summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2016-02-29Fix data race in BoostConnection reported by TSANswift-4.0alphaTobias Markmann
ThreadSanitizer reported a data-race between Boost's socket close() and async_read_some(). Test-Information: Verified all tests still pass and that TSAN does not report an error anymore in a scenario where a Client connects/dis- connects randomly. Tested on Debian 8 and OS X 10.11.3. Change-Id: I5e705efb15bee767dd5a55539854b5e488b3bf64
2016-02-15Support early IBB use in Jingle File TransferTobias Markmann
Previously Jingle File Transfer in Swiften only used IBB transport as fallback mechanism. With this patch Swiften will use IBB transport candidates directly in the first session-initate/session-accept message if the other party only supports IBB. Fixed a ASAN reported heap-use-after-free in SOCKS5BytestreamServerManager.cpp while testing. Test-Information: ./scons test=system passed without error. Testing all sender/receiver file-transfer option configurations with FileTransferTest resulting in expected behavior. Successfully transferring a file between two Swift instances. Change-Id: Ia0ffeaa1fd54fc0da23db75344c9e94f9d03a774
2016-02-15Fix crash when saving a received file to non-writable locationTobias Markmann
WriteBytestream::write(…) now returns a boolean indicating its success state (false in case of an error). Adjusted FileWriteBytestream accordingly. The QtWebKitChatView will test if the file path selected by the user is writable before accepting it and starting the transfer. If it is not writable a red warning message will be added to the file-transfer element in the chat view. Test-Information: Added an integration test that tests the new behavior for the FileWriteBytestream class. Tested two file transfers on OS X 10.11.3, one to a write protected location and another to /tmp. The first is not accepted by the UI, and without the UI sanity check it results in a file-transfer error. The second succeeds as expected. Change-Id: I5aa0c617423073feb371365a23a294c149c88036
2016-02-10Add more tests for JID validityKevin Smith
Test-Information: Tests pass locally (OS/X 10.11.3) Change-Id: I223cdf213f87a4efd574bdd917556aec23e4fd4c
2016-02-08Fix and adjust TLSTest to Windows SChannel backendTobias Markmann
Test-Information: ./scons test=system Swiften/QA/TLSTest passes on Windows 8. Change-Id: I688ec5d0022c02879ff56029d724e6dd30b89a99
2016-02-08Treat cert verify errors as non-fatal in OS X TLS backendTobias Markmann
Our TLS backends need to tread TLS verification errors, e.g. outdated certificate, untrusted CA, non-matching host, etc., as non-fatal, so the application can apply custom key pinning verification or similar. This patch changes the OS X SecureTransport backend to behave accordingly and adjusts the CertificateErrorTest to mirror this behavior. This commit also fixes a double-free in SecureTransportCertificate. Test-Information: Connected to a host with an untrusted CA and non-matching domain in the certificate and was prompted with the Swift certificate trust dialog on OS X 10.11.3. Swiften/QA/TLSTest run successfully on OS X 10.11.3. Change-Id: I4c8ce2178540d79a5f328e2e0558d4deb4295134
2016-02-02Change stanza body to boost::optional<std::string> typeTobias Markmann
Changed MUCController to only handle message stanzas as subject change if <subject/> is present and neither <body/> nor <thread/> is present in the message stanza. Test-Information: Added unit tests verifying behavior described in XEP-0045 section 8.1. Unit tests pass on OS X 10.11.2. Change-Id: I1d22272da1675176be131ab360b214a98f20533f
2016-02-01Disable certificate revocation checking in OS X TLS backendTobias Markmann
Default to disabled certificate revocation checking for SecureTransport TLS backend on OS X. SecureTransport internal revocation checking machine is not very stable and sometimes fails reporting a positive revocation check leading to bad UX. Test-Information: Swift login still works and ./scons test=system pass on OS X 10.11.3. Change-Id: I298ccca4ecab07af5517fe393fdb887d79d70bf1
2016-01-26Fix ASAN reported heap-use-after-free in FileTransferTestTobias Markmann
Test-Information: ./scons test=system passes without any ASAN reports on OS X 10.11.3. Change-Id: I6825414e2f3c5e5aec48289395f44ccdc14d8f95
2016-01-25Prevent recursive processing of event queue in EventLoopTobias Markmann
