Compare commits
23 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
70a908e18b | ||
|
|
004a5bf7fc | ||
|
|
e9bd06354a | ||
|
|
54b92c0255 | ||
|
|
6881a2e770 | ||
|
|
e29f422511 | ||
|
|
1a8be1d617 | ||
|
|
8ea15cf656 | ||
|
|
a8807feb5c | ||
|
|
4d15f1db0b | ||
|
|
957725348e | ||
|
|
357edbd367 | ||
|
|
3d01915407 | ||
|
|
e90a6e9f71 | ||
|
|
3891b73c44 | ||
|
|
a66c3234d7 | ||
|
|
2a81327ab0 | ||
|
|
1d6714c59b | ||
|
|
a771b3d4fe | ||
|
|
700abd95b6 | ||
|
|
476dd4c4f7 | ||
|
|
f0383d50cd | ||
|
|
044398eeba |
2
.git-blame-ignore-revs
Normal file
2
.git-blame-ignore-revs
Normal file
@@ -0,0 +1,2 @@
|
||||
# Unify coding style with clang-format
|
||||
562a06425b96450481cdbc88e8872a2bf5a7d8aa
|
||||
33
.github/workflows/main.yml
vendored
33
.github/workflows/main.yml
vendored
@@ -42,34 +42,45 @@ jobs:
|
||||
run: |
|
||||
cat test-suite*.log || true
|
||||
|
||||
libressl-tests:
|
||||
runs-on: ubuntu-20.04
|
||||
xssl-tests:
|
||||
runs-on: ubuntu-22.04
|
||||
strategy:
|
||||
matrix:
|
||||
libressl_versions:
|
||||
- { version: "v3.4.2", continue: true }
|
||||
- { version: "v3.1.5", continue: false }
|
||||
- { version: "v2.1.10", continue: false }
|
||||
xssl_versions:
|
||||
- { version: "master", continue: true, libressl: true }
|
||||
- { version: "OPENBSD_7_1", continue: true, libressl: true }
|
||||
# https://github.com/libressl-portable/portable/issues/760
|
||||
# - { version: "v3.5.2", continue: true, libressl: true }
|
||||
- { version: "OPENBSD_7_0", continue: true, libressl: true }
|
||||
# OPENBSD_7_0 is basically the "fixed v3.4.3"
|
||||
# - { version: "v3.4.3", continue: true, libressl: true }
|
||||
- { version: "v3.4.2", continue: true, libressl: true }
|
||||
- { version: "OPENBSD_6_9", continue: true, libressl: true }
|
||||
- { version: "v3.1.5", continue: true, libressl: true }
|
||||
- { version: "v2.1.10", continue: true, libressl: true }
|
||||
- { version: "openssl-3.0", continue: true, libressl: false }
|
||||
- { version: "openssl-3.0.4", continue: false, libressl: false }
|
||||
valgrind:
|
||||
- { configure: '' , make: 'check' }
|
||||
- { configure: '--enable-valgrind' , make: 'check-valgrind' }
|
||||
name: LibreSSL tests
|
||||
continue-on-error: ${{ matrix.libressl_versions.continue }}
|
||||
name: xSSL tests
|
||||
continue-on-error: ${{ matrix.xssl_versions.continue }}
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: install dependencies
|
||||
run: |
|
||||
sudo apt update
|
||||
sudo apt install -y libtool pkg-config libexpat1-dev valgrind
|
||||
- name: build&install libressl
|
||||
- name: build&install the TLS stack
|
||||
env:
|
||||
LIBRESSL_COMMIT: ${{ matrix.libressl_versions.version }}
|
||||
XSSL_COMMITISH: ${{ matrix.xssl_versions.version }}
|
||||
LIBRESSL: ${{ matrix.xssl_versions.libressl }}
|
||||
run: |
|
||||
./travis/before_script.sh
|
||||
- name: Build the library
|
||||
run: |
|
||||
./bootstrap.sh
|
||||
./configure ${{ matrix.valgrind.configure }} PKG_CONFIG_PATH="${HOME}/libressl/lib/pkgconfig" CFLAGS="-Werror -g3" --prefix="${HOME}/libressl"
|
||||
./configure ${{ matrix.valgrind.configure }} PKG_CONFIG_PATH="${HOME}/xssl/lib/pkgconfig" CFLAGS="-Werror -g3" --prefix="${HOME}/xssl"
|
||||
make -j$(nproc)
|
||||
- name: Run tests
|
||||
run: |
|
||||
|
||||
19
ChangeLog
19
ChangeLog
@@ -1,3 +1,22 @@
|
||||
0.12.2
|
||||
- Fix reconnect issues when Stream Management is enabled (#211)
|
||||
- Fix resolver ... this time for real hopefully (fixup of #200) (#214)
|
||||
- Fix clearing of password cache on resumed connection (#214)
|
||||
- Improve detection&implementation of `va_copy` (#213)
|
||||
- Fix Valgrind CI builds against LibreSSL (#212)
|
||||
- Fix perf example on platforms where an `rdtsc()` equivalent isn't implemented (#212)
|
||||
|
||||
0.12.1
|
||||
- Fix compilation in buildroot (#207)
|
||||
- Fixes regarding OpenSSL (#208)
|
||||
- Fix some build steps when builddir != srcdir (#208)
|
||||
- Allow the user to disable build of examples (#209)
|
||||
- CI builds against OpenSSL 3 (#206)
|
||||
- Change the call signature of the following API:
|
||||
- xmpp_conn_set_client_cert() - the PKCS#12 file has now to be passed via the `cert`
|
||||
parameter. Originally it was via `key`. Currently both styles are supported,
|
||||
but in a future release only passing via `cert` will be accepted.
