Compare commits
15 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
a8807feb5c | ||
|
|
4d15f1db0b | ||
|
|
957725348e | ||
|
|
357edbd367 | ||
|
|
3d01915407 | ||
|
|
e90a6e9f71 | ||
|
|
3891b73c44 | ||
|
|
a66c3234d7 | ||
|
|
2a81327ab0 | ||
|
|
1d6714c59b | ||
|
|
a771b3d4fe | ||
|
|
700abd95b6 | ||
|
|
476dd4c4f7 | ||
|
|
f0383d50cd | ||
|
|
044398eeba |
2
.git-blame-ignore-revs
Normal file
2
.git-blame-ignore-revs
Normal file
@@ -0,0 +1,2 @@
|
||||
# Unify coding style with clang-format
|
||||
562a06425b96450481cdbc88e8872a2bf5a7d8aa
|
||||
33
.github/workflows/main.yml
vendored
33
.github/workflows/main.yml
vendored
@@ -42,34 +42,45 @@ jobs:
|
||||
run: |
|
||||
cat test-suite*.log || true
|
||||
|
||||
libressl-tests:
|
||||
runs-on: ubuntu-20.04
|
||||
xssl-tests:
|
||||
runs-on: ubuntu-22.04
|
||||
strategy:
|
||||
matrix:
|
||||
libressl_versions:
|
||||
- { version: "v3.4.2", continue: true }
|
||||
- { version: "v3.1.5", continue: false }
|
||||
- { version: "v2.1.10", continue: false }
|
||||
xssl_versions:
|
||||
- { version: "master", continue: true, libressl: true }
|
||||
- { version: "OPENBSD_7_1", continue: true, libressl: true }
|
||||
# https://github.com/libressl-portable/portable/issues/760
|
||||
# - { version: "v3.5.2", continue: true, libressl: true }
|
||||
- { version: "OPENBSD_7_0", continue: true, libressl: true }
|
||||
# OPENBSD_7_0 is basically the "fixed v3.4.3"
|
||||
# - { version: "v3.4.3", continue: true, libressl: true }
|
||||
- { version: "v3.4.2", continue: true, libressl: true }
|
||||
- { version: "OPENBSD_6_9", continue: true, libressl: true }
|
||||
- { version: "v3.1.5", continue: true, libressl: true }
|
||||
- { version: "v2.1.10", continue: true, libressl: true }
|
||||
- { version: "openssl-3.0", continue: true, libressl: false }
|
||||
- { version: "openssl-3.0.4", continue: false, libressl: false }
|
||||
valgrind:
|
||||
- { configure: '' , make: 'check' }
|
||||
- { configure: '--enable-valgrind' , make: 'check-valgrind' }
|
||||
name: LibreSSL tests
|
||||
continue-on-error: ${{ matrix.libressl_versions.continue }}
|
||||
name: xSSL tests
|
||||
continue-on-error: ${{ matrix.xssl_versions.continue }}
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: install dependencies
|
||||
run: |
|
||||
sudo apt update
|
||||
sudo apt install -y libtool pkg-config libexpat1-dev valgrind
|
||||
- name: build&install libressl
|
||||
- name: build&install the TLS stack
|
||||
env:
|
||||
LIBRESSL_COMMIT: ${{ matrix.libressl_versions.version }}
|
||||
XSSL_COMMITISH: ${{ matrix.xssl_versions.version }}
|
||||
LIBRESSL: ${{ matrix.xssl_versions.libressl }}
|
||||
run: |
|
||||
./travis/before_script.sh
|
||||
- name: Build the library
|
||||
run: |
|
||||
./bootstrap.sh
|
||||
./configure ${{ matrix.valgrind.configure }} PKG_CONFIG_PATH="${HOME}/libressl/lib/pkgconfig" CFLAGS="-Werror -g3" --prefix="${HOME}/libressl"
|
||||
./configure ${{ matrix.valgrind.configure }} PKG_CONFIG_PATH="${HOME}/xssl/lib/pkgconfig" CFLAGS="-Werror -g3" --prefix="${HOME}/xssl"
|
||||
make -j$(nproc)
|
||||
- name: Run tests
|
||||
run: |
|
||||
|
||||
11
ChangeLog
11
ChangeLog
@@ -1,3 +1,14 @@
|
||||
0.12.1
|
||||
- Fix compilation in buildroot (#207)
|
||||
- Fixes regarding OpenSSL (#208)
|
||||
- Fix some build steps when builddir != srcdir (#208)
|
||||
- Allow the user to disable build of examples (#209)
|
||||
- CI builds against OpenSSL 3 (#206)
|
||||
- Change the call signature of the following API:
|
||||
- xmpp_conn_set_client_cert() - the PKCS#12 file has now to be passed via the `cert`
|
||||
parameter. Originally it was via `key`. Currently both styles are supported,
|
||||
but in a future release only passing via `cert` will be accepted.