The old event loop had this protection, however it is missing in the new design. This adds this protection again as some external event loop implementations, e.g. the Qt event loop, directly process their event queue from an event handler. Test-Information: Unit and system tests pass on OS X 10.11.3. Change-Id: I10ce7160c3f201e2d5f53ab8289ddde1eb3262e8
2016-01-22Add missing Timer related cleanup codeTobias Markmann
This commit adds explicit code to stop timers which are connected to objects that are about to be deleted from memory. Test-Information: ./scons test=system passes on OS X 10.11.3. Change-Id: I139314f3a223e3dc63b78b96be17d3ae53cd3de3
2016-01-21Ensure that BoostTimers can't fire after stop()Kevin Smith
Code review makes me think that if the timer fires at the same time as stop() is called, it would be possible for the clearing of events from the loop to happen before the event is put into the loop, leading to the sort of crashes we've seen with timers firing and access exceptions. I can't reproduce those to know if this fixes them, and I'm not even sure I'm not being dense thinking this patch fixes a real issue. Test-Information: Unit tests pass Change-Id: I76337d5556a9c3902d5c2f4da754ae657810d436
2016-01-21Stop timer during clean up of WhitespacePingLayerTobias Markmann
AddressSanitizer reported a heap-buffer-overflow in WhitespacePingLayer::handleTimerTick() which happened during multiple restarts of a XMPP server. Under the assumption that it was caused by not correctly stopping the timer, the timer is now explicitly stopped if still active at destruction. Test-Information: Unable to reproduce the ASAN report. Unit tests still pass. Change-Id: Ia0b7c3b613688750c4ce0ad40d759a0db4a52791
2016-01-15Free file-transfer objects before removing files in QA toolTobias Markmann
FileTransferTest would attempt to remove files while the file-transfer objects still have a file handle open to them in form of FileReadBytestream and FileWriteBytestream references. Test-Information: ./scons test=system Swiften/QA/FileTransferTest passed successfully on Windows 8. Change-Id: Iba45fa5df7e6f55667dd76fee4624733bb363fe5
2016-01-15Add missing virtual keyword to some destructorsTobias Markmann
Adds missing virtual keyword to destructors of classes which have a non-empty destructor and are inheriting from other classes and implement virtual functions. Test-Information: Compiles and unit tests pass on Windows 8 with VS 2013. Change-Id: I172b5de8eda63eb8057113fbc979444abde3e0a7
2016-01-12Listen to IPv6 any address instead of only IPv4Tobias Markmann
This should enable IPv4/IPv6 dual-stack support for Swift(-en) Jingle file-transfer support. Add Connection::getRemoteAddress() method. Test-Information: Tested IPv6 file-transfer and IPv4 file-transfer between two Swift instances. Added integration test verifying IPv4 only, IPv6 only and IPv4/IPv6 dual-stack support on the running platform. Additionally added test to verify remote addresses on dual-stack server. Change-Id: Ie384a71833eacca554f69e6f12a1c8330d0d747f
2016-01-11Fix IPv6 DNS resolution issues on WindowsTobias Markmann
Use values instead of define names for _WIN32_WINNT and NTDDI_VERSION defined needed for Windows.h configuration. Using the names boost fails to correctly detect getaddrinfo() support on Windows. Only run IPv6 related test cases in DomainNameResolverTest on Windows, if test_ipv6=1 is passed to the scons arguments. This is because on Windows getaddrinfo() will not return IPv6 related results when called with the AF_UNSPEC hint, unless the Windows host has global IPv6 connectivity. Changed the BoostConnectionTest to time out and not endlessly wait on a response from the remote host. Test-Information: Ran the following test configurations: * (SUCCESS) On Windows 8 with HE.net IPv6 tunnel to provide full IPv6 connectiviy: scons.bat test=system test_ipv6=1 Swiften/QA/NetworkTest * (SUCCESS) On Windows 8 with HE.net IPv6 tunnel to provide full IPv6 connectiviy: scons.bat test=system Swiften/QA/NetworkTest * (EXPECTED FAIL) On Windows 8 with no IPv6 connectiviy: scons.bat test=system test_ipv6=1 Swiften/QA/NetworkTest * (SUCCESS) On Windows 8 with no IPv6 connectiviy: scons.bat test=system Swiften/QA/NetworkTest Change-Id: I5adcd28e09e22acf61f7cca40b614e71df75dd70
2016-01-07Remove wrong assertion in BoostIOServiceThreadTobias Markmann
Test-Information: Builds and unit and system tests succeed on OS X 10.11.2. Change-Id: I9e4805f31c4ba63c64d73dbfc2ee6b6423d949a8
2015-12-17Fix misspelled method callTobias Markmann
