9fc9261ed847c82c6328307bfbd1
|
|
Added integration tests for certificate validation and
revocation behavior checking.
Test-Information:
Tested client login over TLS against Prosody and M-Link.
Verified client certificate authentication works against
M-Link.
Change-Id: I6ad870f17adbf279f3bac913a3076909308a0021
|
|
Test-Information:
Code builds without warnings, unit tests still pass on OS X
10.10.5.
Change-Id: I9108b53fb00b0fc85a8dd4e2a347e21d0e6008ab
|
|
Test-Information:
Both Valgrind and clang's leak sanitizer report a lot leaks
on the FileTransferTest. With this commit it the stack traces
related to the fixed leaks are gone.
Change-Id: Idae9a81bcd8d97576d3f1469bf64490e0bfa7d55
|
|
Introducing SWIFT_NETWORK_TEST_IPV4 and SWIFT_NETWORK_TEST_IPV6 for
the host addresses used in BoostConnectionTest.cpp.
Passing these variables and ASAN/LSAN_OPTIONS for memory leak
detection when calling the test from SCons.
Test-Information:
Tested on Elementary OS with correct available hosts and unavailable
hosts. In both cases the behavior is the same as before.
Change-Id: I24128c766642c5a2ee273f7c11624525ae33e270
|
|
In addition this patch adds an element, a parser and a serializer for
the <thread/> element from XMPP IM.
Test-Information:
Implemented unit tests pass as expected.
Change-Id: I0a14c778c2c0bf65f4b405c9878c741449bfe142
|
|
If Scons is configured to run system unit tests, it will run
FileTransferTest and test for working IBB transfer, direct S5B transfer
and proxied S5B transfer.
Test-Information:
Tested ./scons test=all is working on Linux and OS X.
Change-Id: Id70c9e1e9db9c897d9bfc7dd03b874afe5262207
|
|
Test-Information:
Tried to connect to BOSH service setting the boshPath to "http-bind"
while "/http-bind" would have been correct.
Change-Id: Ifc9bb574361c9eaa3baeffc2938d06a257275f2a
|
|
FileTransferTests tests file-transfer interoperability with Swiften
itself. It can test all combinations of FileTransferOptions or a specific
combination when given.
Test-Information:
Inspected XML logs to ensure it does what it is supposed to do.
Change-Id: I06215b60419dd23b367d01a2f038245a6c977720
|
|
The data race is on the events_ member in DummyEventLoop.
A BoostIOServerThread can post events to the DummyEventLoop and thereby
access its events_ data member while the test's main code processes
events of the loop.
To prevent access to the DummyEventLoop by the BoostIOServiceThread
after the DummyEventLoop is deleted, the BoostIOServiceThread is
deleted before the DummyEventLoop.
Process remaining events in BoostConnectionTest::tearDown like we do in
BoostConnectionServerTest::tearDown.
Test-Information:
Run multiple times on NetworkTest as TSAN enabled build on Linux.
Without the patch it reports a data race for the events_ deque member.
Change-Id: I3c85535338fc0ce0263dbfc3534aceb1dd09c137
|
|
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
|
|
Test-Information:
Build for Android 4.3 (arm) and successfully ran checker in emulator VM.
Change-Id: Iedaae5df367ee86bfe2375879b0e0981deef9b0a
|
|
Test-Information:
Compiles and unit tests pass with boost 1.56
Change-Id: I6525399babc5f6c88fb499af80e9f07c1c4d0cdb
|
|
Test-Information:
Prepare valid and invalid JIDs and make sure that isValid() is reported correctly. Added unit tests.
Change-Id: Ic4d86f8b6ea9defc517ada2f8e3cc54979237cf4
|
|
Change-Id: If4e4ef98c00f15c0a88557860f0377843a8713c0
|