|
||||
|
||||
0.12.0
|
||||
- Fix potential infinite loop in resolver (#200)
|
||||
- Prevent potential memory leak in `xmpp_stanza_new_from_string()` (#205)
|
||||
|
||||
2
Doxyfile
2
Doxyfile
@@ -874,7 +874,7 @@ WARN_LOGFILE =
|
||||
# spaces. See also FILE_PATTERNS and EXTENSION_MAPPING
|
||||
# Note: If this tag is empty the current directory is searched.
|
||||
|
||||
INPUT = ./
|
||||
INPUT = $(SRCDIR)
|
||||
|
||||
# This tag can be used to specify the character encoding of the source files
|
||||
# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
|
||||
|
||||
11
Makefile.am
11
Makefile.am
@@ -14,9 +14,11 @@ if TLS_WITH_GNUTLS
|
||||
SSL_CFLAGS = @gnutls_CFLAGS@
|
||||
SSL_LIBS = @gnutls_LIBS@
|
||||
else
|
||||
if !TLS_WITH_SCHANNEL
|
||||
SSL_CFLAGS = @openssl_CFLAGS@
|
||||
SSL_LIBS = @openssl_LIBS@
|
||||
endif
|
||||
endif
|
||||
|
||||
MINGW_LIBS = @MINGW_LIBS@
|
||||
|
||||
@@ -86,9 +88,13 @@ else
|
||||
if TLS_WITH_GNUTLS
|
||||
libstrophe_la_SOURCES += src/tls_gnutls.c
|
||||
else
|
||||
if TLS_WITH_SCHANNEL
|
||||
libstrophe_la_SOURCES += src/tls_schannel.c
|
||||
else
|
||||
libstrophe_la_SOURCES += src/tls_openssl.c
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
||||
if PARSER_EXPAT
|
||||
libstrophe_la_SOURCES += src/parser_expat.c
|
||||
@@ -113,7 +119,6 @@ EXTRA_DIST = \
|
||||
jni/Android.mk \
|
||||
jni/Application.mk \
|
||||
m4/ax_valgrind_check.m4 \
|
||||
src/tls_schannel.c \
|
||||
tests/cert.pem \
|
||||
tests/cert.pfx \
|
||||
tests/cert.emptypass.pfx \
|
||||
@@ -122,6 +127,7 @@ EXTRA_DIST = \
|
||||
tests/key_encrypted.pem \
|
||||
tests/res_query_dump.c
|
||||
|
||||
if EXAMPLES
|
||||
## Examples
|
||||
noinst_PROGRAMS = \
|
||||
examples/active \
|
||||
@@ -165,6 +171,7 @@ examples_uuid_LDADD = $(STROPHE_LIBS)
|
||||
examples_vcard_SOURCES = examples/vcard.c
|
||||
examples_vcard_CFLAGS = $(STROPHE_FLAGS)
|
||||
examples_vcard_LDADD = $(STROPHE_LIBS)
|
||||
endif
|
||||
|
||||
|
||||
## Tests
|
||||
@@ -318,7 +325,7 @@ test-release-all: dist-archives
|
||||
echo "Success" && popd
|
||||
|
||||
docs:
|
||||
@doxygen -q
|
||||
@SRCDIR=$(top_srcdir) doxygen -q $(top_srcdir)/Doxyfile
|
||||
|
||||
@VALGRIND_CHECK_RULES@
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
libstrophe [](https://travis-ci.org/strophe/libstrophe)
|
||||
libstrophe [](https://github.com/strophe/libstrophe/actions/workflows/main.yml?query=branch%3Amaster+++)
|
||||
==========
|
||||
|
||||
libstrophe is a lightweight XMPP client library written in C. It has
|
||||
@@ -82,4 +82,17 @@ by running:
|
||||
|
||||
doxygen
|
||||
|
||||
or if you have everything configured properly:
|
||||
|
||||
make docs
|
||||
|
||||
Then open `docs/html/index.html`.
|
||||
|
||||
An online version of the documentation of the latest release is available on http://strophe.im/libstrophe/
|
||||
|
||||
Releases
|
||||
--------
|
||||
|
||||
Releases are signed with the GPG key with ID `F8ADC1F9A68A7AFF0E2C89E4391A5EFC2D1709DE`.
