Commit Graph

658 Commits

Author SHA1 Message Date
Dmitry Podgorny
06cb1459f1 tls/securetransport: add client cert stub functions 2021-03-30 00:46:13 +03:00
Dmitry Podgorny
82f372fa49 Add tls_securetransport.c to EXTRA_DIST 2021-03-30 00:30:30 +03:00
Dmitry Podgorny
9ddc881102 tls/securetransport: tls_new() accepts xmpp_conn_t object 2021-03-30 00:30:30 +03:00
Dmitry Podgorny
f6ef50d134 tls/securetransport: fix indentation 2021-03-30 00:30:30 +03:00
Chris A. Taylor
bd87653c76 Add Secure Transport implementation of TLS 2021-03-30 00:30:30 +03:00
Dmitry Podgorny
2f491e0250 travis-ci: update travis config
- add gnutls option
- fix style stage: 'matrix' and 'jobs' don't work together
- switch to Ubuntu 20.04 (focal), because there is issue with
  gnutls-3.4.10 from Ubuntu 16.04 (see #177)
2021-03-27 22:35:10 +02:00
Steffen Jaeckel
2509ed8424 fixup minor gnutls things
* gcc complained about missing include
* remove unnecessary debug statement

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-24 14:47:18 +02:00
Dmitry Podgorny
f3e3e64a17 docs: remove footer.html
Use default footer instead.
2021-03-23 19:51:57 +02:00
Dmitry Podgorny
d7a28f97a6 ChangeLog: update with upcoming features 2021-03-23 02:30:11 +02:00
Dmitry Podgorny
2199d8d088 examples/basic: fix arguments check 2021-03-23 02:17:35 +02:00
Dmitry Podgorny
d1ce4b35ae tests/xmppaddr: improve error reports
COMPARE() assumes that the first argument is the reference. Swap
arguments to report right expected value.
2021-03-23 02:14:25 +02:00
Dmitry Podgorny
e77cd53215 conn: fix segfault in xmpp_connect_client() when jid not set 2021-03-23 02:12:55 +02:00
Dmitry Podgorny
588aea4f54 tls/gnutls: zeroize allocated tls object
Initialize tls object with 0. This also sets tls->client_cert to NULL.
2021-03-23 02:11:09 +02:00
Dmitry Podgorny
ee5f9fb77b tls/openssl: fix openssl-3.0.0 support
3.0.0 includes the "id-on-xmppAddr" object and OBJ_create() returns
NID_undef if we try to create a new one.
2021-03-23 02:08:22 +02:00
Dmitry Podgorny
4790a61437 tls/openssl: fix openssl-0.9.8 support
0.9.8 doesn't implement GENERAL_NAME_get0_otherName().
2021-03-23 02:07:00 +02:00
Steffen Jaeckel
25d3a2d459 add test for new API's
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
27be6acaeb add tls_id_on_xmppaddr() for GnuTLS
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
9a0e070c24 add missing API to other TLS implementations
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
e490011b68 add option to build against gnutls
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
3b4b664c28 add client-cert support to basic example
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Steffen Jaeckel
18c95fa7bd add support for client authentication via certificates
The SASL EXTERNAL method is implemented to make this possible.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-03-23 02:04:59 +02:00
Dmitry Podgorny
cf2f7147d9 tests/rand: don't define xmpp_snprintf when HAVE_SNPRINTF is set
If HAVE_SNPRINTF is set, xmpp_snprintf is replaced with snprintf symbol
and it can cause issues (e.g. on MacOS system).
2021-03-23 00:30:09 +02:00
Dmitry Podgorny
ecf6457cdb conn: send stream attribute "from" after TLS negotiation
RFC6120 states that client SHOULD send the "from" attribute in <stream>.

Because of privacy concerns attribute "from" should be sent only after
TLS negotiation. This step ensures that the server is verified by its
certificate and protects JID from MITM attack.

