822 Commits

Author SHA1 Message Date
Dmitry Podgorny
1c84ca3730 Release libstrophe-0.11.0 0.11.0 2021-10-28 21:49:50 +03:00
Steffen Jaeckel
bf1348e89d add required internal TLS API's for dummy and schannel
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-10-28 17:23:32 +02:00
Steffen Jaeckel
795675d1aa implement certificate verification API for GnuTLS
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-10-28 17:23:32 +02:00
Steffen Jaeckel
12009a009d implement certificate verification API for OpenSSL
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-10-28 17:23:32 +02:00
Steffen Jaeckel
f23ac83c95 add callback functionality on certificate verification failure
Based on the differences to libmesode this functionality has been added.

It allows a library-user to set a callback for cases where the TLS stack
can't verify a received certificate and let the end-user decide what to
do.

examples/basic implements an example handler of said functionality.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-10-28 14:42:11 +02:00
Steffen Jaeckel
2dc20d13fb declare function static
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-10-26 14:11:43 +02:00
Steffen Jaeckel
e26548375e move "SENT: ..." debug statement to the place where it belongs
This also adds a "QUEUED: ..." debug statement at verbosity level 2.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-07-22 23:44:40 +02:00
Steffen Jaeckel
e73cdb57f3 More debug printing of queue details
This adds a new API function xmpp_ctx_set_verbosity() to set increased
verbosity levels.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-07-22 23:44:40 +02:00
Steffen Jaeckel
fcc4f8c680 skip further processing on TLS error
While reading through the code this seemed logical to do.
I haven't seen this occuring in the wild!

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-07-22 23:44:40 +02:00
Steffen Jaeckel
a1de389e45 return early when nothing would be logged
This returns early in case

1. no log handler is set
2. the default log handler is set and the log level would result in nothing
   being printed.

No need to snprintf() and whatnot if there's no consumer.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-07-22 23:44:40 +02:00
Steffen Jaeckel
4ef5b2d449 re-factor sending
Put sending of data into its own function which takes ownership of the
data and therefor minimizes the number of allocations and frees.

This also slightly improves error handling and printing of debug
information.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-07-22 23:44:40 +02:00
Steffen Jaeckel
ad9e9d5dbd add xmpp_strndup()
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-07-22 23:44:40 +02:00
Dmitry Podgorny
4e53184eee tests/stanza: add test for xmpp_stanza_reply_error() 2021-07-17 01:23:16 +03:00
Dmitry Podgorny
f19ed572f0 stanza: remove trailing spaces 2021-07-17 01:21:49 +03:00
sshikaree
f27d95fe43 Checking for errros in a xmpp_stanza_reply_error() 2021-07-08 09:44:23 +03:00
Dmitry Podgorny
2bf1988b3c parser: fix memory leak in error path for depth more than 1
If parser has an unfinished stanza with depth > 1, it can happen that
parser->stanza points to a child. Releasing the child doesn't free the
parent stanza.

Instead of releasing parser->stanza in parser_reset() and parser_free(),
find the top most parent and release the whole tree. Also add a test
case for this memory leak.
2021-06-27 03:44:55 +03:00
Dmitry Podgorny
05620ab506 autotools: remove footer.html from EXTRA_DIST 2021-06-27 03:44:55 +03:00
Dmitry Podgorny
0ea9c1d3a2 autotools: fix style for fuzzing option
Fix spacing, fix help string layout.
2021-06-27 03:44:55 +03:00
Jordy Zomer
1f0a3f1ad1 Add basic fuzzing support for libstrophe 2021-06-26 17:05:53 -04:00
Dmitry Podgorny
2f491e0250 travis-ci: update travis config
- add gnutls option
- fix style stage: 'matrix' and 'jobs' don't work together
- switch to Ubuntu 20.04 (focal), because there is issue with
  gnutls-3.4.10 from Ubuntu 16.04 (see #177)
2021-03-27 22:35:10 +02:00
Steffen Jaeckel
2509ed8424 fixup minor gnutls things
* gcc complained about missing include
* remove unnecessary debug statement

