| Age | Commit message (Collapse) | Author |
|---|
|
Our TLS backends need to tread TLS verification errors, e.g.
outdated certificate, untrusted CA, non-matching host, etc.,
as non-fatal, so the application can apply custom key
pinning verification or similar.
This patch changes the OS X SecureTransport backend to behave
accordingly and adjusts the CertificateErrorTest to mirror
this behavior.
This commit also fixes a double-free in
SecureTransportCertificate.
Test-Information:
Connected to a host with an untrusted CA and non-matching
domain in the certificate and was prompted with the Swift
certificate trust dialog on OS X 10.11.3.
Swiften/QA/TLSTest run successfully on OS X 10.11.3.
Change-Id: I4c8ce2178540d79a5f328e2e0558d4deb4295134
|
|
Changed MUCController to only handle message stanzas as
subject change if <subject/> is present and neither <body/>
nor <thread/> is present in the message stanza.
Test-Information:
Added unit tests verifying behavior described in XEP-0045
section 8.1.
Unit tests pass on OS X 10.11.2.
Change-Id: I1d22272da1675176be131ab360b214a98f20533f
|
|
Default to disabled certificate revocation checking for
SecureTransport TLS backend on OS X. SecureTransport internal
revocation checking machine is not very stable and sometimes
fails reporting a positive revocation check leading to bad
UX.
Test-Information:
Swift login still works and ./scons test=system pass on OS X
10.11.3.
Change-Id: I298ccca4ecab07af5517fe393fdb887d79d70bf1
|
|
Test-Information:
./scons test=system passes without any ASAN reports on OS X
10.11.3.
Change-Id: I6825414e2f3c5e5aec48289395f44ccdc14d8f95
|
|
The old event loop had this protection, however it is
missing in the new design. This adds this protection again
as some external event loop implementations, e.g. the Qt
event loop, directly process their event queue from an event
handler.
Test-Information:
Unit and system tests pass on OS X 10.11.3.
Change-Id: I10ce7160c3f201e2d5f53ab8289ddde1eb3262e8
|
|
This commit adds explicit code to stop timers which are
connected to objects that are about to be deleted from
memory.
Test-Information:
./scons test=system passes on OS X 10.11.3.
Change-Id: I139314f3a223e3dc63b78b96be17d3ae53cd3de3
|
|
Code review makes me think that if the timer fires at the same time as
stop() is called, it would be possible for the clearing of events from
the loop to happen before the event is put into the loop, leading to
the sort of crashes we've seen with timers firing and access exceptions.
I can't reproduce those to know if this fixes them, and I'm not even sure
I'm not being dense thinking this patch fixes a real issue.
Test-Information:
Unit tests pass
Change-Id: I76337d5556a9c3902d5c2f4da754ae657810d436
|
|
AddressSanitizer reported a heap-buffer-overflow in
WhitespacePingLayer::handleTimerTick() which happened during
multiple restarts of a XMPP server. Under the assumption
that it was caused by not correctly stopping the timer, the
timer is now explicitly stopped if still active at destruction.
Test-Information:
Unable to reproduce the ASAN report. Unit tests still pass.
Change-Id: Ia0b7c3b613688750c4ce0ad40d759a0db4a52791
|
|
FileTransferTest would attempt to remove files while the
file-transfer objects still have a file handle open to them
in form of FileReadBytestream and FileWriteBytestream
references.
Test-Information:
./scons test=system Swiften/QA/FileTransferTest passed
successfully on Windows 8.
Change-Id: Iba45fa5df7e6f55667dd76fee4624733bb363fe5
|
|
Adds missing virtual keyword to destructors of classes which
have a non-empty destructor and are inheriting from other
classes and implement virtual functions.
Test-Information:
Compiles and unit tests pass on Windows 8 with VS 2013.
Change-Id: I172b5de8eda63eb8057113fbc979444abde3e0a7
|
|
This should enable IPv4/IPv6 dual-stack support for Swift(-en)
Jingle file-transfer support.
Add Connection::getRemoteAddress() method.
Test-Information:
Tested IPv6 file-transfer and IPv4 file-transfer between two
Swift instances.
Added integration test verifying IPv4 only, IPv6 only and
IPv4/IPv6 dual-stack support on the running platform.
Additionally added test to verify remote addresses on dual-stack
server.
Change-Id: Ie384a71833eacca554f69e6f12a1c8330d0d747f
|
|
Use values instead of define names for _WIN32_WINNT and
NTDDI_VERSION defined needed for Windows.h configuration.
Using the names boost fails to correctly detect getaddrinfo()
support on Windows.
Only run IPv6 related test cases in DomainNameResolverTest on
Windows, if test_ipv6=1 is passed to the scons arguments.
