`xmpp_run_once()` uses `FD_SET()` to determine which sockets to `select()`
on. The socket gets initialized to `INVALID_SOCKET = -1` inside
`xmpp_conn_new()` which leads to a buffer overflow once `FD_SET()` is
called.
This is only exposed when enabling a higher optimization level, which
was only done in the `release-test` CI job.
* Fix this testcase by initializing the socket to a possible value.
* Build the Valgrind CI jobs with `-O2`.
* Make the output of the `release-test` more verbose.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
It is useful in some applications to get a snapshot of the stream
management state for storage outside the process, in order to recover
from crashes and other things. The get_sm_state already present is not
suitable for this because it returns a live object tied in to the
current context and such, and containing much unneeded internal-api
data.
Introduce xmpp_sm_state_set_callback which is called every time the
state changes with a serialized state, and a dual xmpp_sm_state_restore
which takes in this serialized state and sets up a new sm_state based on
that.
The serialization is considered opaque from the PoV of the API, but is
based on CBOR to facilitate easy debugging.
Introduce a `conn_interface` to simplify the decision logic which API
we must call.
This also fixes some bugs of the previous commit.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Before this change the user had to provide a password callback, even if the
PKCS#12 encoded file has no or an empty password.
This changes the behavior, so we first try to open the file without a
password and only then ask the user to provide one.
This fixes#204.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
In order to be able to load password-protected key files a password
callback was added.
This also adds support for PKCS#12 containers instead of certificate+key.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
In order to do proper deprecation of those API's we re-introduce them
so they can be removed in the next release. This will then also lead to
an ABI bump.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
This also re-defines that `make release` does the release of all tarballs
and will run the tests against them.
Latest LibreSSL test is also marked non-essential, as it tends to fail
from time to time ...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Removal of `rand.h` is a fixup of
118087f2a1
Somehow autotools manages to know that all those files must be
included in a release, no need to track them manually.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
* `release` creates the tarballs
* `test-release` takes the tarballs, extracts them, builds the library
and tests and runs the tests
* `docs` run doxygen
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Based on the differences to libmesode this functionality has been added.
It allows a library-user to set a callback for cases where the TLS stack
can't verify a received certificate and let the end-user decide what to
do.
examples/basic implements an example handler of said functionality.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
XEP-0077 will not be implemented as part of libstrophe's API, but an
example is provided. The example shows how to use the "raw" connection
to register a user.
Closes#54.