|
||||
|
||||
0.12.0
|
||||
- Fix potential infinite loop in resolver (#200)
|
||||
- Prevent potential memory leak in `xmpp_stanza_new_from_string()` (#205)
|
||||
|
||||
2
Doxyfile
2
Doxyfile
@@ -874,7 +874,7 @@ WARN_LOGFILE =
|
||||
# spaces. See also FILE_PATTERNS and EXTENSION_MAPPING
|
||||
# Note: If this tag is empty the current directory is searched.
|
||||
|
||||
INPUT = ./
|
||||
INPUT = $(SRCDIR)
|
||||
|
||||
# This tag can be used to specify the character encoding of the source files
|
||||
# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
|
||||
|
||||
11
Makefile.am
11
Makefile.am
@@ -14,9 +14,11 @@ if TLS_WITH_GNUTLS
|
||||
SSL_CFLAGS = @gnutls_CFLAGS@
|
||||
SSL_LIBS = @gnutls_LIBS@
|
||||
else
|
||||
if !TLS_WITH_SCHANNEL
|
||||
SSL_CFLAGS = @openssl_CFLAGS@
|
||||
SSL_LIBS = @openssl_LIBS@
|
||||
endif
|
||||
endif
|
||||
|
||||
MINGW_LIBS = @MINGW_LIBS@
|
||||
|
||||
@@ -86,9 +88,13 @@ else
|
||||
if TLS_WITH_GNUTLS
|
||||
libstrophe_la_SOURCES += src/tls_gnutls.c
|
||||
else
|
||||
if TLS_WITH_SCHANNEL
|
||||
libstrophe_la_SOURCES += src/tls_schannel.c
|
||||
else
|
||||
libstrophe_la_SOURCES += src/tls_openssl.c
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
||||
if PARSER_EXPAT
|
||||
libstrophe_la_SOURCES += src/parser_expat.c
|
||||
@@ -113,7 +119,6 @@ EXTRA_DIST = \
|
||||
jni/Android.mk \
|
||||
jni/Application.mk \
|
||||
m4/ax_valgrind_check.m4 \
|
||||
src/tls_schannel.c \
|
||||
tests/cert.pem \
|
||||
tests/cert.pfx \
|
||||
tests/cert.emptypass.pfx \
|
||||
@@ -122,6 +127,7 @@ EXTRA_DIST = \
|
||||
tests/key_encrypted.pem \
|
||||
tests/res_query_dump.c
|
||||
|
||||
if EXAMPLES
|
||||
## Examples
|
||||
noinst_PROGRAMS = \
|
||||
examples/active \
|
||||
@@ -165,6 +171,7 @@ examples_uuid_LDADD = $(STROPHE_LIBS)
|
||||
examples_vcard_SOURCES = examples/vcard.c
|
||||
examples_vcard_CFLAGS = $(STROPHE_FLAGS)
|
||||
examples_vcard_LDADD = $(STROPHE_LIBS)
|
||||
endif
|
||||
|
||||
|
||||
## Tests
|
||||
@@ -318,7 +325,7 @@ test-release-all: dist-archives
|
||||
echo "Success" && popd
|
||||
|
||||
docs:
|
||||
@doxygen -q
|
||||
@SRCDIR=$(top_srcdir) doxygen -q $(top_srcdir)/Doxyfile
|
||||
|
||||
@VALGRIND_CHECK_RULES@
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
libstrophe [](https://travis-ci.org/strophe/libstrophe)
|
||||
libstrophe [](https://github.com/strophe/libstrophe/actions/workflows/main.yml?query=branch%3Amaster+++)
|
||||
==========
|
||||
|
||||
libstrophe is a lightweight XMPP client library written in C. It has
|
||||
@@ -82,4 +82,17 @@ by running:
|
||||
|
||||
doxygen
|
||||
|
||||
or if you have everything configured properly:
|
||||
|
||||
make docs
|
||||
|
||||
Then open `docs/html/index.html`.
