Commit Graph

466 Commits

Author SHA1 Message Date
Steffen Jaeckel
c90128779f Fix xmpp_stanza_release() for cloned child-stanzas.
Break the linked-list of children before releasing a child.

Before this patch it was possible, when a child is cloned and stored
for longer than the lifetime of its parent, that its `next` pointer
points to invalid memory that was already free'd when the parent stanza
was released.

This issue exists already since the initial version of
`xmpp_stanza_release()`.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-07-28 15:36:54 +02:00
Steffen Jaeckel
acb8e0f629 Handle missing <bind>
This patch handles the case where the server sends its list of features,
but the `<bind>` feature is missing.
A server doing so is violating RFC6120 (c.f. [0]), but it happened in [1].
Previously we ended up in a segfault, now we terminate the connection.

Reproducing this was done with netcat and profanity:

```
shell1    $ nc -l -p 5222
profanity $ /connect foo@127.0.0.1 tls disable

-> nc receives: '<?xml version="1.0"?><stream:stream to="127.0.0.1" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">'

nc send: <?xml version="1.0"?>
<stream:stream from="127.0.0.1" id="foobarbaz" lang="en" version="1.0" xmlns:stream="http://etherx.jabber.org/streams">
<features xmlns="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism></mechanisms></features>

-> nc receives: '<auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">XXXXXXXXXX</auth>'

nc send: <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>

-> nc receives: '<?xml version="1.0"?><stream:stream to="127.0.0.1" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams"><stream:stream from="127.0.0.1" id="foobarbaz" lang="en" version="1.0" xmlns:stream="http://etherx.jabber.org/streams">'

nc send: <?xml version="1.0"?>
<stream:stream from="127.0.0.1" id="foobarbaz" lang="en" version="1.0" xmlns:stream="http://etherx.jabber.org/streams">
<features xmlns="http://etherx.jabber.org/streams"/>

-> pre-patch this lead to a segfault of profanity, now the stream gets closed.
```

[0] https://datatracker.ietf.org/doc/html/rfc6120#section-7.2
[1] https://github.com/profanity-im/profanity/issues/1849

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-07-28 15:36:54 +02:00
Dmitry Podgorny
f3460460e9 sock: Introduce xmpp_sock_t abstraction
libstrophe uses non-blocking sockets and the connect() syscall may
return before a TCP connection is established. This doesn't allow
to catch all possible errors synchronously and some of the errors
are handled in the event handler.

In a scenario with multiple SRV records and/or multiple IP addresses
resolution, we need to repeat connection attempt on a failure.

xmpp_sock_t resolves the above problem. It keeps resolved records and
addresses to repeat connect attempt asynchronously.
2023-06-16 20:33:00 +03:00
Steffen Jaeckel
37555868f6 improve JID parsing according to RFC7622
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-03-10 11:11:44 +01:00
Steffen Jaeckel
b0855f75f5 don't return RR list on error
The resolver maybe returned an error code but allocated an RR list. Free
this list now in the resolver instead of depending on the user to free it
even though there was an error.

This API is only library internal, but still it makes more sense like that.

This issue was discovered in CI job [0].

[0] https://github.com/strophe/libstrophe/actions/runs/3874980845/jobs/6776501943

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-19 10:30:08 +01:00
Steffen Jaeckel
977ef75b14 fix potential memory leak
If functions `xmpp_conn_set_cafile()` or `xmpp_conn_set_capath()` are
called twice they leaked the previously allocated memory.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-09 15:55:23 +01:00
Steffen Jaeckel
d7d7435f21 less calls to xmpp_stanza_release()
Instead of using the "cloning version" `xmpp_stanza_add_child()` use the
version that takes ownership, so we don't have to release directly
afterwards.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-09 15:55:23 +01:00
Steffen Jaeckel
d22558e0e3 send_stanza() now takes ownership of the stanza
Instead of always releasing the stanza after calling `send_stanza()`, this
is done inside the function now.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-09 15:55:23 +01:00
Steffen Jaeckel
004a5bf7fc fix infitite looping in resolver
...this time for real ...hopefully :)

fixup of 870f2174d5

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-08-05 14:54:50 +02:00
Steffen Jaeckel
54b92c0255 re-use _auth_success() instead of copying ...
... and forgetting to 1. clear the password cache and 2. print a message
of what exactly happened ...