|
||||
|
||||
It can be found e.g. on https://keys.openpgp.org/
|
||||
|
||||
48
configure.ac
48
configure.ac
@@ -1,6 +1,6 @@
|
||||
m4_define([v_maj], [0])
|
||||
m4_define([v_min], [12])
|
||||
m4_define([v_patch], [0])
|
||||
m4_define([v_patch], [2])
|
||||
m4_define([project_version], [v_maj.v_min.v_patch])
|
||||
|
||||
m4_define([lt_cur], m4_eval(v_maj + v_min))
|
||||
@@ -35,10 +35,16 @@ AS_CASE([$PLATFORM],
|
||||
[haiku], [],
|
||||
[WARNING_FLAGS="$WARNING_FLAGS -Wextra"])
|
||||
|
||||
AC_ARG_ENABLE([examples],
|
||||
[AS_HELP_STRING([--disable-examples], [turn off examples])],
|
||||
[case "${enableval}" in yes) examples=true ;; no) examples=false ;; *) AC_MSG_ERROR([bad value ${enableval} for --disable-examples]) ;; esac],[examples=true])
|
||||
AM_CONDITIONAL([EXAMPLES], [test x$examples = xtrue])
|
||||
AC_ARG_WITH([libxml2],
|
||||
[AS_HELP_STRING([--with-libxml2], [use libxml2 for XML parsing, expat is the default])])
|
||||
AC_ARG_WITH([gnutls],
|
||||
[AS_HELP_STRING([--with-gnutls], [use GnuTLS for TLS support, OpenSSL is the default])])
|
||||
AC_ARG_WITH([schannel],
|
||||
[AS_HELP_STRING([--with-schannel], [use Windows Schannel for TLS support, OpenSSL is the default])])
|
||||
AC_ARG_ENABLE([tls],
|
||||
[AS_HELP_STRING([--disable-tls], [disable TLS support])])
|
||||
AC_ARG_ENABLE([cares],
|
||||
@@ -80,9 +86,42 @@ AX_VALGRIND_DFLT([helgrind], [off])
|
||||
AX_VALGRIND_DFLT([sgcheck], [off])
|
||||
AX_VALGRIND_CHECK
|
||||
|
||||
AC_SEARCH_LIBS([clock_gettime], [rt], AC_DEFINE(HAVE_CLOCK_GETTIME,1))
|
||||
AC_SEARCH_LIBS([socket], [network socket])
|
||||
AC_CHECK_FUNCS([snprintf vsnprintf], [], [have_snprintf=no])
|
||||
AC_CHECK_DECLS([va_copy], [], [], [#include <stdarg.h>])
|
||||
|
||||
dnl Checking for va_copy availability
|
||||
AC_MSG_CHECKING([for va_copy])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <stdarg.h>
|
||||
va_list ap1,ap2;]], [[va_copy(ap1,ap2);]])],
|
||||
have_va_copy=yes,
|
||||
have_va_copy=no)
|
||||
AC_MSG_RESULT($have_va_copy)
|
||||
if test x"$have_va_copy" = x"yes"; then
|
||||
AC_DEFINE(HAVE_VA_COPY,1,[Whether va_copy() is available])
|
||||
else
|
||||
AC_MSG_CHECKING([for __va_copy])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <stdarg.h>
|
||||
va_list ap1,ap2;]], [[__va_copy(ap1,ap2);]])],
|
||||
have___va_copy=yes,
|
||||
have___va_copy=no)
|
||||
AC_MSG_RESULT($have___va_copy)
|
||||
if test x"$have___va_copy" = x"yes"; then
|
||||
AC_DEFINE(HAVE___VA_COPY,1,[Whether __va_copy() is available])
|
||||
fi
|
||||
fi
|
||||
|
||||
if test x"$have_va_copy$have___va_copy" = x"nono"; then
|
||||
dnl Checking whether va_list is an array type
|
||||
AC_MSG_CHECKING([whether va_list is an array type])
|
||||
AC_TRY_COMPILE2([
|
||||
#include <stdarg.h>
|
||||
void a(va_list * ap) {}],[
|
||||
va_list ap1, ap2; a(&ap1); ap2 = (va_list) ap1],[
|
||||
AC_MSG_RESULT(no)],[
|
||||
AC_MSG_RESULT(yes)
|
||||
AC_DEFINE([VA_LIST_IS_ARRAY], [1],[Define if va_list is an array type])])
|
||||
fi
|
||||
|
||||
if test "x$enable_tls" != xno -a "x$with_gnutls" == xyes; then
|
||||
PKG_CHECK_MODULES([gnutls], [gnutls],
|
||||
@@ -94,6 +133,10 @@ if test "x$enable_tls" != xno -a "x$with_gnutls" == xyes; then
|
||||
],
|
||||
[AC_MSG_ERROR([gnutls not found; gnutls required])]
|
||||
)])
|
||||
elif test "x$enable_tls" != xno -a "x$with_schannel" == xyes; then
|
||||
if test "x$PLATFORM" != xwin32; then
|
||||
AC_MSG_ERROR([schannel is only supported on Windows])
|
||||
fi
|
||||
elif test "x$enable_tls" != xno; then
|
||||
PKG_CHECK_MODULES([openssl], [openssl],
|
||||
[PC_REQUIRES="openssl ${PC_REQUIRES}"],
|
||||
@@ -215,6 +258,7 @@ AM_CONDITIONAL([PARSER_EXPAT], [test x$with_parser != xlibxml2])
|
||||
AM_CONDITIONAL([DISABLE_TLS], [test x$enable_tls = xno])
|
||||
AM_CONDITIONAL([NEED_SNPRINTF], [test x$have_snprintf = xno])
|
||||
AM_CONDITIONAL([TLS_WITH_GNUTLS], [test x$with_gnutls = xyes])
|
||||
AM_CONDITIONAL([TLS_WITH_SCHANNEL], [test x$with_schannel = xyes])
|
||||
|
||||
# define while compiling
|
||||
AC_DEFINE_UNQUOTED(LIBXMPP_VERSION_MAJOR, [v_maj], [Major version])
|
||||
|
||||
@@ -21,6 +21,11 @@
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#ifdef _WIN32
|
||||
#include <conio.h>
|
