| Age | Commit message (Collapse) | Author |
|---|
|
Define NOMINMAX when building OpenSSL backend on Windows
and otherwise you cannot use std::numeric_limits<T>::max.
Test-Information:
Swiften builds on Windows 10 with VS2015 with the OpenSSL TLS
backend.
Change-Id: I9621c14426a0af2280cef7ee973abcff2fd0a48d
|
|
Test-Information:
Unit tests pass on macOS 10.13.3 with ASAN and Clang 7.0.
Change-Id: Ifc2bf2c1b63fca7f3ee43ef61c79a96b8e5ced5f
|
|
This method allows to calculate the TLS finish message of the
peer of a TLS connection. It can be used to provide SASL
channel binding for TLS servers.
Test-Information:
Added unit test that verifies the finish messages of a server
TLS context with the finish messages of a client TLS context.
Tests pass on macOS 10.13.3 with OpenSSL.
Change-Id: Ia5ba539e1fb6d1bef6b4436bb59c7384b57a69b0
|
|
Test-Information:
Builds and unit tests pass on macOS 10.13.3 with OpenSSL TLS
backend.
Change-Id: Ie8f4578c867a2e4bf84484cde4a7cff048566ca4
|
|
This also extends the TLSContext interface with methods required
for server mode.
Test-Information:
Added unit tests that test new functionality in TLSContex.
This includes test certificates in the source file that are
not for public use. This new ClientServerTest is only enabled
for OpenSSL, as other TLS backends do not support the new
functionality yet.
Tested on macOS 10.13.3 with clang-trunk.
Change-Id: I8e43476057608067eb3b9852328aa21cd22974a0
|
|
* use std::unique_ptr for memory management of dynamic OpenSSL
objects
* use an initializer class and static instance of it to correctly
initialize/finalize OpenSSL on first use
* use enum class instead of simple enum for state
* use nullptr instead of NULL
Test-Information:
Builds and tests pass on macOS 10.13.2 with clang-trunk and
ASAN.
Change-Id: I346f14e21c34871c1900a8e1ac000450770a0bbe
|
|
NULL pointer dereference was happening in OpenSSL code (inside
SSL_set_bio) when SSL_new returned NULL due to lack of Isode HGE license.
Change-Id: Iebd78be7eb6c7978de0bff225915dc393a516f08
|
|
This fixes setup of trusted CAs on Fedora.
Test-Information:
Tested successful login to two different hosts with different
CAs. Previously the there was no certificate warning on
Debian 8 and a certificate warning on Fedora 24. With this
patch there is no certificate warning anymore on Debian 8
and Fedora 24.
Change-Id: I70e71eb9734f2012bcd5c4b784bab47917b44234
|
|
This change was done by applying the following 'gsed'
replacement calls to all source files:
's/\#include <boost\/shared_ptr\.hpp>/\#include <memory>/g'
's/\#include <boost\/enable_shared_from_this\.hpp>/\#include <memory>/g'
's/\#include <boost\/smart_ptr\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/weak_ptr\.hpp>/\#include <memory>/g'
's/boost::make_shared/std::make_shared/g'
's/boost::dynamic_pointer_cast/std::dynamic_pointer_cast/g'
's/boost::shared_ptr/std::shared_ptr/g'
's/boost::weak_ptr/std::weak_ptr/g'
's/boost::enable_shared_from_this/std::enable_shared_from_this/g'
The remaining issues have been fixed manually.
Test-Information:
Code builds on OS X 10.11.4 and unit tests pass.
Change-Id: Ia7ae34eab869fb9ad6387a1348426b71ae4acd5f
|
|
Removed trailing spaces and whitespace on empty lines
in the process.
Changed CheckTabs.py tool to disallow hard tabs in source
files.
Test-Information:
Manually checked 30 random files that the conversion worked
as expected.
Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
|
|
Change-Id: I25328f60e211387f5d3fbcd6de155b7b8956c0f9
License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
|
|
Change-Id: I94ab4bbb68c603fe872abeb8090575de042f5cb4
|
|
Test-Information:
Tested on OS X 10.9.5 with XCode 6.1.
Change-Id: Ib223977192fce274e5585ef0768fd755b1fa734d
|
|
This fixes a bug with PCKS12 cert auth that only manifested itself on
specific platforms (e.g. ARM)
Test-Information:
Patch was tested by reporter on a failing platform
Change-Id: I4663363aadaf5f00c2092e2f58d45f5ba1b4229a
|
|
Change-Id: I1ffb6d9eabfb36c0101ee19c0cd618736d8a8bb8
|
|
Fix sign conversion warnings.
Removing heavy unnecessary includes.
Change-Id: I992f43065498823098a875badb020c7c84fc4797
|
|
Change-Id: I70109624b4bd7aab9ba679a3eaabc225dd64a03a
|
|
Change-Id: If349586fd131f1661485acdea573f97d1726c731
|
|
Change-Id: I339364406d92226203af876f558bc07686d75cbf
|
|
It used to be disabled for Mac OS X 10.5 or greater but it turns out system's OpenSSL doesn't add those on Mac OS X 10.8.
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
The peer certificate chain contains the peer certificate, so this was
redundant.
|
|
certificate viewers on click.
Native viewers for Windows and Mac OS X are implemented.
Added TODOs to OpenSSL based TLS interface related to CRL and OCSP.
Resolves: #167
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
|
|
|
|
|
|
Now connects successfully with or without TLS(with cert)
|
|
Introduced a new parent class for all certificates with keys
(class CertificateWithKey is the new parent for PKCS12Certificate.)
Switched to using "CertificateWithKey *" instead of "const CertificateWithKey&"
Added calling of a Windows dialog for certificate selection when Schannel
TLS implementation is used.
This compiles, but is not tested.
License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Release-Notes: Swift now supports SCRAM-SHA-1-PLUS authentication.
|
|
|
|
|
|
|
|
|
|
This includes a fix in OpensSSLContext that stops assert failures when
more data is received on a connection after a write has failed. It's
worth investigating why this happens, stopping it doing so, and re-instate
the assert.
Resolves: #402
|
|
|
|
|
|
|
|
|
|
|
Swift