Age | Commit message (Collapse) | Author |
|
TLSLayer and TLSConnection now own the TLSContext they use.
The TLSContextFactory interface is adjusted to use
std::unique_ptr.
Test-Information:
Builds and all tests pass on macOS with clang-7-master.
Change-Id: I14e33c98b48445094f404b73ea41af0a51d2dde6
|
|
This also extends the TLSContext interface with methods required
for server mode.
Test-Information:
Added unit tests that test new functionality in TLSContex.
This includes test certificates in the source file that are
not for public use. This new ClientServerTest is only enabled
for OpenSSL, as other TLS backends do not support the new
functionality yet.
Tested on macOS 10.13.3 with clang-trunk.
Change-Id: I8e43476057608067eb3b9852328aa21cd22974a0
|
|
Test-Information:
Builds and test pass on macOS 10.13 with clang-trunk.
Change-Id: I7a515a003602a983681f85374a8a77dc953f533d
|
|
Test-Information:
Unit tests pass on macOS 10.12.
Change-Id: I32f884e2525b6200e5fb3f04d58f77304d16daa0
|
|
This change was done by applying the following 'gsed'
replacement calls to all source files:
's/\#include <boost\/shared_ptr\.hpp>/\#include <memory>/g'
's/\#include <boost\/enable_shared_from_this\.hpp>/\#include <memory>/g'
's/\#include <boost\/smart_ptr\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/make_shared\.hpp>/\#include <memory>/g'
's/\#include <boost\/weak_ptr\.hpp>/\#include <memory>/g'
's/boost::make_shared/std::make_shared/g'
's/boost::dynamic_pointer_cast/std::dynamic_pointer_cast/g'
's/boost::shared_ptr/std::shared_ptr/g'
's/boost::weak_ptr/std::weak_ptr/g'
's/boost::enable_shared_from_this/std::enable_shared_from_this/g'
The remaining issues have been fixed manually.
Test-Information:
Code builds on OS X 10.11.4 and unit tests pass.
Change-Id: Ia7ae34eab869fb9ad6387a1348426b71ae4acd5f
|
|
Run 'clang-tidy -fix -checks=modernize-use-nullptr' on all
source code files on OS X. This does not modernize platform
specific code on Linux and Windows
Test-Information:
Code builds and unit tests pass on OS X 10.11.4.
Change-Id: Ic43ffeb1b76c1a933a55af03db3c54977f5f60dd
|
|
Removed trailing spaces and whitespace on empty lines
in the process.
Changed CheckTabs.py tool to disallow hard tabs in source
files.
Test-Information:
Manually checked 30 random files that the conversion worked
as expected.
Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
|
|
Clang was complaining about implicit conversions between
nullable and non-nullable NSString pointers. Adjusted our
std::string -> NSString* conversion utilities to check for
nil and return an empty std::string in that case.
Replaced uses of [NSString stringWithUTF8String] with our
STD2NSSTRING macro.
Turned std::string <-> NSString* conversion macros into
functions.
Test-Information:
Builds without the warning on OS X 10.11.3 and Swift runs
without issues.
Change-Id: I949f2f3332018391aead58ef362764f4b7955b01
|
|
Our TLS backends need to tread TLS verification errors, e.g.
outdated certificate, untrusted CA, non-matching host, etc.,
as non-fatal, so the application can apply custom key
pinning verification or similar.
This patch changes the OS X SecureTransport backend to behave
accordingly and adjusts the CertificateErrorTest to mirror
this behavior.
This commit also fixes a double-free in
SecureTransportCertificate.
Test-Information:
Connected to a host with an untrusted CA and non-matching
domain in the certificate and was prompted with the Swift
certificate trust dialog on OS X 10.11.3.
Swiften/QA/TLSTest run successfully on OS X 10.11.3.
Change-Id: I4c8ce2178540d79a5f328e2e0558d4deb4295134
|
|
Default to disabled certificate revocation checking for
SecureTransport TLS backend on OS X. SecureTransport internal
revocation checking machine is not very stable and sometimes
fails reporting a positive revocation check leading to bad
UX.
Test-Information:
Swift login still works and ./scons test=system pass on OS X
10.11.3.
Change-Id: I298ccca4ecab07af5517fe393fdb887d79d70bf1
|
|
The code was calling CFRelease on a null pointer, which runs
into an assert inside CFRelease.
Test-Information:
The crash happened during client certificate authentication
using the Secure Transport backend. With this patch the crash
is gone.
Change-Id: If389dcb8b8a20fdc5cf77219d6c5afb86c9c3634
|
|
These errors were reported by Clang Analyzer.
Test-Information:
Verified that behavior is still as expected and Clang
Analyzer does not report the warnings anymore.
Change-Id: I149d75241f7680a6d2f2b6b710dd38d1ed81a209
|
|
Added integration tests for certificate validation and
revocation behavior checking.
Test-Information:
Tested client login over TLS against Prosody and M-Link.
Verified client certificate authentication works against
M-Link.
Change-Id: I6ad870f17adbf279f3bac913a3076909308a0021
|
|
|
|
|