|
||||
|
||||
An online version of the documentation of the latest release is available on http://strophe.im/libstrophe/
|
||||
|
||||
Releases
|
||||
--------
|
||||
|
||||
Releases are signed with the GPG key with ID `F8ADC1F9A68A7AFF0E2C89E4391A5EFC2D1709DE`.
|
||||
|
||||
It can be found e.g. on https://keys.openpgp.org/
|
||||
|
||||
13
configure.ac
13
configure.ac
@@ -1,6 +1,6 @@
|
||||
m4_define([v_maj], [0])
|
||||
m4_define([v_min], [12])
|
||||
m4_define([v_patch], [0])
|
||||
m4_define([v_patch], [1])
|
||||
m4_define([project_version], [v_maj.v_min.v_patch])
|
||||
|
||||
m4_define([lt_cur], m4_eval(v_maj + v_min))
|
||||
@@ -35,10 +35,16 @@ AS_CASE([$PLATFORM],
|
||||
[haiku], [],
|
||||
[WARNING_FLAGS="$WARNING_FLAGS -Wextra"])
|
||||
|
||||
AC_ARG_ENABLE([examples],
|
||||
[AS_HELP_STRING([--disable-examples], [turn off examples])],
|
||||
[case "${enableval}" in yes) examples=true ;; no) examples=false ;; *) AC_MSG_ERROR([bad value ${enableval} for --disable-examples]) ;; esac],[examples=true])
|
||||
AM_CONDITIONAL([EXAMPLES], [test x$examples = xtrue])
|
||||
AC_ARG_WITH([libxml2],
|
||||
[AS_HELP_STRING([--with-libxml2], [use libxml2 for XML parsing, expat is the default])])
|
||||
AC_ARG_WITH([gnutls],
|
||||
[AS_HELP_STRING([--with-gnutls], [use GnuTLS for TLS support, OpenSSL is the default])])
|
||||
AC_ARG_WITH([schannel],
|
||||
[AS_HELP_STRING([--with-schannel], [use Windows Schannel for TLS support, OpenSSL is the default])])
|
||||
AC_ARG_ENABLE([tls],
|
||||
[AS_HELP_STRING([--disable-tls], [disable TLS support])])
|
||||
AC_ARG_ENABLE([cares],
|
||||
@@ -94,6 +100,10 @@ if test "x$enable_tls" != xno -a "x$with_gnutls" == xyes; then
|
||||
],
|
||||
[AC_MSG_ERROR([gnutls not found; gnutls required])]
|
||||
)])
|
||||
elif test "x$enable_tls" != xno -a "x$with_schannel" == xyes; then
|
||||
if test "x$PLATFORM" != xwin32; then
|
||||
AC_MSG_ERROR([schannel is only supported on Windows])
|
||||
fi
|
||||
elif test "x$enable_tls" != xno; then
|
||||
PKG_CHECK_MODULES([openssl], [openssl],
|
||||
[PC_REQUIRES="openssl ${PC_REQUIRES}"],
|
||||
@@ -215,6 +225,7 @@ AM_CONDITIONAL([PARSER_EXPAT], [test x$with_parser != xlibxml2])
|
||||
AM_CONDITIONAL([DISABLE_TLS], [test x$enable_tls = xno])
|
||||
AM_CONDITIONAL([NEED_SNPRINTF], [test x$have_snprintf = xno])
|
||||
AM_CONDITIONAL([TLS_WITH_GNUTLS], [test x$with_gnutls = xyes])
|
||||
AM_CONDITIONAL([TLS_WITH_SCHANNEL], [test x$with_schannel = xyes])
|
||||
|
||||
# define while compiling
|
||||
AC_DEFINE_UNQUOTED(LIBXMPP_VERSION_MAJOR, [v_maj], [Major version])
|
||||
|
||||
@@ -21,6 +21,11 @@
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#ifdef _WIN32
|
||||
#include <conio.h>
|
||||
#include <ctype.h>
|
||||
#endif
|
||||
|
||||