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-08-05 12:36:31 +02:00
Steffen Jaeckel
e29f422511 reset relevant parts of SM state on disconnect
Prevent assuming SM is enabled if the connection gets re-used without a
complete destroy&re-create of the connection object.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-08-04 11:54:36 +02:00
Tu Duong Quyet
1a8be1d617 Make it right to check/implement va_copy 2022-08-04 11:52:35 +02:00
Stu Tomlinson
357edbd367 Add XMPP_CONN_FLAG_DISABLE_SM to docs 2022-06-23 17:24:38 +01:00
Stu Tomlinson
3d01915407 Accept PKCS#12 file in either key or cert 2022-06-23 17:24:38 +01:00
Stu Tomlinson
3891b73c44 Open PKCS12 files as binary
Opening as text on Windows causes read failures:
tls DEBUG error:0680008E:asn1 encoding routines::not enough data
2022-06-23 09:44:00 +01:00
Michael Vetter
f0383d50cd Include unistd.h for ssize_t
When compiling on buildroot I get:
`src/tls.c:235:28: error: ‘ssize_t’ undeclared (first use in this
function); did you mean ‘size_t’? `

To have this POSIX type available we will need to include
`sys/types.h` or `unistd.h`.
2022-06-08 10:36:35 +02:00
Steffen Jaeckel
62d1063560 prevent memory leak in xmpp_stanza_new_from_string()
Only remember the first stanza in case the string contains
multiple stanzas.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-05-05 16:34:44 +02:00
Steffen Jaeckel
d8c9ca49e1 Be user-friendly when opening a pfx/p12 file
Before this change the user had to provide a password callback, even if the
PKCS#12 encoded file has no or an empty password.

This changes the behavior, so we first try to open the file without a
password and only then ask the user to provide one.

This fixes #204.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-05-05 16:34:44 +02:00
Steffen Jaeckel
5ac415986e finish implementing XEP-0198
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-04-06 13:51:05 +02:00
Steffen Jaeckel
10760238b3 add xmpp_conn_send_queue_drop_element()
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-04-06 11:24:13 +02:00
Steffen Jaeckel
d9acad3d91 add xmpp_conn_send_queue_len()
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-04-06 11:24:13 +02:00
Steffen Jaeckel
27278c032b introduce owner concept in send_queue
In order to be able to distinguish between user-created entries and
library-internal entries, we mark each entry who it belongs to.
This allows then later to let the user manage only the queue entries
that were created by them.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-04-06 11:24:13 +02:00
Dmitry Podgorny
57bc4bbb75 WIP XEP-0198: implement stream management
Stream management is enabled when server supports it. There is no option
to disable it.
2022-03-31 12:45:39 +02:00
Steffen Jaeckel
3600756723 fix linter warnings
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-31 12:44:19 +02:00
Steffen Jaeckel
e1ee758b61 fix warning when compiling against OpenSSL 3.0.x
`ERR_func_error_string()` has been deprecated.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-23 17:04:13 +01:00
Steffen Jaeckel
4b5e103d9c move password cache into libstrophe
The cache is stored per connection object and is cleared on
* entry of wrong password
* release of connection object
* successful connection

It can be configured that libstrophe retries the password entry in case
the user entered a wrong password.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-23 17:04:13 +01:00
Steffen Jaeckel
bddb80a192 add support for a password callback
In order to be able to load password-protected key files a password
callback was added.

This also adds support for PKCS#12 containers instead of certificate+key.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-21 00:24:22 +01:00
Stu Tomlinson
06afe3d1c2 Add API to register callback to set socket options
The registered callback function will be called before connect() is
called on the socket, allowing tweaking of much more than just keepalive
settings.

This deprecates xmpp_conn_set_keepalive().