This is because on Windows getaddrinfo() will not return
IPv6 related results when called with the AF_UNSPEC hint,
unless the Windows host has global IPv6 connectivity.
Changed the BoostConnectionTest to time out and not endlessly
wait on a response from the remote host.
Test-Information:
Ran the following test configurations:
* (SUCCESS) On Windows 8 with HE.net IPv6 tunnel to provide
full IPv6 connectiviy:
scons.bat test=system test_ipv6=1 Swiften/QA/NetworkTest
* (SUCCESS) On Windows 8 with HE.net IPv6 tunnel to provide
full IPv6 connectiviy:
scons.bat test=system Swiften/QA/NetworkTest
* (EXPECTED FAIL) On Windows 8 with no IPv6 connectiviy:
scons.bat test=system test_ipv6=1 Swiften/QA/NetworkTest
* (SUCCESS) On Windows 8 with no IPv6 connectiviy:
scons.bat test=system Swiften/QA/NetworkTest
Change-Id: I5adcd28e09e22acf61f7cca40b614e71df75dd70
|
|
Test-Information:
Builds and unit and system tests succeed on OS X 10.11.2.
Change-Id: I9e4805f31c4ba63c64d73dbfc2ee6b6423d949a8
|
|
Test-Information:
Builds and tests pass.
Change-Id: I7c12036903ea535fe0a7ee7085b2268894c546bd
|
|
Test-Information:
Tested by transferring a file between two Swift instances.
Tested in WebKit chat views and in plain chat views.
Change-Id: Ie46cbd7bac8a36478f64b4557cf55926e6d4af37
|
|
Test-Information:
Unit and integration tests pass on OS X 10.10.5 and Debian 8.2.
UI remains responsive when transferring a file between two
Swift instances.
Change-Id: I7841347a5d6c55121e02e274a7087a2fc200f879
|
|
Test-Information:
Ran a file-transfer between two Swift instances and verified
no fe80:... addresses are included in the candidates.
Change-Id: I51dedb6aff95686764f74bf61ab2963e51ecbd1c
|
|
Test-Information:
Tested on OS X 10.11.1.
Change-Id: If63370404ac6586e2e48a19cbe7a0f0df9359c36
|
|
Canceling an IBB transfer in-flight caused an use-after-free
reported by ASAN. With this fix we keep a reference of the
current request around to be able to disconnect from its
signals on cancel.
Test-Information:
Transferred a file with Swift using the IBB method and canceled
the transfer. The previously error reported by ASAN is gone.
Change-Id: I240d3dbb59cddb6b91d49f268595a89ac8805f72
|
|
Test-Information:
Tested against a Swift instance which does not advertise the
DiscoInfo::JingleTransportsS5BFeature feature and verified
via debug console that only the IBB feature is listed in the
candidates.
Change-Id: I708c437f5c30c16c3478fd3448d7cb9592e68677
|
|
This allows execution of events inside an existing io_service
if an application is already using Boost ASIO for other things
and can share the io_service.
Test-Information:
Builds on OS X 10.11.2.
Change-Id: I092ed7a25b24ef95d4664bae98ed84cc0f149073
|
|
The new event loop design has a single event queue that is
synchronized to protect against data races.
The removal of events in the queue by EventOwner is
deterministic.
Test-Information:
All unit and integration tests with TSAN and
cxxflags=-DBOOST_SP_USE_PTHREADS on Debian 8.2 pass without
reports.
Multiple Swiften/QA/ClientTest/ClientTest runs under
different CPU stress caused no TSAN reports on Debian 8.2.
Swift itself only causes TSAN reports related to Qt itself,
out of our control, and most likely false positives, i.e.
TSAN not detecting the synchronization method inside Qt
correctly.
Unit tests pass without errors and successfully connected
to Slimber on OS X 10.10.5.
Change-Id: Ia1ed32ac2e758c5b9f86e0dac21362818740881e
|
|
Test-Information:
Unit tests pass on OS X 10.10.5.
Change-Id: I7b505513b4342001596ee8518bfdcf9e77c91479
|
|
This allows to authenticate using SASL EXTERNAL over BOSH
using a client TLS certificate for the HTTPS connection of
the BOSH channel.
The implementation also enforces the HTTPS server certificate
of subsequent BOSH connections not to change.
This commit also removes TLSConnection and TLSConnectionFactory
as no code is using them.
Test-Information:
Tested against M-Link 16.3v6-0 on Debian 7.9 and Swift on
OS X 10.10.5. Verified working client certificate authentication.
Verified Swift not falling back to password-based authentication,
in case EXTERNAL is not allowed by the server over BOSH or
the client certificate is invalid.