#include <strophe.h>
|
||||
|
||||
static int reconnect;
|
||||
@@ -149,12 +154,34 @@ void conn_handler(xmpp_conn_t *conn,
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef _WIN32
|
||||
static char *getpassword(const char *prompt, size_t maxlen)
|
||||
{
|
||||
char *b, *buffer = malloc(maxlen);
|
||||
size_t i = 0;
|
||||
|
||||
b = buffer;
|
||||
fputs(prompt, stderr);
|
||||
for (i = 0; i < maxlen; i++, b++) {
|
||||
char c = _getch();
|
||||
if (c == '\r' || c == '\n')
|
||||
break;
|
||||
*b = c;
|
||||
}
|
||||
*b = '\0';
|
||||
fputs("\n", stderr);
|
||||
return buffer;
|
||||
}
|
||||
#else
|
||||
#define getpassword(prompt, maxlen) getpass(prompt)
|
||||
#endif
|
||||
|
||||
static int
|
||||
password_callback(char *pw, size_t pw_max, xmpp_conn_t *conn, void *userdata)
|
||||
{
|
||||
(void)userdata;
|
||||
printf("Trying to unlock %s\n", xmpp_conn_get_keyfile(conn));
|
||||
char *pass = getpass("Please enter password: ");
|
||||
char *pass = getpassword("Please enter password: ", pw_max);
|
||||
if (!pass)
|
||||
return -1;
|
||||
size_t passlen = strlen(pass);
|
||||
|
||||
@@ -15,6 +15,8 @@
|
||||
#include <unistd.h>
|
||||
|
||||
#ifdef _WIN32
|
||||
#include <conio.h>
|
||||
#include <ctype.h>
|
||||
#include <winsock2.h>
|
||||
#include <ws2tcpip.h>
|
||||
#include <iphlpapi.h>
|
||||
@@ -94,12 +96,34 @@ static int certfail_handler(const xmpp_tlscert_t *cert,
|
||||
return read_char[0] == 'y' || read_char[0] == 'Y';
|
||||
}
|
||||
|
||||
#ifdef _WIN32
|
||||
static char *getpassword(const char *prompt, size_t maxlen)
|
||||
{
|
||||
char *b, *buffer = malloc(maxlen);
|
||||
size_t i = 0;
|
||||
|
||||
b = buffer;
|
||||
fputs(prompt, stderr);
|
||||
for (i = 0; i < maxlen; i++, b++) {
|
||||
char c = _getch();
|
||||
if (c == '\r' || c == '\n')
|
||||
break;
|
||||
*b = c;
|
||||
}
|
||||
*b = '\0';
|
||||
fputs("\n", stderr);
|
||||
return buffer;
|
||||
}
|
||||
#else
|
||||
#define getpassword(prompt, maxlen) getpass(prompt)
|
||||
#endif
|
||||
|
||||
static int
|
||||
password_callback(char *pw, size_t pw_max, xmpp_conn_t *conn, void *userdata)
|
||||
{
|
||||
(void)userdata;
|
||||
printf("Trying to unlock %s\n", xmpp_conn_get_keyfile(conn));
|
||||
char *pass = getpass("Please enter password: ");
|
||||
char *pass = getpassword("Please enter password: ", pw_max);
|
||||
if (!pass)
|
||||
return -1;
|
||||
size_t passlen = strlen(pass);
|
||||
|
||||
26
src/conn.c
26
src/conn.c
@@ -573,11 +573,12 @@ const char *xmpp_conn_get_keyfile(const xmpp_conn_t *conn)
|
||||
* \ref xmpp_conn_set_password_callback so the TLS stack can retrieve the
|
||||
* password.
|
||||
*
|
||||
* In case one wants to use a PKCS#12 encoded file, it must be passed via
|
||||
* the `key` parameter and `cert` must be NULL.