Test-Information: Builds and tests pass. Change-Id: I7c12036903ea535fe0a7ee7085b2268894c546bd
2015-12-17Show file-transfer description if providedTobias Markmann
Test-Information: Tested by transferring a file between two Swift instances. Tested in WebKit chat views and in plain chat views. Change-Id: Ie46cbd7bac8a36478f64b4557cf55926e6d4af37
2015-12-17Process multiple events at once inside EventLoopTobias Markmann
Test-Information: Unit and integration tests pass on OS X 10.10.5 and Debian 8.2. UI remains responsive when transferring a file between two Swift instances. Change-Id: I7841347a5d6c55121e02e274a7087a2fc200f879
2015-12-17Do not advertise link-local IPv6 addresses in FT candidatesTobias Markmann
Test-Information: Ran a file-transfer between two Swift instances and verified no fe80:... addresses are included in the candidates. Change-Id: I51dedb6aff95686764f74bf61ab2963e51ecbd1c
2015-12-17Add test verifying Boost ASIO IPv4/IPv6 dual-stack socket supportTobias Markmann
Test-Information: Tested on OS X 10.11.1. Change-Id: If63370404ac6586e2e48a19cbe7a0f0df9359c36
2015-12-17Disconnect signals from in-flight IBB requestTobias Markmann
Canceling an IBB transfer in-flight caused an use-after-free reported by ASAN. With this fix we keep a reference of the current request around to be able to disconnect from its signals on cancel. Test-Information: Transferred a file with Swift using the IBB method and canceled the transfer. The previously error reported by ASAN is gone. Change-Id: I240d3dbb59cddb6b91d49f268595a89ac8805f72
2015-12-17Only calculate S5B candidates if supported by recipientTobias Markmann
Test-Information: Tested against a Swift instance which does not advertise the DiscoInfo::JingleTransportsS5BFeature feature and verified via debug console that only the IBB feature is listed in the candidates. Change-Id: I708c437f5c30c16c3478fd3448d7cb9592e68677
2015-12-17Add event loop for integration in Boost ASIOKevin Smith
This allows execution of events inside an existing io_service if an application is already using Boost ASIO for other things and can share the io_service. Test-Information: Builds on OS X 10.11.2. Change-Id: I092ed7a25b24ef95d4664bae98ed84cc0f149073
2015-11-19Redesign event loops to be thread-safe and deterministicTobias Markmann
The new event loop design has a single event queue that is synchronized to protect against data races. The removal of events in the queue by EventOwner is deterministic. Test-Information: All unit and integration tests with TSAN and cxxflags=-DBOOST_SP_USE_PTHREADS on Debian 8.2 pass without reports. Multiple Swiften/QA/ClientTest/ClientTest runs under different CPU stress caused no TSAN reports on Debian 8.2. Swift itself only causes TSAN reports related to Qt itself, out of our control, and most likely false positives, i.e. TSAN not detecting the synchronization method inside Qt correctly. Unit tests pass without errors and successfully connected to Slimber on OS X 10.10.5. Change-Id: Ia1ed32ac2e758c5b9f86e0dac21362818740881e
2015-11-18Fix virtual destructors and mismatching signal disconnectionTobias Markmann
Test-Information: Unit tests pass on OS X 10.10.5. Change-Id: I7b505513b4342001596ee8518bfdcf9e77c91479
2015-11-10Add support for client certificate authentication in BOSHTobias Markmann
This allows to authenticate using SASL EXTERNAL over BOSH using a client TLS certificate for the HTTPS connection of the BOSH channel. The implementation also enforces the HTTPS server certificate of subsequent BOSH connections not to change. This commit also removes TLSConnection and TLSConnectionFactory as no code is using them. Test-Information: Tested against M-Link 16.3v6-0 on Debian 7.9 and Swift on OS X 10.10.5. Verified working client certificate authentication. Verified Swift not falling back to password-based authentication, in case EXTERNAL is not allowed by the server over BOSH or the client certificate is invalid. Change-Id: Ia96bcac27cac9fc9261ed847c82c6328307bfbd1
2015-11-10Fix Cocoa memory management error in Secure Transport backendTobias Markmann
The code was calling CFRelease on a null pointer, which runs into an assert inside CFRelease. Test-Information: The crash happened during client certificate authentication using the Secure Transport backend. With this patch the crash is gone. Change-Id: If389dcb8b8a20fdc5cf77219d6c5afb86c9c3634
2015-11-09Change virtual calls in ctors/dtors to be explicitTobias Markmann