Change-Id: Ia96bcac27cac9fc9261ed847c82c6328307bfbd1
|
|
The code was calling CFRelease on a null pointer, which runs
into an assert inside CFRelease.
Test-Information:
The crash happened during client certificate authentication
using the Secure Transport backend. With this patch the crash
is gone.
Change-Id: If389dcb8b8a20fdc5cf77219d6c5afb86c9c3634
|
|
Test-Information:
Still builds and tests pass on OS X 10.10.5.
Change-Id: Ic616e7b9de443ce34b46de63ac1bb0cca34b08ee
|
|
Test-Information:
Still builds and tests pass.
Change-Id: I040423ab6f6934610e336f3af22d174a685af66a
|
|
These errors were reported by Clang Analyzer.
Test-Information:
Verified that behavior is still as expected and Clang
Analyzer does not report the warnings anymore.
Change-Id: I149d75241f7680a6d2f2b6b710dd38d1ed81a209
|
|
This patch prevents SWIFTEN from logging in if provided with a missing PKCS12 file.
Before this patch, swiften would attempt a password based login using operator JID
and pwd of the P12 file when the P12 file was missing.
This patch fixes it by checking the certificate and not initialising session stream
and connection if the certificate is empty. It emits a disconnect with client
certificate load error. The string for certificate load error has been modified to
indicate a file or password invalid.
Test-information:
Tested by doing a certificate based bind to an XMPP server. Removed the PKCS#12
file and checked that swift gave a certificate error instead of doing pwd connect
Change-Id: I1869a13f1f7135b6606f7383cd4a0356ffd6931b
|
|
This patch fixes the code to handle HTTP/1.0 proxies which
do not keep the connection alive after a single request.
If a HTTPTrafficFilter returns a new header reply, the HTTP
CONNECT proxy code will issue the request over a new connection.
The final connection is kept alive, as it used for the
persistent connection forwarding.
In addition, the response status line is now passed to the
HTTPTrafficFilter handling method to provide ability to act
upon the response status code.
Missing passthrough of the HTTPTrafficFilter object the down
the stack to the HTTPConnectProxiedConnection is added.
Test-Information:
Added a unit test following an NTLM HTTP proxy authentication
with a static HTTPTrafficFilter. This and other unit tests
still pass.
Change-Id: Ida0d1aec08a60f10c1480e1eecaecbd3f87b0dca
|
|
Added integration tests for certificate validation and
revocation behavior checking.
Test-Information:
Tested client login over TLS against Prosody and M-Link.
Verified client certificate authentication works against
M-Link.
Change-Id: I6ad870f17adbf279f3bac913a3076909308a0021
|
|
With this commit
SOCKS5BytestreamProxiesManager::onDiscoveredProxiesChanged
will be emitted even if no proxies are found.
Move signal emission out of if/else scopes as it was present
in both cases.
Test-Information:
Tested file-transfer with the sender located at a server
without a S5B proxy.
Change-Id: Ic79928e539a6f39f23bfda370d701bf6d9ca9cbf
|
|
Test-Information:
Code builds without warnings, unit tests still pass on OS X
10.10.5.
Change-Id: I9108b53fb00b0fc85a8dd4e2a347e21d0e6008ab
|
|
Test-Information:
Build and tests pass successfully on OS X 10.10.5.
Change-Id: I614586660796f9ef043156d09d998d39934a6eca
|
|
In addition, this adds the file-transfer classes to the
Doxygen documentation.
Test-Information:
Unit and integration tests still pass.
Change-Id: Ib6c16078c90ed56fae835cb2abfea8a564c3afa3
|
|
Before presence handling code was handled by both, the
ContactRosterItem in Swift and the PresenceOracle in Swiften.
The ContactRosterItem also considered the presence priority
for deciding what presence to show for a bare JID.
With this code all full or bare JID presence requests are
finally handled by the PresenceOracle. For bare JIDs it is
looked up to a presence of one of the available resources of
that JID regardless of the priorities.
Test-Information:
Adjusted tests according to above description and documentation
in PresenceOracle.
Change-Id: I972a4574f476cdf4d4b5593a035eb1c25ef2f8ba
|
|
When removing a contact, a XMPP client will not receive an explicit
unavailable presence stanza for the contact from the server. Because
of that Swift used to show removed contacts still with their old
presence in the Chats tab or the chat view.
With this patch, the PresenceOracle will flush all known presence
of a contact as soon as the JID is removed from the roster. An
unavailable presence will stored under the removed bare JID and
is emitted via the PresenceOracle::onPresenceChange signal.