|
||||
* In case one wants to use a PKCS#12 encoded file, it should be passed via
|
||||
* the `cert` parameter and `key` should be NULL. Passing a PKCS#12 file in
|
||||
* `key` is deprecated.
|
||||
*
|
||||
* @param conn a Strophe connection object
|
||||
* @param cert path to a certificate file
|
||||
* @param cert path to a certificate file or a P12 file
|
||||
* @param key path to a private key file or a P12 file
|
||||
*
|
||||
* @ingroup TLS
|
||||
@@ -589,13 +590,21 @@ void xmpp_conn_set_client_cert(xmpp_conn_t *const conn,
|
||||
strophe_debug(conn->ctx, "conn", "set client cert %s %s", cert, key);
|
||||
if (conn->tls_client_cert)
|
||||
strophe_free(conn->ctx, conn->tls_client_cert);
|
||||
if (cert)
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, cert);
|
||||
else
|
||||
conn->tls_client_cert = NULL;
|
||||
conn->tls_client_cert = NULL;
|
||||
if (conn->tls_client_key)
|
||||
strophe_free(conn->ctx, conn->tls_client_key);
|
||||
conn->tls_client_key = strophe_strdup(conn->ctx, key);
|
||||
conn->tls_client_key = NULL;
|
||||
if (cert && key) {
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, cert);
|
||||
conn->tls_client_key = strophe_strdup(conn->ctx, key);
|
||||
} else if (cert && !key) {
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, cert);
|
||||
} else if (!cert && key) {
|
||||
strophe_warn(conn->ctx, "xmpp",
|
||||
"xmpp_conn_set_client_cert: Passing PKCS#12 in 'key' "
|
||||
"parameter is deprecated. Use 'cert' instead");
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, key);
|
||||
}
|
||||
}
|
||||
|
||||
/** Get the number of xmppAddr entries in the client certificate.
|
||||
@@ -1168,6 +1177,7 @@ long xmpp_conn_get_flags(const xmpp_conn_t *conn)
|
||||
* - XMPP_CONN_FLAG_LEGACY_SSL
|
||||
* - XMPP_CONN_FLAG_TRUST_TLS
|
||||
* - XMPP_CONN_FLAG_LEGACY_AUTH
|
||||
* - XMPP_CONN_FLAG_DISABLE_SM
|
||||
*
|
||||
* @param conn a Strophe connection object
|
||||
* @param flags ORed connection flags
|
||||
|
||||
@@ -23,6 +23,10 @@
|
||||
#include <string.h> /* memeset */
|
||||
#include <time.h> /* clock, time */
|
||||
|
||||
#if !defined(_WIN32)
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
#if !defined(DONT_USE_GETRANDOM) && defined(__linux__) && \
|
||||
defined(__GLIBC_PREREQ)
|
||||
#if __GLIBC_PREREQ(2, 25)
|
||||
|
||||
@@ -21,6 +21,10 @@
|
||||
#include <stdarg.h>
|
||||
#include <string.h>
|
||||
|
||||
#if !defined(_WIN32)
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
#include "strophe.h"
|
||||
|
||||
#include "common.h"
|
||||
@@ -217,7 +221,7 @@ int tls_caching_password_callback(char *pw, size_t pw_max, xmpp_conn_t *conn)
|
||||
int ret;
|
||||
unsigned char hash[XMPP_SHA1_DIGEST_SIZE];
|
||||
|
||||
const char *fname = conn->tls_client_key;
|
||||
const char *fname = conn->tls_client_cert;
|
||||
size_t fname_len = strlen(fname);