Test-Information: Still builds and tests pass on OS X 10.10.5. Change-Id: Ic616e7b9de443ce34b46de63ac1bb0cca34b08ee
2015-11-09Change Windows to Unix line endingsTobias Markmann
Test-Information: Still builds and tests pass. Change-Id: I040423ab6f6934610e336f3af22d174a685af66a
2015-11-06Fix potential memory leaks in Cocoa API usageTobias Markmann
These errors were reported by Clang Analyzer. Test-Information: Verified that behavior is still as expected and Clang Analyzer does not report the warnings anymore. Change-Id: I149d75241f7680a6d2f2b6b710dd38d1ed81a209
2015-11-04Fix swiften handling when client certificate is missingGurmeen Bindra
This patch prevents SWIFTEN from logging in if provided with a missing PKCS12 file. Before this patch, swiften would attempt a password based login using operator JID and pwd of the P12 file when the P12 file was missing. This patch fixes it by checking the certificate and not initialising session stream and connection if the certificate is empty. It emits a disconnect with client certificate load error. The string for certificate load error has been modified to indicate a file or password invalid. Test-information: Tested by doing a certificate based bind to an XMPP server. Removed the PKCS#12 file and checked that swift gave a certificate error instead of doing pwd connect Change-Id: I1869a13f1f7135b6606f7383cd4a0356ffd6931b
2015-10-30Fix issues with HTTPTrafficFilter for HTTP proxy / BOSH usageTobias Markmann
This patch fixes the code to handle HTTP/1.0 proxies which do not keep the connection alive after a single request. If a HTTPTrafficFilter returns a new header reply, the HTTP CONNECT proxy code will issue the request over a new connection. The final connection is kept alive, as it used for the persistent connection forwarding. In addition, the response status line is now passed to the HTTPTrafficFilter handling method to provide ability to act upon the response status code. Missing passthrough of the HTTPTrafficFilter object the down the stack to the HTTPConnectProxiedConnection is added. Test-Information: Added a unit test following an NTLM HTTP proxy authentication with a static HTTPTrafficFilter. This and other unit tests still pass. Change-Id: Ida0d1aec08a60f10c1480e1eecaecbd3f87b0dca
2015-10-30Add support for OS X Secure Transport TLS backendTobias Markmann
Added integration tests for certificate validation and revocation behavior checking. Test-Information: Tested client login over TLS against Prosody and M-Link. Verified client certificate authentication works against M-Link. Change-Id: I6ad870f17adbf279f3bac913a3076909308a0021
2015-10-30Fix bug in FT candidate discovery in absence of S5B proxiesTobias Markmann
With this commit SOCKS5BytestreamProxiesManager::onDiscoveredProxiesChanged will be emitted even if no proxies are found. Move signal emission out of if/else scopes as it was present in both cases. Test-Information: Tested file-transfer with the sender located at a server without a S5B proxy. Change-Id: Ic79928e539a6f39f23bfda370d701bf6d9ca9cbf
2015-10-30Fix code in response to clang compiler warningsTobias Markmann
Test-Information: Code builds without warnings, unit tests still pass on OS X 10.10.5. Change-Id: I9108b53fb00b0fc85a8dd4e2a347e21d0e6008ab
2015-10-30Fix code in response to unused macro and private field warningsTobias Markmann
Test-Information: Build and tests pass successfully on OS X 10.10.5. Change-Id: I614586660796f9ef043156d09d998d39934a6eca
2015-10-30Add FileTransfer::getState() methodTobias Markmann
In addition, this adds the file-transfer classes to the Doxygen documentation. Test-Information: Unit and integration tests still pass. Change-Id: Ib6c16078c90ed56fae835cb2abfea8a564c3afa3
2015-10-30Change bare JID presence lookup code to ignore prioritiesTobias Markmann
Before presence handling code was handled by both, the ContactRosterItem in Swift and the PresenceOracle in Swiften. The ContactRosterItem also considered the presence priority for deciding what presence to show for a bare JID. With this code all full or bare JID presence requests are finally handled by the PresenceOracle. For bare JIDs it is looked up to a presence of one of the available resources of that JID regardless of the priorities. Test-Information: Adjusted tests according to above description and documentation in PresenceOracle. Change-Id: I972a4574f476cdf4d4b5593a035eb1c25ef2f8ba
2015-10-16Mark removed contacts as unavailable in SwiftTobias Markmann