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-24 14:47:18 +02:00
Dmitry Podgorny
f3e3e64a17 docs: remove footer.html
Use default footer instead.
2021-03-23 19:51:57 +02:00
Dmitry Podgorny
d7a28f97a6 ChangeLog: update with upcoming features 2021-03-23 02:30:11 +02:00
Dmitry Podgorny
2199d8d088 examples/basic: fix arguments check 2021-03-23 02:17:35 +02:00
Dmitry Podgorny
d1ce4b35ae tests/xmppaddr: improve error reports
COMPARE() assumes that the first argument is the reference. Swap
arguments to report right expected value.
2021-03-23 02:14:25 +02:00
Dmitry Podgorny
e77cd53215 conn: fix segfault in xmpp_connect_client() when jid not set 2021-03-23 02:12:55 +02:00
Dmitry Podgorny
588aea4f54 tls/gnutls: zeroize allocated tls object
Initialize tls object with 0. This also sets tls->client_cert to NULL.
2021-03-23 02:11:09 +02:00
Dmitry Podgorny
ee5f9fb77b tls/openssl: fix openssl-3.0.0 support
3.0.0 includes the "id-on-xmppAddr" object and OBJ_create() returns
NID_undef if we try to create a new one.
2021-03-23 02:08:22 +02:00
Dmitry Podgorny
4790a61437 tls/openssl: fix openssl-0.9.8 support
0.9.8 doesn't implement GENERAL_NAME_get0_otherName().
2021-03-23 02:07:00 +02:00
Steffen Jaeckel
25d3a2d459 add test for new API's
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
27be6acaeb add tls_id_on_xmppaddr() for GnuTLS
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
9a0e070c24 add missing API to other TLS implementations
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
e490011b68 add option to build against gnutls
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
3b4b664c28 add client-cert support to basic example
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
18c95fa7bd add support for client authentication via certificates
The SASL EXTERNAL method is implemented to make this possible.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Dmitry Podgorny
cf2f7147d9 tests/rand: don't define xmpp_snprintf when HAVE_SNPRINTF is set
If HAVE_SNPRINTF is set, xmpp_snprintf is replaced with snprintf symbol
and it can cause issues (e.g. on MacOS system).
2021-03-23 00:30:09 +02:00
Dmitry Podgorny
ecf6457cdb conn: send stream attribute "from" after TLS negotiation
RFC6120 states that client SHOULD send the "from" attribute in <stream>.

Because of privacy concerns attribute "from" should be sent only after
TLS negotiation. This step ensures that the server is verified by its
certificate and protects JID from MITM attack.

Fixes #163.
Also should be helpful for #162.
2021-03-21 17:09:35 +02:00
Dmitry Podgorny
db8a511f68 style: remove extra const keyword from interfaces
Const variables in prototypes don't add much value, but make the code
larger and redundant. Remove these const keywords.
Note, this doesn't apply to pointers to const memory.
2021-03-19 22:12:15 +02:00
Dmitry Podgorny
2d5424bcff Release libstrophe-0.10.1 0.10.1 2020-12-24 16:04:21 +02:00
Dmitry Podgorny
5792d52461 doxygen: set correct version number 2020-12-19 02:33:14 +02:00
Dmitry Podgorny
09229e2cd5 conn: remove extra ; symbol 2020-10-07 20:18:20 +03:00
Dmitry Podgorny
c07ac0a68d conn: don't crash when user sets password to NULL
Make it possible to reset password to NULL. It is not required for
ANONYMOUS authentication. Also, report an error and disconnect if
password is not set and libstrophe should try authentication mechanisms
other than ANONYMOUS.
2020-09-30 20:56:52 +03:00
Dmitry Podgorny
60ce94c267 auth: add missed space in log message 2020-09-30 20:43:32 +03:00
Dmitry Podgorny
99f2d4fe54 travis-ci: build libstrophe against LibreSSL 2020-09-24 15:07:15 +03:00
Dmitry Podgorny
acced31192 tls/openssl: Fix undefined error codes for LibreSSL
LibreSSL doesn't define all error codes which OpenSSL defines. Wrap them
with #ifndef.

Reference: https://bugs.gentoo.org/744127
2020-09-24 13:34:49 +03:00
Dmitry Podgorny
9ee08f8f2a Release libstrophe-0.10.0 0.10.0 2020-09-16 00:27:34 +03:00
Dmitry Podgorny
7c1061ccbb autotools: remove rpm files 2020-09-16 00:27:34 +03:00
Dmitry Podgorny
7eab7c3f5e Android: add missed files and -DHAVE_DECL_VA_COPY 2020-09-16 00:21:01 +03:00
Dmitry Podgorny
4d93b6c0d6 Check for va_copy declaration
ctx.c contains a workaround for systems without va_copy() support.
Improve this workaround in the way which is described in the autoconf
manual.

Also check for va_copy declaration in configure time.

Fixes #160.
2020-09-16 00:07:41 +03:00
Dmitry Podgorny
65b3a0996f README: mention about license 2020-09-15 03:14:54 +03:00