||||
#include <ctype.h>
|
||||
#endif
|
||||
|
||||
#include <strophe.h>
|
||||
|
||||
static int reconnect;
|
||||
@@ -149,12 +154,34 @@ void conn_handler(xmpp_conn_t *conn,
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef _WIN32
|
||||
static char *getpassword(const char *prompt, size_t maxlen)
|
||||
{
|
||||
char *b, *buffer = malloc(maxlen);
|
||||
size_t i = 0;
|
||||
|
||||
b = buffer;
|
||||
fputs(prompt, stderr);
|
||||
for (i = 0; i < maxlen; i++, b++) {
|
||||
char c = _getch();
|
||||
if (c == '\r' || c == '\n')
|
||||
break;
|
||||
*b = c;
|
||||
}
|
||||
*b = '\0';
|
||||
fputs("\n", stderr);
|
||||
return buffer;
|
||||
}
|
||||
#else
|
||||
#define getpassword(prompt, maxlen) getpass(prompt)
|
||||
#endif
|
||||
|
||||
static int
|
||||
password_callback(char *pw, size_t pw_max, xmpp_conn_t *conn, void *userdata)
|
||||
{
|
||||
(void)userdata;
|
||||
printf("Trying to unlock %s\n", xmpp_conn_get_keyfile(conn));
|
||||
char *pass = getpass("Please enter password: ");
|
||||
char *pass = getpassword("Please enter password: ", pw_max);
|
||||
if (!pass)
|
||||
return -1;
|
||||
size_t passlen = strlen(pass);
|
||||
|
||||
@@ -15,6 +15,8 @@
|
||||
#include <unistd.h>
|
||||
|
||||
#ifdef _WIN32
|
||||
#include <conio.h>
|
||||
#include <ctype.h>
|
||||
#include <winsock2.h>
|
||||
#include <ws2tcpip.h>
|
||||
#include <iphlpapi.h>
|
||||
@@ -94,12 +96,34 @@ static int certfail_handler(const xmpp_tlscert_t *cert,
|
||||
return read_char[0] == 'y' || read_char[0] == 'Y';
|
||||
}
|
||||
|
||||
#ifdef _WIN32
|
||||
static char *getpassword(const char *prompt, size_t maxlen)
|
||||
{
|
||||
char *b, *buffer = malloc(maxlen);
|
||||
size_t i = 0;
|
||||
|
||||
b = buffer;
|
||||
fputs(prompt, stderr);
|
||||
for (i = 0; i < maxlen; i++, b++) {
|
||||
char c = _getch();
|
||||
if (c == '\r' || c == '\n')
|
||||
break;
|
||||
*b = c;
|
||||
}
|
||||
*b = '\0';
|
||||
fputs("\n", stderr);
|
||||
return buffer;
|
||||
}
|
||||
#else
|
||||
#define getpassword(prompt, maxlen) getpass(prompt)
|
||||
#endif
|
||||
|
||||
static int
|
||||
password_callback(char *pw, size_t pw_max, xmpp_conn_t *conn, void *userdata)
|
||||
{
|
||||
(void)userdata;
|
||||
printf("Trying to unlock %s\n", xmpp_conn_get_keyfile(conn));
|
||||
char *pass = getpass("Please enter password: ");
|
||||
char *pass = getpassword("Please enter password: ", pw_max);
|
||||
if (!pass)
|
||||
return -1;
|
||||
size_t passlen = strlen(pass);
|
||||
|
||||
@@ -20,16 +20,20 @@
|
||||
#include <stdio.h>
|
||||
#include <stdint.h>
|
||||
#include <inttypes.h>
|
||||
#include <time.h>
|
||||
|
||||
static void init_timer(void);
|
||||
static void t_start(void);
|
||||
static uint64_t t_read(void);
|
||||
static const char *perf_time_unit;
|
||||
|
||||
#define NUM_SAMPLES 1000u
|
||||
|
||||
static void perf_rand(xmpp_ctx_t *ctx)
|
||||
{
|
||||
xmpp_rand_t *rng = xmpp_rand_new(ctx);
|
||||
|
||||
uint64_t t1, t2;
|
||||
uint64_t t1, t2, t3 = 0;
|
||||
unsigned int n;
|
||||
const size_t alloc_sz = 0x1000u;
|
||||
size_t sz;
|
||||
@@ -37,12 +41,12 @@ static void perf_rand(xmpp_ctx_t *ctx)
|
||||
|
||||
/* pre-heat */
|
||||
for (n = 1; n < 4; ++n) {
|
||||
xmpp_rand_bytes(rng, buf, n * 10);
|
||||
xmpp_rand_bytes(rng, buf, alloc_sz / n);
|
||||
}
|
||||
|
||||
for (sz = 2; sz <= alloc_sz; sz <<= 1) {
|
||||
t2 = 0;
|
||||
for (n = 0; n < 1000u; ++n) {
|
||||
for (n = 0; n < NUM_SAMPLES; ++n) {
|
||||
|
||||
t_start();
|
||||
t1 = t_read();
|
||||
@@ -52,10 +56,15 @@ static void perf_rand(xmpp_ctx_t *ctx)
|
||||
t1 = t_read() - t1;
|
||||
t2 += t1;
|
||||
}
|
||||
t2 /= 1000;
|
||||
fprintf(stderr,
|
||||
"Reading %6zu bytes from PRNG took %8" PRIu64 " cycles\n", sz,
|
||||
t2);
|
||||
t2 /= NUM_SAMPLES;
|
||||
fprintf(stderr, "Reading %6zu bytes from PRNG took %8" PRIu64 " %s\n",
|
||||
sz, t2, perf_time_unit);
|
||||
if (t3) {
|
||||
double d3 = (double)t3, d2 = (double)t2;
|
||||
fprintf(stderr, " +%.2f%%\n",
|
||||
(d2 - d3) / ((d2 + d3) * 0.5) * 100.);
|
||||
}
|
||||
t3 = t2;
|
||||
}
|
||||
free(buf);
|
||||
xmpp_rand_free(ctx, rng);
|
||||
@@ -90,7 +99,7 @@ static uint64_t rdtsc(void)
|
||||
unsigned hi, lo;
|
||||
__asm__ __volatile__("rdtsc" : "=a"(lo), "=d"(hi));
|
||||
