New boolean functions:
xmpp_conn_is_connecting()
xmpp_conn_is_connected()
xmpp_conn_is_disconnected()
These functions are backported from UnrealEngine project.
src/snprinf.[ch] rely on HAVE_SNPRINTF macro. The check is missed in
configure script and libstrophe always use internal implementation
of snprinf() which may be inefficient. Add check to configure.ac.
In this place value of variable i is constant and predictable. No point
to clean it. Furthermore, since the value is not used after assignment,
compiler will optimize and remove the assignment.
This patch fixes a warning from the clang static analyzer.
I think it's fairly common in the XMPP world to actually want a stanza
by it's NS but also want a certain name.
For example this was needed in Profanity:
68af0aad65
message_name_get() adds "." to the tail and it leads to:
strncpy(&dest, ".", 1);
gcc 9.2.0 generates a warning, because string is truncated without
copying trailing '\0'. Replace strncpy() with memcpy() to fix the
warning.
OpenSSL and LibreSSL versions are incompatible. Moreover, LibreSSL
always define OPENSSL_VERSION_NUMBER as 0x20000000L. Instead of checking
for LibreSSL everywhere explicitly, redefine OPENSSL_VERSION_NUMBER.
See similar issues with nginx project: https://trac.nginx.org/nginx/ticket/1605
The facebook suddenly stopped connecting on my dev machine. I still cannot
explain what caused this change in behaviour, but I was finally able to
diagnose and fix the problem.
Chat was not connecting due to an error in tls_start. The windows function
InitializeSecurityContext was returning a SEC_E_INCOMPLETE_MESSAGE status
which was being treated as an error. However, the documentation states
that this is not an error. This status simply indicates that more data
needs to be read. This commit does precisely that -- when
SEC_E_INCOMPLETE_MESSAGE we read more data from the socket and call
InitializeSecurityContext again.
PLAIN mechanism sends password in BASE64 encoding which everyone can
read. As result, debug logs expose password and users often don't remove
it when post the logs in the Internet.
Usually, both a secure mechanism and PLAIN are used in the scenario when
username or password is incorrect. PLAIN fails in this scenario anyway.
Legacy authentication can expose password in plaintext. Since this is
not widely used mechanism, disable it by default. It can be enabled back
with connection option XMPP_CONN_FLAG_LEGACY_AUTH.
There are places where code relies on well-formed stanzas and expects
that ns attribute is always present. Check whether ns NULL or not before
passing it to strcmp().
Fixes#121.