Test-Information:
Added a unit test verifying this behavior. Tested the behavior with
two scenarios:
a) Account A and B adding each other and accepting the subscription
request. Starting a chat between A and B. After removing B in A's
account, B used to be shown as available in the chat view and the
Chats tab. With this patch B is shown as unavailable.
b) Account A and B adding each other and accepting the subscription
request. A removing B, and B removing A. After A adds B again,
B used to be shown with the old presence even before B accepted
the subscription request. This behavior is also fixed with this
patch, not showing B as online until B accepted the subscription
request.
Change-Id: Iba97d3bedd0ac962ea00b25a0d2ed6106ed55a55
|
|
This is required to protect against the CVE-2015-2059 vulnerability in
libIDN.
Test-Information:
Added unit tests for UTF-8 validation and tested that existing unit
tests still pass.
Change-Id: I0a94136894c6e0004081456c59155a78a3dabf5f
|
|
With this commit a ChatController is only bound to a full JID
of a contact, if the incoming message of the contact has a
non-empty body or is a 'typing' chat state notification.
This avoids random binding to an arbitrary resource of a contact,
that has multiple online resources and responds with delivery
receipts.
Test-Information:
Tested with a conversation of a one resource account (A) to a
two resource account (B). Sending two messages to B, the first
used to go to both resources, then A would bind to the full
JID and the second message would only go to one resource.
With this fix all messages go to both resources, i.e. are
send to the bare JID, until one resource of B replies. This
binds the controller at A to the full JID of the reply of B.
Change-Id: I8d9321a4226ab798e1196351ad087990d5dff8c3
|
|
Test-Informations:
Code compiles without warnings and tests still pass.
Change-Id: If74c615706b8125c3c5186f0d940c103749ddb80
|
|
Test-Information:
Both Valgrind and clang's leak sanitizer report a lot leaks
on the FileTransferTest. With this commit it the stack traces
related to the fixed leaks are gone.
Change-Id: Idae9a81bcd8d97576d3f1469bf64490e0bfa7d55
|
|
This existing code was commented out. There are not tests for
it and no counterpart for incoming transfers.
We support Jingle-based file-transfers as the main file-transfer
method, as do lots of other clients.
Test-Informations:
Tested the complete project still builds.
Change-Id: Icf278165733fe481b4e2bc777a73bc420cf76398
|
|
The code used to call the onProxiesFound signal only if a
proxy was found. In case of missing S5B proxy at the users
server, the file-transfer preparation would hang.
Now the code wants until the discovery phase is done and then
calls the onProxiesFound signal with the list of discovered
proxies. In case of missing S5B proxy server the signal is
called with an empty list so the file-transfer flow can
continue.
Test-Information:
Ran FileTransferTest integration test and manually tested a
file-transfer on a server without S5B proxy.
Change-Id: I31d3cc08fe6453b5cdfe6be286f884a920470d28
|
|
Test-Information:
Adjusted the corresponding test case accordingly.
Change-Id: I4626f09cd51bac2ff9ca97d5a7da5a173fc627a5
|
|
Furthermore removed unneeded includes.
Test-Information:
Still builds and unit tests pass.
Change-Id: Ic7272e754c488f427b5ee6834f1d892028ea285d
|
|
The dateTimeToLocalString uses boost functions that may throw
an out of range exception for times earlier than 1970.
This commit caches this exception and just returns an empty
string in this case.
Test-Information:
Added a unit test to verify this behavior.
Change-Id: I05eb17605331e14d9eac04fbfd286362e7d4eb46
|
|
The logic for calling onItemAdded and onItemRemoved signals when
setting a new list of block items using BlockListImpl::setItems
used to be broken.
This commit fixes and documents the correct signal notification
behavior
Test-Information:
Added a unit test which verifies the notification behavior in case
of added block list items, removed block list items and a complete
change of the block list.
Change-Id: I3061545e25ddfc2d9d1a3c987045a58e5c9230ac
|
|
According to boost doucmentation shared deadline_timers are not
thread-safe. Adding a mutext to protect access to
boost::asio::deadline_timer instance in Swift::BoostTimer.
This fixes a data-race reported by TSAN when running
Swiften/QA/ClientTest/ClientTest.
Test-Information:
Verified that the data-race report is gone with this fix.
Change-Id: I62c8c3a07d6ea16fe6e2d24c879340040406699b
|
|
FileTransferManagerImpl should have a virtual dtor, as the
parent class also has a virtual dtor.
Test-Information:
Unit tests still run.
Change-Id: I72a0757a930254caadfd1463b3f90af6c4829bd0
|
|
Running './scons check_headers=1 will compile each header file
as an object file.
Test-Information:
Tested on OS X 10.9.5 and Elementary OS 0.2.
Change-Id: Ia429ccc6dc0a5bd76c08a2c2e91bf192c6ad2901
|
Swift