return ((uint64_t)lo) | (((uint64_t)hi) << 32);
|
||||
#elif defined(LTC_PPC32) || defined(TFM_PPC32)
|
||||
#elif defined(__POWERPC__)
|
||||
unsigned long a, b;
|
||||
__asm__ __volatile__("mftbu %1 \nmftb %0\n" : "=r"(a), "=r"(b));
|
||||
return (((uint64_t)b) << 32ULL) | ((uint64_t)a);
|
||||
@@ -116,25 +125,41 @@ static uint64_t rdtsc(void)
|
||||
uint64_t CNTVCT_EL0;
|
||||
__asm__ __volatile__("mrs %0, cntvct_el0" : "=r"(CNTVCT_EL0));
|
||||
return CNTVCT_EL0;
|
||||
#elif defined HAVE_CLOCK_GETTIME
|
||||
#define USE_CLOCK_GETTIME
|
||||
struct timespec result;
|
||||
clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &result);
|
||||
return result.tv_sec * 1000000000 + result.tv_nsec;
|
||||
#else
|
||||
return clock();
|
||||
#endif
|
||||
#endif /* __GNUC__ */
|
||||
|
||||
/* Microsoft and Intel Windows compilers */
|
||||
#elif defined _M_IX86 && !defined(LTC_NO_ASM)
|
||||
#elif defined _M_IX86
|
||||
__asm rdtsc
|
||||
#elif defined _M_AMD64 && !defined(LTC_NO_ASM)
|
||||
#elif defined _M_AMD64
|
||||
return __rdtsc();
|
||||
#elif defined _M_IA64 && !defined(LTC_NO_ASM)
|
||||
#elif defined _M_IA64
|
||||
#if defined __INTEL_COMPILER
|
||||
#include <ia64intrin.h>
|
||||
#endif
|
||||
return __getReg(3116);
|
||||
#elif defined HAVE_CLOCK_GETTIME
|
||||
#define USE_CLOCK_GETTIME
|
||||
struct timespec result;
|
||||
clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &result);
|
||||
return result.tv_sec * 1000000000 + result.tv_nsec;
|
||||
#else
|
||||
return clock();
|
||||
#endif
|
||||
}
|
||||
|
||||
#if defined USE_CLOCK_GETTIME
|
||||
static const char *perf_time_unit = "ns";
|
||||
#else
|
||||
static const char *perf_time_unit = "cycles";
|
||||
#endif
|
||||
|
||||
static void t_start(void)
|
||||
{
|
||||
timer = rdtsc();
|
||||
|
||||
28
m4/ac_try_compile2.m4
Normal file
28
m4/ac_try_compile2.m4
Normal file
@@ -0,0 +1,28 @@
|
||||
dnl Like AC_TRY_EVAL but also errors out if the compiler generates
|
||||
dnl _any_ output. Some compilers might issue warnings which we want
|
||||
dnl to catch.
|
||||
AC_DEFUN([AC_TRY_EVAL2],
|
||||
[{ (eval echo configure:__oline__: \"[$]$1\") 1>&AS_MESSAGE_LOG_FD; dnl
|
||||
(eval [$]$1) 2>&AS_MESSAGE_LOG_FD; _out=`eval [$]$1 2>&1` && test "x$_out" = x; }])
|
||||
|
||||
dnl Like AC_TRY_COMPILE but calls AC_TRY_EVAL2 instead of AC_TRY_EVAL
|
||||
AC_DEFUN([AC_TRY_COMPILE2],
|
||||
[cat > conftest.$ac_ext <<EOF
|
||||
[#]line __oline__ "configure"
|
||||
#include "confdefs.h"
|
||||
[$1]
|
||||
int main(void) {
|
||||
[$2]
|
||||
; return 0; }
|
||||
EOF
|
||||
if AC_TRY_EVAL2(ac_compile); then
|
||||
ifelse([$3], , :, [rm -rf conftest*
|
||||
$3])
|
||||
else
|
||||
echo "configure: failed program was:" >&AS_MESSAGE_LOG_FD
|
||||
cat conftest.$ac_ext >&AS_MESSAGE_LOG_FD
|
||||
ifelse([$4], , , [ rm -rf conftest*
|
||||
$4
|
||||
])dnl
|
||||
fi
|
||||
rm -f conftest*])
|
||||
@@ -1239,10 +1239,8 @@ static int _handle_sm(xmpp_conn_t *const conn,
|
||||
}
|
||||
strophe_free(conn->ctx, queue_element_free(conn->ctx, e));
|
||||
}
|
||||
conn->authenticated = 1;
|
||||
|
||||
/* call connection handler */
|
||||
conn->conn_handler(conn, XMPP_CONN_CONNECT, 0, NULL, conn->userdata);
|
||||
strophe_debug(conn->ctx, "xmpp", "Session resumed successfully.");
|
||||
_auth_success(conn);
|
||||
} else if (strcmp(name, "failed") == 0) {
|
||||
name = NULL;
|
||||
|
||||
|
||||
78
src/conn.c
78
src/conn.c
@@ -79,6 +79,7 @@
|
||||
#endif
|
||||
|
||||
static int _disconnect_cleanup(xmpp_conn_t *conn, void *userdata);
|
||||
static void _reset_sm_state_for_reconnect(xmpp_conn_t *conn);
|
||||
static char *_conn_build_stream_tag(xmpp_conn_t *conn,
|
||||
char **attributes,
|
||||
size_t attributes_len);
|
||||
@@ -573,11 +574,12 @@ const char *xmpp_conn_get_keyfile(const xmpp_conn_t *conn)
|
||||
* \ref xmpp_conn_set_password_callback so the TLS stack can retrieve the
|
||||
* password.
|
||||
*
|
||||
* In case one wants to use a PKCS#12 encoded file, it must be passed via
|
||||
* the `key` parameter and `cert` must be NULL.
|
||||
* In case one wants to use a PKCS#12 encoded file, it should be passed via
|
||||
* the `cert` parameter and `key` should be NULL. Passing a PKCS#12 file in
|
||||
* `key` is deprecated.