|
||||
xmpp_sha1_digest((void *)fname, fname_len, hash);
|
||||
if (fname_len && fname_len == conn->password_cache.fnamelen &&
|
||||
|
||||
@@ -95,7 +95,7 @@ static gnutls_x509_crt_t _tls_load_cert_p12(xmpp_conn_t *conn)
|
||||
int err = -1;
|
||||
if (gnutls_pkcs12_init(&p12) < 0)
|
||||
return NULL;
|
||||
if (gnutls_load_file(conn->tls_client_key, &data) < 0)
|
||||
if (gnutls_load_file(conn->tls_client_cert, &data) < 0)
|
||||
goto error_out;
|
||||
if (gnutls_pkcs12_import(p12, &data, GNUTLS_X509_FMT_DER, 0) < 0)
|
||||
goto error_out2;
|
||||
@@ -168,7 +168,7 @@ static gnutls_x509_crt_t _tls_load_cert(xmpp_conn_t *conn)
|
||||
{
|
||||
if (conn->tls && conn->tls->client_cert)
|
||||
return conn->tls->client_cert;
|
||||
if (!conn->tls_client_cert && conn->tls_client_key) {
|
||||
if (conn->tls_client_cert && !conn->tls_client_key) {
|
||||
return _tls_load_cert_p12(conn);
|
||||
}
|
||||
return _tls_load_cert_x509(conn);
|
||||
@@ -459,7 +459,7 @@ tls_t *tls_new(xmpp_conn_t *conn)
|
||||
}
|
||||
strophe_debug(tls->ctx, "tls", "wrong password?");
|
||||
}
|
||||
} else if (conn->tls_client_key) {
|
||||
} else if (conn->tls_client_cert) {
|
||||
unsigned int retries = 0;
|
||||
|
||||
while (retries++ < conn->password_retries) {
|
||||
@@ -470,7 +470,8 @@ tls_t *tls_new(xmpp_conn_t *conn)
|
||||
if (passlen < 0)
|
||||
continue;
|
||||
int err = gnutls_certificate_set_x509_simple_pkcs12_file(
|
||||
tls->cred, conn->tls_client_key, GNUTLS_X509_FMT_DER, pass);
|
||||
tls->cred, conn->tls_client_cert, GNUTLS_X509_FMT_DER,
|
||||
pass);
|
||||
memset(pass, 0, sizeof(pass));
|
||||
if (err == 0)
|
||||
break;
|
||||
|
||||
@@ -616,7 +616,7 @@ tls_t *tls_new(xmpp_conn_t *conn)
|
||||
ERR_GET_LIB(err), ERR_GET_REASON(err));
|
||||
goto err_free_ctx;
|
||||
}
|
||||
} else if (conn->tls_client_key) {
|
||||
} else if (conn->tls_client_cert) {
|
||||
EVP_PKEY *pkey = NULL;
|
||||
STACK_OF(X509) *ca = NULL;
|
||||
X509 *cert = _tls_cert_read_p12(conn, &pkey, &ca);
|
||||
@@ -974,7 +974,7 @@ _tls_cert_read_p12(xmpp_conn_t *conn, EVP_PKEY **pkey, STACK_OF(X509) * *ca)
|
||||
return conn->tls->client_cert;
|
||||
X509 *cert = NULL;
|
||||
PKCS12 *p12 = NULL;
|
||||
BIO *f = BIO_new_file(conn->tls_client_key, "r");
|
||||
BIO *f = BIO_new_file(conn->tls_client_cert, "rb");
|
||||
if (!f) {
|
||||
strophe_debug(conn->ctx, "tls", "f == NULL");
|
||||
goto error_out;
|
||||
@@ -1034,7 +1034,7 @@ static X509 *_tls_cert_read(xmpp_conn_t *conn)
|
||||
{
|
||||
if (conn->tls && conn->tls->client_cert)
|
||||
return conn->tls->client_cert;
|
||||
if (!conn->tls_client_cert && conn->tls_client_key) {
|
||||
if (conn->tls_client_cert && !conn->tls_client_key) {
|
||||
return _tls_cert_read_p12(conn, NULL, NULL);
|
||||
}
|
||||
return _tls_cert_read_x509(conn);
|
||||
|
||||
Binary file not shown.