When removing a contact, a XMPP client will not receive an explicit unavailable presence stanza for the contact from the server. Because of that Swift used to show removed contacts still with their old presence in the Chats tab or the chat view. With this patch, the PresenceOracle will flush all known presence of a contact as soon as the JID is removed from the roster. An unavailable presence will stored under the removed bare JID and is emitted via the PresenceOracle::onPresenceChange signal. Test-Information: Added a unit test verifying this behavior. Tested the behavior with two scenarios: a) Account A and B adding each other and accepting the subscription request. Starting a chat between A and B. After removing B in A's account, B used to be shown as available in the chat view and the Chats tab. With this patch B is shown as unavailable. b) Account A and B adding each other and accepting the subscription request. A removing B, and B removing A. After A adds B again, B used to be shown with the old presence even before B accepted the subscription request. This behavior is also fixed with this patch, not showing B as online until B accepted the subscription request. Change-Id: Iba97d3bedd0ac962ea00b25a0d2ed6106ed55a55
2015-10-16Add UTF-8 validation function and validate input to libIDN functionsTobias Markmann
This is required to protect against the CVE-2015-2059 vulnerability in libIDN. Test-Information: Added unit tests for UTF-8 validation and tested that existing unit tests still pass. Change-Id: I0a94136894c6e0004081456c59155a78a3dabf5f
2015-10-15Only bind full JID to ChatController on non-empty or typing messagesTobias Markmann
With this commit a ChatController is only bound to a full JID of a contact, if the incoming message of the contact has a non-empty body or is a 'typing' chat state notification. This avoids random binding to an arbitrary resource of a contact, that has multiple online resources and responds with delivery receipts. Test-Information: Tested with a conversation of a one resource account (A) to a two resource account (B). Sending two messages to B, the first used to go to both resources, then A would bind to the full JID and the second message would only go to one resource. With this fix all messages go to both resources, i.e. are send to the bare JID, until one resource of B replies. This binds the controller at A to the full JID of the reply of B. Change-Id: I8d9321a4226ab798e1196351ad087990d5dff8c3
2015-10-14Fix compiler warnings about unused variables/argumentsTobias Markmann
Test-Informations: Code compiles without warnings and tests still pass. Change-Id: If74c615706b8125c3c5186f0d940c103749ddb80
2015-10-14Fix memory leak warnings by Valgrind/LSANTobias Markmann
Test-Information: Both Valgrind and clang's leak sanitizer report a lot leaks on the FileTransferTest. With this commit it the stack traces related to the fixed leaks are gone. Change-Id: Idae9a81bcd8d97576d3f1469bf64490e0bfa7d55
2015-10-14Remove remains of OutgoingSIFileTransferTobias Markmann
This existing code was commented out. There are not tests for it and no counterpart for incoming transfers. We support Jingle-based file-transfers as the main file-transfer method, as do lots of other clients. Test-Informations: Tested the complete project still builds. Change-Id: Icf278165733fe481b4e2bc777a73bc420cf76398
2015-10-07Fix hang during file-transfer preparation with missing proxyTobias Markmann
The code used to call the onProxiesFound signal only if a proxy was found. In case of missing S5B proxy at the users server, the file-transfer preparation would hang. Now the code wants until the discovery phase is done and then calls the onProxiesFound signal with the list of discovered proxies. In case of missing S5B proxy server the signal is called with an empty list so the file-transfer flow can continue. Test-Information: Ran FileTransferTest integration test and manually tested a file-transfer on a server without S5B proxy. Change-Id: I31d3cc08fe6453b5cdfe6be286f884a920470d28
2015-09-25Do not flush vCard cache if IQ request returns an errorTobias Markmann
Test-Information: Adjusted the corresponding test case accordingly. Change-Id: I4626f09cd51bac2ff9ca97d5a7da5a173fc627a5
2015-09-22Add explicit includes for classes used in PlatformTLSFactoriesTobias Markmann
Furthermore removed unneeded includes. Test-Information: Still builds and unit tests pass. Change-Id: Ic7272e754c488f427b5ee6834f1d892028ea285d