Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/TLS/SecureTransport
AgeCommit message (Collapse)Author
2016-03-15Explicitly convert between nullable and non-nullable on OS XTobias Markmann
Clang was complaining about implicit conversions between nullable and non-nullable NSString pointers. Adjusted our std::string -> NSString* conversion utilities to check for nil and return an empty std::string in that case. Replaced uses of [NSString stringWithUTF8String] with our STD2NSSTRING macro. Turned std::string <-> NSString* conversion macros into functions. Test-Information: Builds without the warning on OS X 10.11.3 and Swift runs without issues. Change-Id: I949f2f3332018391aead58ef362764f4b7955b01
2016-02-08Treat cert verify errors as non-fatal in OS X TLS backendTobias Markmann
Our TLS backends need to tread TLS verification errors, e.g. outdated certificate, untrusted CA, non-matching host, etc., as non-fatal, so the application can apply custom key pinning verification or similar. This patch changes the OS X SecureTransport backend to behave accordingly and adjusts the CertificateErrorTest to mirror this behavior. This commit also fixes a double-free in SecureTransportCertificate. Test-Information: Connected to a host with an untrusted CA and non-matching domain in the certificate and was prompted with the Swift certificate trust dialog on OS X 10.11.3. Swiften/QA/TLSTest run successfully on OS X 10.11.3. Change-Id: I4c8ce2178540d79a5f328e2e0558d4deb4295134
2016-02-01Disable certificate revocation checking in OS X TLS backendTobias Markmann
Default to disabled certificate revocation checking for SecureTransport TLS backend on OS X. SecureTransport internal revocation checking machine is not very stable and sometimes fails reporting a positive revocation check leading to bad UX. Test-Information: Swift login still works and ./scons test=system pass on OS X 10.11.3. Change-Id: I298ccca4ecab07af5517fe393fdb887d79d70bf1
2015-11-10Fix Cocoa memory management error in Secure Transport backendTobias Markmann
The code was calling CFRelease on a null pointer, which runs into an assert inside CFRelease. Test-Information: The crash happened during client certificate authentication using the Secure Transport backend. With this patch the crash is gone. Change-Id: If389dcb8b8a20fdc5cf77219d6c5afb86c9c3634
2015-11-06Fix potential memory leaks in Cocoa API usageTobias Markmann
These errors were reported by Clang Analyzer. Test-Information: Verified that behavior is still as expected and Clang Analyzer does not report the warnings anymore. Change-Id: I149d75241f7680a6d2f2b6b710dd38d1ed81a209
2015-10-30Add support for OS X Secure Transport TLS backendTobias Markmann
Added integration tests for certificate validation and revocation behavior checking. Test-Information: Tested client login over TLS against Prosody and M-Link. Verified client certificate authentication works against M-Link. Change-Id: I6ad870f17adbf279f3bac913a3076909308a0021
2010-03-28Removing submodules.Remko Tronçon
2010-03-28Moved Swiften to a separate module.Remko Tronçon