Commit Graph

542 Commits

Author SHA1 Message Date
Dmitry Podgorny
2bf5cc0e41 auth: disable PLAIN when other mechanisms are supported
PLAIN mechanism sends password in BASE64 encoding which everyone can
read. As result, debug logs expose password and users often don't remove
it when post the logs in the Internet.

Usually, both a secure mechanism and PLAIN are used in the scenario when
username or password is incorrect. PLAIN fails in this scenario anyway.
2019-10-01 23:38:50 +03:00
Dmitry Podgorny
30f3cc9263 auth: disable legacy auth by default
Legacy authentication can expose password in plaintext. Since this is
not widely used mechanism, disable it by default. It can be enabled back
with connection option XMPP_CONN_FLAG_LEGACY_AUTH.
2019-10-01 22:34:31 +03:00
Dmitry Podgorny
e120109644 Android: update makefiles
This patch makes libstrophe build with NDK r20 and new libexpat.
2019-09-25 11:00:52 +00:00
Dmitry Podgorny
b4f13205d8 ChangeLog: notes for 0.9.3 2019-09-25 10:58:09 +00:00
Dmitry Podgorny
4797522d88 ChangeLog: mention missed notes for 0.9.2 2019-09-25 10:57:03 +00:00
Hoenig Mark (TT/EIS3-Lol)
5ee06776ee tls/openssl: don't call SSL_shutdown() after a fatal error
According to SSL_shutdown(3), the function must not be called
if previous fatal error occurred.
2019-07-03 15:14:01 +02:00
Dmitry Podgorny
c40b4c12c1 parser/expat: don't cast name to char*
name already has type char*, remove redundant code.
2019-03-04 18:01:29 +02:00
Dmitry Podgorny
d8329960c5 rand: don't pass NULL to memcpy()
Fixes a compiler's warning.
2019-03-04 18:00:01 +02:00
Andrey Starodubtsev
94ece33f16 attempt to free already freed memory fixed 2018-12-26 15:52:02 +03:00
Andrey Starodubtsev
b179c2d277 some memory leaks fixed 2018-12-26 15:44:55 +03:00
Andrey Starodubtsev
ab568a2666 memory leak in hash values fixed 2018-12-13 14:28:41 +03:00
Nikolay Lineckiy
c10c930e8f Fix incomplete send queue cleanup
Due to incomplete reset xmpp_conn_t object could not be safely reused
for reconnection
2018-12-04 18:58:36 +03:00
Dmitry Podgorny
6ddf424192 travis-ci: add -Werror flag
This flag has been removed from Makefile.am.
2018-11-06 11:45:39 +02:00
Dmitry Podgorny
6aff44184e autotools: remove AM_CFLAGS
AM_CFLAGS is ignored when target specific target_CFLAGS are present.
2018-11-06 11:35:52 +02:00
Dmitry Podgorny
9cc9ea86bb tls/openssl: log some info about certificate
Log subject name and issuer name from certificate after TLS connection
is established or fails to connect.
2018-11-06 10:53:46 +02:00
Dmitry Podgorny
13a0bc463c rand: fix comment 2018-10-24 22:28:54 +03:00
jngd
8ff510a3af Fix annoying comment about how disconnect can be performed 2018-09-26 19:15:58 +02:00
Dmitry Podgorny
633d1e9b52 travis-ci: remove check package from dependecies 2018-07-30 20:45:08 +03:00
Dmitry Podgorny
a13ba65cfb Don't pass NULL to strcmp()
There are places where code relies on well-formed stanzas and expects
that ns attribute is always present. Check whether ns NULL or not before
passing it to strcmp().

Fixes #121.
2018-07-30 20:38:43 +03:00
Stu Tomlinson
0e6b0ef84d Only require session if it is not optional
RFC6121 removes the precondition of establishing a session before a client
may exchange XML stanzas on an XMPP network.

This PR allows libstrophe to not request session where it is indicated
as optional by the server, saving a round trip.