Includes helper/example callback function to set default keepalive
parameters that some library users may find useful.
2022-03-17 22:59:07 +00:00
Steffen Jaeckel
97b1452211 revive removed API's
In order to do proper deprecation of those API's we re-introduce them
so they can be removed in the next release. This will then also lead to
an ABI bump.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-16 14:39:20 +01:00
Steffen Jaeckel
fc6ba89c61 properly rename internal [v]snprintf() functions
Otherwise it clashes when we want to re-introduce the `xmpp_` prefix'ed
versions.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-16 14:39:20 +01:00
Steffen Jaeckel
528c16e6c8 fix build with OpenSSL 1.1.0l
Debian 9.13 (stretch) brings this version and building failed there.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-09 16:48:07 +01:00
Steffen Jaeckel
870f2174d5 fix potential infinite looping of resolver
In case a pointer to itself was received, the resolver looped inifinitely
until the stack overflows.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-03-09 16:48:07 +01:00
Stu Tomlinson
879f40a0ae Minor compile warning fix
src/handler.c: In function 'handler_system_delete_all':
src/handler.c:706:25: warning: 'key2' may be used uninitialized in this function [-Wmaybe-uninitialized]
                 hash_add(conn->id_handlers, key2, head);
2022-03-02 11:25:05 +00:00
Steffen Jaeckel
1e8dc3caa8 move common code to static function
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-22 14:58:44 +01:00
Steffen Jaeckel
e32d39dbc1 forgot to update tls_schannel.c with new API's
Fixup of
93e04b8d03
a97714da18

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-10 11:39:25 +01:00
Steffen Jaeckel
69550f9be9 allow reading arbitrary number of bytes from xmpp_rand_bytes()
If we expose the API it shouldn't be limited.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-06 12:36:38 +01:00
Steffen Jaeckel
619bcc38e9 make [v]snprintf() private
Fixes #189

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-06 12:36:38 +01:00
Steffen Jaeckel
728e050a05 make strtok_r private
Fixes #189

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-06 12:36:38 +01:00
Steffen Jaeckel
93e04b8d03 make logging functions private
Fixes #189

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-06 12:36:38 +01:00
Steffen Jaeckel
a97714da18 make alloc-class of functions private
Fixes #189

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-06 12:36:38 +01:00
Steffen Jaeckel
118087f2a1 make RNG API (officially) public
Fixes #189

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-04 13:36:17 +01:00
Steffen Jaeckel
3a3b4faa10 use getrandom() on recent linux distros
Instead of using the internal DRBG-based RNG, use the `getrandom()` system
call where available.
Keep the existing version as fall-back for other systems that don't provide
that system call.

... and for cases where auto-detection fails or the user simply wants to
use the internal RNG a new configure-switch is provided.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-04 13:36:17 +01:00
Steffen Jaeckel
2850fd7792 fix build with libressl
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-04 13:36:17 +01:00
Steffen Jaeckel
47f4d883c8 fix Doxygen warnings
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-04 13:36:17 +01:00
Steffen Jaeckel
d8d0e75466 improve OpenSSL error logging
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-04 13:36:17 +01:00
Steffen Jaeckel
f3878b954a use ascii chars
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2022-02-04 13:36:17 +01:00
Steffen Jaeckel
28f3ce19b8 add xmpp_stanza_get_child_by_path()
... to provide an easier way to find long paths.

After looking at some code in profanity-im/profanity#1605 I thought this
could help to make libstrophe-user code easier to write (and read).

Initially it started off as `xmpp_stanza_get_child_by_xpath()` but then
I was annoyed when it came to handling all those potential corner cases
like e.g. escaping URL's in the ns ... so here we go with a
vararg approach :)

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-12-03 15:17:54 +01:00
Steffen Jaeckel
b0631e322f use lower-case labels
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-12-03 12:04:29 +01:00
Steffen Jaeckel
ae5484ebd5 handler: refactor some copy-pasta
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-12-03 12:04:29 +01:00
Steffen Jaeckel
01f2c3128a handler: no need to dup string
`hash_iter_next()` returns a pointer to an element of the data structure
which is persistent and not altered while calling `hash_iter_next()`.
Therefor we don't have to dup the string, but simply can remember the
pointer.
In the case where the element would be `hash_drop()`'ped which contains
the key, the key is not accessed after it has been free'd.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2021-12-03 12:04:29 +01:00