Age | Commit message (Collapse) | Author |
|
This allows to authenticate using SASL EXTERNAL over BOSH
using a client TLS certificate for the HTTPS connection of
the BOSH channel.
The implementation also enforces the HTTPS server certificate
of subsequent BOSH connections not to change.
This commit also removes TLSConnection and TLSConnectionFactory
as no code is using them.
Test-Information:
Tested against M-Link 16.3v6-0 on Debian 7.9 and Swift on
OS X 10.10.5. Verified working client certificate authentication.
Verified Swift not falling back to password-based authentication,
in case EXTERNAL is not allowed by the server over BOSH or
the client certificate is invalid.
Change-Id: Ia96bcac27cac9fc9261ed847c82c6328307bfbd1
|
|
Test-Information:
Still builds and tests pass on OS X 10.10.5.
Change-Id: Ic616e7b9de443ce34b46de63ac1bb0cca34b08ee
|
|
This patch fixes the code to handle HTTP/1.0 proxies which
do not keep the connection alive after a single request.
If a HTTPTrafficFilter returns a new header reply, the HTTP
CONNECT proxy code will issue the request over a new connection.
The final connection is kept alive, as it used for the
persistent connection forwarding.
In addition, the response status line is now passed to the
HTTPTrafficFilter handling method to provide ability to act
upon the response status code.
Missing passthrough of the HTTPTrafficFilter object the down
the stack to the HTTPConnectProxiedConnection is added.
Test-Information:
Added a unit test following an NTLM HTTP proxy authentication
with a static HTTPTrafficFilter. This and other unit tests
still pass.
Change-Id: Ida0d1aec08a60f10c1480e1eecaecbd3f87b0dca
|
|
Some servers have very restrictive TLS stacks that respond badly
to a bug in the SChannel TLS implementation, meaning that TLS
has to be limited to 1.0.
Add ClientOptions.tlsOptions. This is a method of passing options into
the TLS stack. It's currently
only used for the TLS 1.0 workaround in SChannel, but we might reasonably
expose other options in the future, such as limiting cypher suites.
Disables use of SSLv3 for SChannel
Also updates the coding style in SchannelContext a bit.
Test-Information:
Compiles on both OS X and Windows(SChannel). OS X doesn't show the new
option. Windows shows it, and remembers it between logins. Not tested
against a server requiring 1.0 only, but a previous hack with the
same approach was tested.
Change-Id: I1e7854d43811fd173f21f98d4dc3915fc7a4b322
|
|
Test-Information:
Tested build on Windows 8 with VS 2014 and ran unit tests.
Change-Id: I3d8096df4801be6901f22564e36eecba0e7310c4
|
|
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
|
|
BOSH connections.
Test-Information:
Tested with Swift and interoperability against Psi. Swift debug log now correctly
shows the namespace being set. Previously Psi did not display the body of messages
due to them being in the worng namespace. Now as they are in the correct namespace
messages are displayed correctly by Psi.
Change-Id: I547e335100abebfcf170cf7f41b86fd2dbb01692
|
|
Includes fixes to:
Build with new Visual Studio and Boost
Avoid error caused when Avahi is present but Qt is not
Make declaration of XMPPRosterImpl::addContact consistent with implementation
Includes enhancements to:
Allow user-configurable mt.exe
Allow splitting openssl paths
Allow disabling gconf lookup
Make idn support optional
Allow disabling various library detections
Remove use of non-Python2.4 features in sconscripts
Test-Information:
Builds
Change-Id: Iee91ee80291a8bdf87cc169c915e4dad1cc1055b
|
|
Change-Id: I3460f6f4a2ffa9b795080664f49d9138440de72d
|
|
Change-Id: I62c7d5ca44c915e36c797c798294b7c34b465514
|
|
Change-Id: I70109624b4bd7aab9ba679a3eaabc225dd64a03a
|
|
Added missing SWIFTEN_API declarations.
Changed test infrastructure to extend path before running
tests.
|
|
All applications succesfully link against Swiften.dll.
|
|
|
|
certificate viewers on click.
Native viewers for Windows and Mac OS X are implemented.
Added TODOs to OpenSSL based TLS interface related to CRL and OCSP.
Resolves: #167
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
|
|
transformation where possible.
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
Now connects successfully with or without TLS(with cert)
|
|
Introduced a new parent class for all certificates with keys
(class CertificateWithKey is the new parent for PKCS12Certificate.)
Switched to using "CertificateWithKey *" instead of "const CertificateWithKey&"
Added calling of a Windows dialog for certificate selection when Schannel
TLS implementation is used.
This compiles, but is not tested.
License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
|
|
|
|
|
|
|
|
This adds support for BOSH to Swiften. It does not expose it to Swift.
Release-Notes: Swiften now allows connects over BOSH, if used appropriately.
|
|
Copyright (c) 2011 Jan Kaluza
Licensed under the Simplified BSD license.
See Documentation/Licenses/BSD-simplified.txt for more information.
|
|
|
|
* swift-1.x:
Small tweak to previous patch.
Send footer when finishing session
|
|
|
|
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Removed String::getLength().
Rewrote String::removeAll().
|
|
|
|
|
|
|
|
|
|
Release-Notes: Swift now supports SCRAM-SHA-1-PLUS authentication.
|
|
|
|
|
|
TLSLayer is now independent of TLS implementation. The implementation-specifics are now in TLSContext and TLSContextFactory.
|
|
|
|
|
|
This should allow us to link against system boost versions.
|
|
|