https://tools.ietf.org/html/rfc6121#section-1.4
2018-06-08 14:27:29 +00:00
Xavi
9a86efabe5 Remove unused variable 2018-02-23 23:21:37 +01:00
Dmitry Podgorny
a4b05cf156 Release libstrophe-0.9.2 0.9.2 2018-02-23 14:19:15 +02:00
Dmitry Podgorny
06da6d5125 autotools: remove -Werror
We need it only in development versions. Let releases build with
warnings.
2018-02-23 14:19:15 +02:00
Dmitry Podgorny
1bcf77608d crypto: fix typos in comments 2018-02-23 14:05:56 +02:00
Dmitry Podgorny
aab0cc3e3e parser/libxml2: clear parser->stanza properly
- Release stanza in parser_free()
 - Clear parser->stanza even if xmlCreatePushParserCtxt() fails
2018-02-18 14:51:16 +02:00
Dmitry Podgorny
822f95071a sasl: fix memory leak in DIGEST-MD5 implementation
Don't add "qop" two times to hash table, otherwise, an entry is lost
without freeing memory.
2018-02-18 14:02:17 +02:00
Dmitry Podgorny
27f613bc84 stanza: small fixes in xmpp_error_new()
- Receive const text
 - Move variable declaration to the beginning of the block
2018-02-18 13:18:43 +02:00
Dmitry Podgorny
af1ef3855b resolver: suppress warning in windows code 2018-02-18 13:08:16 +02:00
Dmitry Podgorny
7ede9c6d03 tls/openssl: suppress error in special case in tls_stop()
When peer closes connection instead of proper shutdown SSL_shutdown()
fails in bidirectional mode. Handle this case and suppress the error.
2018-02-18 12:03:11 +02:00
Dmitry Podgorny
20c6f225b9 ChangeLog: add missed changes 2018-02-18 10:42:21 +02:00
Scott M Anderson
5b204b0938 fix strtok_r test on MSW 2018-02-18 09:55:33 +02:00
Dmitry Podgorny
6e6093ee7b stanza: fix xmpp_error_new() in #115
* Don't set text to a tag stanza. It returns XMPP_INVOP.
 * Don't use stanza after releasing own reference.
2017-09-12 17:45:11 +03:00
Dmitry Podgorny
f12d43989f stanza: removed tabs and trailing spaces 2017-09-12 17:36:28 +03:00
Ilya Orlov
032e8ec89d Added new stanza for error responce, libstrophe now will be responce <stream:error> if parser failed 2017-09-04 11:46:09 +03:00
Dmitry Podgorny
d0644c5e95 tls/openssl: print errno on unrecoverable error 2017-08-23 09:23:51 +03:00
Dmitry Podgorny
b1b827cde6 conn: clear features support on connection reset
Features may be changed when client reconnects.
2017-07-15 21:32:55 +03:00
Dmitry Podgorny
e73b577e0b auth: use xmpp_iq_new() for iq stanzas 2017-07-15 20:35:16 +03:00
Dmitry Podgorny
8d2d59e914 tls/openssl: add OpenSSL-1.1.0 support (#109)
OpenSSL-1.1.0 marks cleanup functions as deprecated and changes
initialization function. It implements implicit de-initialization.

Reported by @zygmund2000.
2017-07-12 02:07:14 +03:00
Dmitry Podgorny
212f3ea760 snprintf: fix compilation with GCC 7 (#108)
GCC 7 enables -Wimplicit-fallthrough=3 with -Wextra. Add comments to
suppress these warning explicitly.

Reported by @akoww
2017-07-11 03:21:31 +03:00
Dmitry Podgorny
4aa7ea7e5b parser/expat: update #47
@curse666 suggested solution for #46 which reduces memory usage in expat
module. Current patch fixes few issues:
  - Inner text is lost for depth 1 stanzas
  - Incorrect handling of mixed xml <x>text<y/></x>
  - Reduced number of realloc() calls
2017-07-06 22:32:20 +03:00
curse666
5f9c0399c3 Update parser_expat.c
solution for #46.
2017-07-06 19:25:20 +03:00
Dmitry Podgorny
b83347b464 examples: use xmpp_iq_new() 2017-07-06 15:47:19 +03:00
Dmitry Podgorny
d8a86a54d5 event: set socket to wfds when sending queue is not empty
Don't sleep in select(2) when system is ready to send data.
2017-07-05 20:36:34 +03:00
Dmitry Podgorny
49289a9c05 event: reduce copy-paste 2017-07-05 20:34:38 +03:00
Dmitry Podgorny
456083d878 stanza: fix memory leaks
Free attribute "to" before replacing it in xmpp_stanza_reply().
Free value on insertion error in xmpp_stanza_set_attribute().
Don't copy attributes manually. Use xmpp_stanza_set_attribute() instead.
2017-07-05 20:20:45 +03:00
Dmitry Podgorny
15e7032f0d examples/bot: handle quit message 2017-07-05 19:40:25 +03:00
Dmitry Podgorny
cd2cf6eb23 ctx: set default event loop timeout to 1 second
Default timeout was 1 millisecond and it consumed CPU by running the
loop in xmpp_run(). The CPU usage was unacceptable and thus xmpp_run()
was not used by users. Also user can set the timeout by
xmpp_ctx_set_timeout() now.

Event loop already handles the situation when there is a timed handler
which needs to be run before the timeout is reached. Also system awakes
event loop when data arrives to socket.

The only drawback is when timed handler sends data it will be actually
sent after select(2) returns. But this situation can be handled easily by
adding socket to wfds when xmpp_conn_t contains data in sending queue.
2017-07-05 15:47:13 +03:00
Dmitry Podgorny
666995531a ChangeLog: mention recent changes
- Certificate verification is enabled for all openssl versions by
   default
 - xmpp_ctx_set_timeout()
 - Move xmpp_ctx_set_timeout() to event loop section in strophe.h
2017-07-04 19:22:26 +03:00
Dmitry Podgorny
9269d6b0d5 conn: add flag XMPP_CONN_FLAG_TRUST_TLS
TLS modules accept invalid server's certificates when the flag is set.
2017-07-04 17:20:33 +03:00
Dmitry Podgorny
c319ee6583 handler: fix memory leak and use-after-free errors
The errors are related to newly added handler_system_delete_all().
2017-07-01 16:24:30 +03:00