Fixes #163.
Also should be helpful for #162.
2021-03-21 17:09:35 +02:00
Dmitry Podgorny
db8a511f68 style: remove extra const keyword from interfaces
Const variables in prototypes don't add much value, but make the code
larger and redundant. Remove these const keywords.
Note, this doesn't apply to pointers to const memory.
2021-03-19 22:12:15 +02:00
Dmitry Podgorny
2d5424bcff Release libstrophe-0.10.1 0.10.1 2020-12-24 16:04:21 +02:00
Dmitry Podgorny
5792d52461 doxygen: set correct version number 2020-12-19 02:33:14 +02:00
Dmitry Podgorny
09229e2cd5 conn: remove extra ; symbol 2020-10-07 20:18:20 +03:00
Dmitry Podgorny
c07ac0a68d conn: don't crash when user sets password to NULL
Make it possible to reset password to NULL. It is not required for
ANONYMOUS authentication. Also, report an error and disconnect if
password is not set and libstrophe should try authentication mechanisms
other than ANONYMOUS.
2020-09-30 20:56:52 +03:00
Dmitry Podgorny
60ce94c267 auth: add missed space in log message 2020-09-30 20:43:32 +03:00
Dmitry Podgorny
99f2d4fe54 travis-ci: build libstrophe against LibreSSL 2020-09-24 15:07:15 +03:00
Dmitry Podgorny
acced31192 tls/openssl: Fix undefined error codes for LibreSSL
LibreSSL doesn't define all error codes which OpenSSL defines. Wrap them
with #ifndef.

Reference: https://bugs.gentoo.org/744127
2020-09-24 13:34:49 +03:00
Dmitry Podgorny
9ee08f8f2a Release libstrophe-0.10.0 0.10.0 2020-09-16 00:27:34 +03:00
Dmitry Podgorny
7c1061ccbb autotools: remove rpm files 2020-09-16 00:27:34 +03:00
Dmitry Podgorny
7eab7c3f5e Android: add missed files and -DHAVE_DECL_VA_COPY 2020-09-16 00:21:01 +03:00
Dmitry Podgorny
4d93b6c0d6 Check for va_copy declaration
ctx.c contains a workaround for systems without va_copy() support.
Improve this workaround in the way which is described in the autoconf
manual.

Also check for va_copy declaration in configure time.

Fixes #160.
2020-09-16 00:07:41 +03:00
Dmitry Podgorny
65b3a0996f README: mention about license 2020-09-15 03:14:54 +03:00
Dmitry Podgorny
4dd78be10d tls/openssl: fix compilation with older openssl
Not all error codes are present in older versions of openssl.
2020-09-15 03:07:02 +03:00
Dmitry Podgorny
8c076ac969 stanza: remove attribute xmlns in xmpp_stanza_reply() 2020-09-15 02:21:18 +03:00
Dmitry Podgorny
7c68aced35 stanza: add xmpp_stanza_reply_error()
This function makes an error reply stanza as described in
https://tools.ietf.org/html/rfc6120#section-8.3
2020-09-15 02:19:20 +03:00
Dmitry Podgorny
197896ba1b tls/openssl: improve logging
Log error names and codes to increase verbosity in debug mode.
2020-06-18 22:18:59 +03:00
Dmitry Podgorny
bef411f319 sha1: fix zeroing storage
Compilers remove dead assignments in optimization phase. But SHA1 code
uses them for wiping of sensitive data.  Fix this with the trick used
by openssl.
2020-06-18 22:14:04 +03:00
Dmitry Podgorny
7f5ce7d2ae sha1: remove SHA1HANDSOFF
We don't support configuration when SHA1 functions overwrite user's
data. So remove this code not to confuse.
2020-06-19 00:51:33 +03:00
Dmitry Podgorny
47e27c837a examples/basic: add new conn flags
Add options:
  --trust-tls
  --legacy-auth
2020-06-07 20:43:41 +03:00
Dmitry Podgorny
50a4a983cd handler: add documentation for global timed handlers 2020-06-06 00:11:24 +03:00
Dmitry Podgorny
428681a185 stanza: add xmpp_stanza_new_from_string()
This function creates a stanza object from a string. The string must
contain a single complete stanza. Multiple stanzas will lead to memory
leak and this is not handled in the patch.
2020-06-04 03:44:21 +03:00
Dmitry Podgorny
3dcc5a60f2 Introduce global timed handlers
There are situations when applications need more predictable timed
handlers that don't depend on connection status. Other usecase of
the global handlers is to manage offline connections, for example,
reconnect after a disconnection.
2020-06-03 02:11:40 +03:00
Dmitry Podgorny
cba21b5598 examples/register: replace getline() with fgets()
getline(3) doesn't exist on all systems.
2020-05-31 22:05:21 +03:00
Dmitry Podgorny
a65dd1059d resolver: don't build legacy win32 code with c-ares
Fix ifdef macros to exclude legacy win32 code when it is not needed.
2020-05-31 21:43:09 +03:00
Dmitry Podgorny
7c83eb0efa windows: rewrite headers in lower case
Otherwise, compilation fails on systems that are case sensitive.

Reference: #159.
2020-05-31 21:03:44 +03:00
Steffen Jaeckel
f2c658723f clean-up 2020-04-30 12:03:57 +02:00