@@ -13,6 +13,7 @@
|
||||
#include <assert.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <sys/param.h>
|
||||
|
||||
#include "strophe.h"
|
||||
|
||||
@@ -42,8 +43,13 @@ int main()
|
||||
{0, NULL, "tests/cert.emptypass.pfx"},
|
||||
{0, NULL, "tests/cert.nopass.pfx"},
|
||||
{1, NULL, "tests/cert.pfx"},
|
||||
{0, "tests/cert.emptypass.pfx", NULL},
|
||||
{0, "tests/cert.nopass.pfx", NULL},
|
||||
{1, "tests/cert.pfx", NULL},
|
||||
};
|
||||
|
||||
const char *srcdir;
|
||||
char *certbuf, *keybuf;
|
||||
char xmppaddr_num[] = "0";
|
||||
unsigned int m, n;
|
||||
|
||||
@@ -51,13 +57,29 @@ int main()
|
||||
log = xmpp_get_default_logger(XMPP_LEVEL_DEBUG);
|
||||
ctx = xmpp_ctx_new(NULL, log);
|
||||
|
||||
srcdir = getenv("srcdir");
|
||||
|
||||
certbuf = malloc(MAXPATHLEN);
|
||||
keybuf = malloc(MAXPATHLEN);
|
||||
|
||||
for (m = 0; m < sizeof(client_cert) / sizeof(client_cert[0]); ++m) {
|
||||
char *certfile = certbuf, *keyfile = keybuf;
|
||||
conn = xmpp_conn_new(ctx);
|
||||
|
||||
if (client_cert[m].pem)
|
||||
snprintf(certfile, MAXPATHLEN, "%s/%s", srcdir, client_cert[m].pem);
|
||||
else
|
||||
certfile = NULL;
|
||||
|
||||
if (client_cert[m].key)
|
||||
snprintf(keyfile, MAXPATHLEN, "%s/%s", srcdir, client_cert[m].key);
|
||||
else
|
||||
keyfile = NULL;
|
||||
|
||||
if (client_cert[m].needs_callback)
|
||||
xmpp_conn_set_password_callback(conn, password_callback, NULL);
|
||||
|
||||
xmpp_conn_set_client_cert(conn, client_cert[m].pem, client_cert[m].key);
|
||||
xmpp_conn_set_client_cert(conn, certfile, keyfile);
|
||||
|
||||
xmppaddr_num[0] = '0' + xmpp_conn_cert_xmppaddr_num(conn);
|
||||
|
||||
@@ -88,6 +110,8 @@ int main()
|
||||
}
|
||||
xmpp_conn_release(conn);
|
||||
}
|
||||
free(certbuf);
|
||||
free(keybuf);
|
||||
|
||||
xmpp_ctx_free(ctx);
|
||||
xmpp_shutdown();
|
||||
|
||||
@@ -1,14 +1,26 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ "x$LIBRESSL_COMMIT" != "x" ]; then
|
||||
cd "$HOME"
|
||||
git clone https://github.com/libressl-portable/portable.git libressl-git
|
||||
cd libressl-git
|
||||
if [ -n "$LIBRESSL_COMMIT" ]; then
|
||||
git checkout "$LIBRESSL_COMMIT"
|
||||
fi
|
||||
./autogen.sh
|
||||
./configure --prefix="$HOME/libressl"
|
||||
make -j"$(nproc)"
|
||||
make install
|
||||
set -e
|
||||
|
||||
[ "x$XSSL_COMMITISH" != "x" ]
|
||||
|
||||
if [ "x$LIBRESSL" = "xtrue" ]; then
|
||||
REPO_URL="https://github.com/libressl-portable/portable.git"
|
||||
AUTOGEN_CMD="./autogen.sh"
|
||||
CONFIG_CMD="./configure --prefix=$HOME/xssl"
|
||||
MAKE_TARGET="install"
|
||||
else
|
||||
REPO_URL="https://github.com/openssl/openssl.git"
|
||||
AUTOGEN_CMD="true"
|
||||
CONFIG_CMD="./Configure --prefix=$HOME/xssl --libdir=lib"
|
||||
MAKE_TARGET="install_sw"
|
||||
fi
|
||||
|
||||
cd "$HOME"
|
||||
git clone --no-checkout "$REPO_URL" xssl-git
|
||||
cd xssl-git
|
||||
git checkout "$XSSL_COMMITISH"
|
||||
$AUTOGEN_CMD
|
||||
$CONFIG_CMD
|
||||
make -j"$(nproc)"
|
||||
make $MAKE_TARGET
|
||||
|
||||
Reference in New Issue
Block a user