|
||||
*
|
||||
* @param conn a Strophe connection object
|
||||
* @param cert path to a certificate file
|
||||
* @param cert path to a certificate file or a P12 file
|
||||
* @param key path to a private key file or a P12 file
|
||||
*
|
||||
* @ingroup TLS
|
||||
@@ -589,13 +591,21 @@ void xmpp_conn_set_client_cert(xmpp_conn_t *const conn,
|
||||
strophe_debug(conn->ctx, "conn", "set client cert %s %s", cert, key);
|
||||
if (conn->tls_client_cert)
|
||||
strophe_free(conn->ctx, conn->tls_client_cert);
|
||||
if (cert)
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, cert);
|
||||
else
|
||||
conn->tls_client_cert = NULL;
|
||||
conn->tls_client_cert = NULL;
|
||||
if (conn->tls_client_key)
|
||||
strophe_free(conn->ctx, conn->tls_client_key);
|
||||
conn->tls_client_key = strophe_strdup(conn->ctx, key);
|
||||
conn->tls_client_key = NULL;
|
||||
if (cert && key) {
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, cert);
|
||||
conn->tls_client_key = strophe_strdup(conn->ctx, key);
|
||||
} else if (cert && !key) {
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, cert);
|
||||
} else if (!cert && key) {
|
||||
strophe_warn(conn->ctx, "xmpp",
|
||||
"xmpp_conn_set_client_cert: Passing PKCS#12 in 'key' "
|
||||
"parameter is deprecated. Use 'cert' instead");
|
||||
conn->tls_client_cert = strophe_strdup(conn->ctx, key);
|
||||
}
|
||||
}
|
||||
|
||||
/** Get the number of xmppAddr entries in the client certificate.
|
||||
@@ -966,6 +976,7 @@ void conn_disconnect(xmpp_conn_t *conn)
|
||||
conn->tls = NULL;
|
||||
}
|
||||
sock_close(conn->sock);
|
||||
_reset_sm_state_for_reconnect(conn);
|
||||
|
||||
/* fire off connection handler */
|
||||
conn->conn_handler(conn, XMPP_CONN_DISCONNECT, conn->error,
|
||||
@@ -1168,6 +1179,7 @@ long xmpp_conn_get_flags(const xmpp_conn_t *conn)
|
||||
* - XMPP_CONN_FLAG_LEGACY_SSL
|
||||
* - XMPP_CONN_FLAG_TRUST_TLS
|
||||
* - XMPP_CONN_FLAG_LEGACY_AUTH
|
||||
* - XMPP_CONN_FLAG_DISABLE_SM
|
||||
*
|
||||
* @param conn a Strophe connection object
|
||||
* @param flags ORed connection flags
|
||||
@@ -1288,32 +1300,38 @@ xmpp_sm_state_t *xmpp_conn_get_sm_state(xmpp_conn_t *conn)
|
||||
|
||||
ret = conn->sm_state;
|
||||
conn->sm_state = NULL;
|
||||
if (ret->previd) {
|
||||
strophe_free(conn->ctx, ret->previd);
|
||||
ret->previd = NULL;
|
||||
}
|
||||
|
||||
if (ret->can_resume) {
|
||||
ret->previd = ret->id;
|
||||
ret->id = NULL;
|
||||
|
||||
ret->bound_jid = conn->bound_jid;
|
||||
conn->bound_jid = NULL;
|
||||
} else if (ret->id) {
|
||||
strophe_free(conn->ctx, ret->id);
|
||||
ret->id = NULL;
|
||||
}
|
||||
|
||||
ret->sm_enabled = ret->sm_support = ret->resume = 0;
|
||||
|
||||
if (ret->bind) {
|
||||
xmpp_stanza_release(ret->bind);
|
||||
ret->bind = NULL;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void _reset_sm_state_for_reconnect(xmpp_conn_t *conn)
|
||||
{
|
||||
xmpp_sm_state_t *s = conn->sm_state;
|
||||
|
||||
if (s->previd) {
|
||||
strophe_free(conn->ctx, s->previd);
|
||||
s->previd = NULL;
|
||||
}
|
||||
|
||||
if (s->can_resume) {
|
||||
s->previd = s->id;
|
||||
s->id = NULL;
|
||||
|
||||
s->bound_jid = conn->bound_jid;
|
||||
conn->bound_jid = NULL;
|
||||
} else if (s->id) {
|
||||
strophe_free(conn->ctx, s->id);
|
||||
s->id = NULL;
|
||||
}
|
||||
|
||||
s->sm_enabled = s->sm_support = s->resume = 0;
|
||||
|
||||
if (s->bind) {
|
||||
xmpp_stanza_release(s->bind);
|
||||
s->bind = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param conn a Strophe connection object
|
||||
* @param sm_state A Stream Management state returned from a call to
|
||||
|
||||
20
src/ctx.c
20
src/ctx.c
@@ -50,10 +50,22 @@
|
||||
#include "resolver.h"
|
||||
#include "util.h"
|
||||
|
||||
/* Workaround for systems without va_copy support. */
|
||||
#if defined(_MSC_VER) && _MSC_VER < 1800 || \
|
||||
!defined(_MSC_VER) && !defined(HAVE_DECL_VA_COPY)
|
||||
#define va_copy(d, s) (memcpy(&d, &s, sizeof(va_list)))
|
||||
#ifndef va_copy
|
||||
#ifdef HAVE_VA_COPY
|
||||
#define va_copy(dest, src) va_copy(dest, src)
|
||||
#else
|
||||
#ifdef HAVE___VA_COPY
|
||||
#define va_copy(dest, src) __va_copy(dest, src)
|
||||
#else
|
||||
#ifndef VA_LIST_IS_ARRAY
|
||||
#define va_copy(dest, src) (dest) = (src)
|
||||
#else
|
||||
#include <string.h>
|
||||
#define va_copy(dest, src) \
|
||||
memcpy((char *)(dest), (char *)(src), sizeof(va_list))
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/** Initialize the Strophe library.
