summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-05-11Showing stream encryption status in the roster header. Provide native ↵Tobias Markmann
certificate viewers on click. Native viewers for Windows and Mac OS X are implemented. Added TODOs to OpenSSL based TLS interface related to CRL and OCSP. Resolves: #167 License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-05-07Added convenience method for responding with a custom error payload.Remko Tronçon
2012-05-07Only assert when requesting CRL checking on OpenSSL.Remko Tronçon
2012-05-06Fixed unit test compilation failure.Remko Tronçon
2012-05-05Compilation fixes.Remko Tronçon
2012-05-05Windows compilation fixes.Remko Tronçon
2012-05-05Re-enable revocation check.Remko Tronçon
2012-05-05* Added additional cert store to chain validation. * Turned off revocation ↵dreijer
checking. License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-05-05Revert "* Added additional cert store to chain validation. * Turned off ↵Remko Tronçon
revocation checking." This reverts commit e33b7a309e0424450ab00bc6180df95c6c049195.
2012-05-05Revert "Re-enable revocation check."Remko Tronçon
This reverts commit 856f970d14c5c32b80fc5ea359d4e567b51578a0.
2012-05-05Serialize error payload.Remko Tronçon
2012-04-29Fixed previous commit.Remko Tronçon
2012-04-29Added debug message to double finishSession.Remko Tronçon
2012-04-28Make sure our parser doesn't handle entities.Remko Tronçon
2012-04-27Fixed LibXML parsing of &Remko Tronçon
Resolves: #944
2012-04-25Support channel binding with Schannel.Remko Tronçon
Resolves: #1012
2012-04-24Fixed compilation problems on windows.Remko Tronçon
2012-04-24Re-enable revocation check.Remko Tronçon
Added a method on TLSContextFactory to disable revocation checks if wanted.
2012-04-24* Added additional cert store to chain validation. * Turned off revocation ↵dreijer
checking.
2012-04-24Make built-in expat ignore unbound prefix namespaces.Remko Tronçon
This works around a problem with broken servers relaying illegal stanzas from broken clients. Obviously only works when using the bundled Expat. Note that the system OS X libXML also seems to behave this way.
2012-04-24Statically check the log severity level.Remko Tronçon
Resolves: #1099
2012-04-23Make sure setting disco info after reconnect does not immediately send presence.Remko Tronçon
Resolves: #976
2012-04-23Added missing header.Remko Tronçon
2012-04-23Seed the random number generator.Remko Tronçon
2012-04-23Another fix for SRV selection.Remko Tronçon
2012-04-23Fixed assertion when SRV weights are all 0.Remko Tronçon
2012-04-23Select SRV randomly, taking weight into account.Remko Tronçon
Resolves: #1030
2012-04-23Fixed assertion with inconsitent vcard cache.Remko Tronçon
Resolves: #1077
2012-04-23Work around incorrect roster responses from ejabberd.Remko Tronçon
Resolves: #1072
2012-04-23Fixed platform detection.Remko Tronçon
This fixes auto-away on OS X. Resolves: #1082
2012-04-17Fixing some clang warnings.Tobias Markmann
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-04-12Tidy up of assorted Schannel/CAPI stuffs.Kevin Smith
Makes Swift disconnect if a smartcard used for auth is removed. Fixes compilation. Changes code style in a few places.
2012-04-11Added support for determining SmartCard Reader associated with a certificate ↵Alexey Melnikov
(if any) This patch implements monitoring for SmartCard ejection. This is done by periodically (currently every second) polling smart card reader for the smart card status. If the smart card status becomes "absent" or "unknown" (an error to query the smartcard), the TLS session is aborted. This usually results in an attempt to reestablish TLS which will pop up "please insert the smart card" dialog. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2012-04-01Removing CAres resolver.Remko Tronçon
This has never been used.
2012-03-23Forgotten file for TLSError patchKevin Smith
2012-03-23Allow TLS errors to bubble further up the stackKevin Smith
2012-03-23Use ssize_t for readlink.Remko Tronçon
2012-03-22Manual certificate verification. Added two additional TLS errors related to ↵dreijer
revocation. License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-03-21Fix typo. (Thanks dreijer)Tobias Markmann
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-03-20boost::shared_ptr<?>(new ?(...)) -> boost::make_shared<?>(...) ↵Tobias Markmann
transformation where possible. License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
2012-03-08Fixed several bugs in CAPI/Schannel code on WindowsAlexey Melnikov
This patch includes the following fixes: 1) Correctly hex encode SHA1 hashes when generating certstore: URIs 2) Use the newly parsed certificate store reference, not the old value 3) Need to call findCertificateInStore() when finding the selected TLS certificate in Schannel code. Without that "sha1:XXXX" URIs don't work Also minor optimization of string operations. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2012-03-06Fix missing includeKevin Smith
Resolves: #903
2012-03-06don't crash if an AdHoc is deleted while inflightKevin Smith
2012-03-05Fix segfaults and deadcodeKevin Smith
2012-03-04Pass along errors about DNS resolution.Kevin Smith
2012-03-03Unit tests for SettingsProviderHierachyKevin Smith
Also fixing up errors they found and an uninitialised read left-over from the original patch.
2012-02-29Don't crash when trying to join MUCs offlineKevin Smith
Resolves: #940
2012-02-28Changed certstore: URIs to use SHA1 hashes of certificatesAlexey Melnikov
Value of the certificate's subject DN leftmost RDN is not necessarily unique. This change switches to using SHA1 hash of DER certificates, which should guaranty uniqueness. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
2012-02-28Also compile on non-WindowsKevin Smith
2012-02-28Make Swift more usable in a FIPS-140 environmentKevin Smith
Don't allow DIGEST-MD5 when Windows is set to FIPS mode. Use platform-provided hashing for SHA1.