|
||||
|
||||
@@ -23,6 +23,10 @@
|
||||
#include <string.h> /* memeset */
|
||||
#include <time.h> /* clock, time */
|
||||
|
||||
#if !defined(_WIN32)
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
#if !defined(DONT_USE_GETRANDOM) && defined(__linux__) && \
|
||||
defined(__GLIBC_PREREQ)
|
||||
#if __GLIBC_PREREQ(2, 25)
|
||||
|
||||
@@ -322,7 +322,7 @@ static unsigned message_name_get(const unsigned char *buf,
|
||||
return 0;
|
||||
pointer = (label_len & 0x3f) << 8 | buf[i++];
|
||||
/* Prevent infinite looping */
|
||||
if (pointer == buf_offset)
|
||||
if (pointer >= buf_offset)
|
||||
return 0;
|
||||
if (name != NULL && name_len >= name_max && name_max > 0) {
|
||||
/* We have filled the name buffer. Don't pass it recursively. */
|
||||
|
||||
@@ -21,6 +21,10 @@
|
||||
#include <stdarg.h>
|
||||
#include <string.h>
|
||||
|
||||
#if !defined(_WIN32)
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
#include "strophe.h"
|
||||
|
||||
#include "common.h"
|
||||
@@ -217,7 +221,7 @@ int tls_caching_password_callback(char *pw, size_t pw_max, xmpp_conn_t *conn)
|
||||
int ret;
|
||||
unsigned char hash[XMPP_SHA1_DIGEST_SIZE];
|
||||
|
||||
const char *fname = conn->tls_client_key;
|
||||
const char *fname = conn->tls_client_cert;
|
||||
size_t fname_len = strlen(fname);
|
||||
xmpp_sha1_digest((void *)fname, fname_len, hash);
|
||||
if (fname_len && fname_len == conn->password_cache.fnamelen &&
|
||||
|
||||
@@ -95,7 +95,7 @@ static gnutls_x509_crt_t _tls_load_cert_p12(xmpp_conn_t *conn)
|
||||
int err = -1;
|
||||
if (gnutls_pkcs12_init(&p12) < 0)
|
||||
return NULL;
|
||||
if (gnutls_load_file(conn->tls_client_key, &data) < 0)
|
||||
if (gnutls_load_file(conn->tls_client_cert, &data) < 0)
|
||||
goto error_out;
|
||||
if (gnutls_pkcs12_import(p12, &data, GNUTLS_X509_FMT_DER, 0) < 0)
|
||||
goto error_out2;
|
||||
@@ -168,7 +168,7 @@ static gnutls_x509_crt_t _tls_load_cert(xmpp_conn_t *conn)
|
||||
{
|
||||
if (conn->tls && conn->tls->client_cert)
|
||||
return conn->tls->client_cert;
|
||||
if (!conn->tls_client_cert && conn->tls_client_key) {
|
||||
if (conn->tls_client_cert && !conn->tls_client_key) {
|
||||
return _tls_load_cert_p12(conn);
|
||||
}
|
||||
return _tls_load_cert_x509(conn);
|
||||
@@ -459,7 +459,7 @@ tls_t *tls_new(xmpp_conn_t *conn)
|
||||
}
|
||||
strophe_debug(tls->ctx, "tls", "wrong password?");
|
||||
}
|
||||
} else if (conn->tls_client_key) {
|
||||
} else if (conn->tls_client_cert) {
|
||||
unsigned int retries = 0;
|
||||
|
||||
while (retries++ < conn->password_retries) {
|
||||
@@ -470,7 +470,8 @@ tls_t *tls_new(xmpp_conn_t *conn)
|
||||
if (passlen < 0)
|
||||
continue;
|
||||
int err = gnutls_certificate_set_x509_simple_pkcs12_file(
|
||||
tls->cred, conn->tls_client_key, GNUTLS_X509_FMT_DER, pass);
|
||||
tls->cred, conn->tls_client_cert, GNUTLS_X509_FMT_DER,
|
||||
pass);
|
||||
memset(pass, 0, sizeof(pass));
|
||||
if (err == 0)
|
||||
break;
|
||||
|
||||
@@ -616,7 +616,7 @@ tls_t *tls_new(xmpp_conn_t *conn)
|
||||
ERR_GET_LIB(err), ERR_GET_REASON(err));
|
||||
goto err_free_ctx;
|
||||
}
|
||||
} else if (conn->tls_client_key) {
|
||||
} else if (conn->tls_client_cert) {
|
||||
EVP_PKEY *pkey = NULL;
|
||||
STACK_OF(X509) *ca = NULL;
|
||||
X509 *cert = _tls_cert_read_p12(conn, &pkey, &ca);
|
||||
@@ -974,7 +974,7 @@ _tls_cert_read_p12(xmpp_conn_t *conn, EVP_PKEY **pkey, STACK_OF(X509) * *ca)
|
||||
return conn->tls->client_cert;
|
||||
X509 *cert = NULL;
|
||||
PKCS12 *p12 = NULL;
|
||||
BIO *f = BIO_new_file(conn->tls_client_key, "r");
|
||||
BIO *f = BIO_new_file(conn->tls_client_cert, "rb");
|
||||
if (!f) {
|
||||
strophe_debug(conn->ctx, "tls", "f == NULL");
|
||||
goto error_out;
|
||||
@@ -1034,7 +1034,7 @@ static X509 *_tls_cert_read(xmpp_conn_t *conn)
|
||||
{
|
||||
if (conn->tls && conn->tls->client_cert)
|
||||
return conn->tls->client_cert;
|
||||
if (!conn->tls_client_cert && conn->tls_client_key) {
|
||||
if (conn->tls_client_cert && !conn->tls_client_key) {
|
||||
return _tls_cert_read_p12(conn, NULL, NULL);
|
||||
}
|
||||
return _tls_cert_read_x509(conn);
|
||||
|
||||
Binary file not shown.
@@ -174,10 +174,10 @@ int main()
|
||||
xmpp_ctx_t *ctx;
|
||||
xmpp_rand_t *rand;
|
||||
resolver_srv_rr_t *srv_rr_list;
|
||||
char *domain;
|
||||
char *domain, *rnd_b64;
|
||||
unsigned char *buf;
|
||||
unsigned short port;
|
||||
size_t i;
|
||||
size_t i, slen;
|
||||
int ret;
|
||||
|
||||
ctx = xmpp_ctx_new(NULL, NULL);
|
||||
@@ -223,10 +223,18 @@ int main()
|
||||
ret = resolver_srv_lookup_buf(ctx, buf, sizeof(data2), &srv_rr_list);
|
||||
if (ret == XMPP_DOMAIN_FOUND && srv_rr_list != NULL)
|
||||
resolver_srv_free(ctx, srv_rr_list);
|
||||
strophe_free(ctx, buf);
|
||||
xmpp_rand_free(ctx, rand);
|
||||
printf("ok\n");
|
||||
|
||||
printf("Broken message was:\n");
|
||||
rnd_b64 = xmpp_base64_encode(ctx, buf, sizeof(data2));
|
||||
slen = strlen(rnd_b64);
|
||||
for (i = 0; i < slen; i += 64) {
|
||||
printf("%.64s\n", &rnd_b64[i]);
|
||||
}
|
||||
|
||||
strophe_free(ctx, buf);
|
||||
strophe_free(ctx, rnd_b64);
|
||||
xmpp_ctx_free(ctx);
|
||||
|
||||
return 0;
|
||||
|
||||
@@ -13,6 +13,7 @@
|
||||
#include <assert.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <sys/param.h>
|
||||
|
||||
#include "strophe.h"
|
||||
|
||||
@@ -42,8 +43,13 @@ int main()
|
||||
{0, NULL, "tests/cert.emptypass.pfx"},
|
||||
{0, NULL, "tests/cert.nopass.pfx"},
|
||||
{1, NULL, "tests/cert.pfx"},
|
||||
{0, "tests/cert.emptypass.pfx", NULL},
|
||||
{0, "tests/cert.nopass.pfx", NULL},
|
||||
{1, "tests/cert.pfx", NULL},
|
||||
};
|
||||
|
||||
const char *srcdir;
|
||||
char *certbuf, *keybuf;
|
||||
char xmppaddr_num[] = "0";
|
||||
unsigned int m, n;
|
||||
|
||||
@@ -51,13 +57,29 @@ int main()
|
||||
log = xmpp_get_default_logger(XMPP_LEVEL_DEBUG);
|
||||
ctx = xmpp_ctx_new(NULL, log);
|
||||
|
||||
srcdir = getenv("srcdir");
|
||||
|
||||
certbuf = malloc(MAXPATHLEN);
|
||||
keybuf = malloc(MAXPATHLEN);
|
||||
|
||||
for (m = 0; m < sizeof(client_cert) / sizeof(client_cert[0]); ++m) {
|
||||
char *certfile = certbuf, *keyfile = keybuf;
|
||||
conn = xmpp_conn_new(ctx);
|
||||
|
||||
if (client_cert[m].pem)
|
||||
snprintf(certfile, MAXPATHLEN, "%s/%s", srcdir, client_cert[m].pem);
|
||||
else
|
||||
certfile = NULL;
|
||||
|
||||
if (client_cert[m].key)
|
||||
snprintf(keyfile, MAXPATHLEN, "%s/%s", srcdir, client_cert[m].key);
|
||||
else
|
||||
keyfile = NULL;
|
||||
|
||||
if (client_cert[m].needs_callback)
|
||||
xmpp_conn_set_password_callback(conn, password_callback, NULL);
|
||||
|
||||
xmpp_conn_set_client_cert(conn, client_cert[m].pem, client_cert[m].key);
|
||||
xmpp_conn_set_client_cert(conn, certfile, keyfile);
|
||||
|
||||
xmppaddr_num[0] = '0' + xmpp_conn_cert_xmppaddr_num(conn);
|
||||
|
||||
@@ -88,6 +110,8 @@ int main()
|
||||
}
|
||||
xmpp_conn_release(conn);
|
||||
}
|
||||
free(certbuf);
|
||||
free(keybuf);
|
||||
|
||||
xmpp_ctx_free(ctx);
|
||||
xmpp_shutdown();
|
||||
|
||||
@@ -1,14 +1,26 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ "x$LIBRESSL_COMMIT" != "x" ]; then
|
||||
cd "$HOME"
|
||||
git clone https://github.com/libressl-portable/portable.git libressl-git
|
||||
cd libressl-git
|
||||
if [ -n "$LIBRESSL_COMMIT" ]; then
|
||||
git checkout "$LIBRESSL_COMMIT"
|
||||
fi
|
||||
./autogen.sh
|
||||
./configure --prefix="$HOME/libressl"
|
||||
make -j"$(nproc)"
|
||||
make install
|
||||
set -e
|
||||
|
||||
[ "x$XSSL_COMMITISH" != "x" ]
|
||||
|
||||
if [ "x$LIBRESSL" = "xtrue" ]; then
|
||||
REPO_URL="https://github.com/libressl-portable/portable.git"
|
||||
AUTOGEN_CMD="./autogen.sh"
|
||||
CONFIG_CMD="./configure --prefix=$HOME/xssl --disable-asm"
|
||||
MAKE_TARGET="install"
|
||||
else
|
||||
REPO_URL="https://github.com/openssl/openssl.git"
|
||||
AUTOGEN_CMD="true"
|
||||
CONFIG_CMD="./Configure --prefix=$HOME/xssl --libdir=lib"
|
||||
MAKE_TARGET="install_sw"
|
||||
fi
|
||||
|
||||
cd "$HOME"
|
||||
git clone --no-checkout "$REPO_URL" xssl-git
|
||||
cd xssl-git
|
||||
git checkout "$XSSL_COMMITISH"
|
||||
$AUTOGEN_CMD
|
||||
$CONFIG_CMD
|
||||
make -j"$(nproc)"
|
||||
make $MAKE_TARGET
|
||||
|
||||
Reference in New Issue
Block a user