32 Commits

Author SHA1 Message Date
Dmitry Podgorny
87d40d23db WIP add xsock 2019-10-30 23:29:56 +02:00
Dmitry Podgorny
484e971323 travis-ci: check --enable-cares 2019-10-14 20:37:41 +03:00
Dmitry Podgorny
038404cb99 sock: reduce copy-paste
Move setting (non)block mode to a single static function.
2019-10-14 20:13:04 +03:00
Dmitry Podgorny
6f075bfc71 resolver: fix gcc 9.2.0 warning
message_name_get() adds "." to the tail and it leads to:
    strncpy(&dest, ".", 1);
gcc 9.2.0 generates a warning, because string is truncated without
copying trailing '\0'. Replace strncpy() with memcpy() to fix the
warning.
2019-10-14 17:36:11 +03:00
Dmitry Podgorny
7aed036896 sha1: fixed libstrophe build issues on Windows
Backported from NetXMS.
2019-10-14 09:54:54 +03:00
Dmitry Podgorny
0e8c88a5e4 resolver: backport patch from netxms
explicitely use non-UNICODE structures in libstrophe DNS resolver on Windows
2019-10-14 09:44:11 +03:00
Dmitry Podgorny
a13847d994 resolver: add c-ares support
This patch based on the patch from @gbour (see #7). With
--enable-cares old implementation will be replaced with c-ares API.
2019-10-14 06:51:08 +03:00
Dmitry Podgorny
18b67d6eaf tls/openssl: add LibreSSL support
OpenSSL and LibreSSL versions are incompatible. Moreover, LibreSSL
always define OPENSSL_VERSION_NUMBER as 0x20000000L. Instead of checking
for LibreSSL everywhere explicitly, redefine OPENSSL_VERSION_NUMBER.

See similar issues with nginx project: https://trac.nginx.org/nginx/ticket/1605
2019-10-11 01:59:34 +03:00
Viktor Ivanov
886f45584c Fix bug with xmpp chat not connecting
The facebook suddenly stopped connecting on my dev machine. I still cannot
explain what caused this change in behaviour, but I was finally able to
diagnose and fix the problem.

Chat was not connecting due to an error in tls_start. The windows function
InitializeSecurityContext was returning a SEC_E_INCOMPLETE_MESSAGE status
which was being treated as an error. However, the documentation states
that this is not an error. This status simply indicates that more data
needs to be read. This commit does precisely that -- when
SEC_E_INCOMPLETE_MESSAGE we read more data from the socket and call
InitializeSecurityContext again.
2019-10-11 00:54:37 +03:00
Dmitry Podgorny
4f915d7515 Release libstrophe-0.9.3 2019-10-10 21:47:08 +03:00
Dmitry Podgorny
e25ca7719f conn: don't hardcode buffer size
Use sizeof instead of hardcoded size, so the buffer can be changed
easily.
2019-10-02 03:26:36 +03:00
Dmitry Podgorny
2bf5cc0e41 auth: disable PLAIN when other mechanisms are supported
PLAIN mechanism sends password in BASE64 encoding which everyone can
read. As result, debug logs expose password and users often don't remove
it when post the logs in the Internet.

Usually, both a secure mechanism and PLAIN are used in the scenario when
username or password is incorrect. PLAIN fails in this scenario anyway.
2019-10-01 23:38:50 +03:00
Dmitry Podgorny
30f3cc9263 auth: disable legacy auth by default
Legacy authentication can expose password in plaintext. Since this is
not widely used mechanism, disable it by default. It can be enabled back
with connection option XMPP_CONN_FLAG_LEGACY_AUTH.
2019-10-01 22:34:31 +03:00
Dmitry Podgorny
e120109644 Android: update makefiles
This patch makes libstrophe build with NDK r20 and new libexpat.
2019-09-25 11:00:52 +00:00
Dmitry Podgorny
b4f13205d8 ChangeLog: notes for 0.9.3 2019-09-25 10:58:09 +00:00
Dmitry Podgorny
4797522d88 ChangeLog: mention missed notes for 0.9.2 2019-09-25 10:57:03 +00:00
Hoenig Mark (TT/EIS3-Lol)
5ee06776ee tls/openssl: don't call SSL_shutdown() after a fatal error
According to SSL_shutdown(3), the function must not be called
if previous fatal error occurred.
2019-07-03 15:14:01 +02:00
Dmitry Podgorny
c40b4c12c1 parser/expat: don't cast name to char*
name already has type char*, remove redundant code.
2019-03-04 18:01:29 +02:00
Dmitry Podgorny
d8329960c5 rand: don't pass NULL to memcpy()
Fixes a compiler's warning.
2019-03-04 18:00:01 +02:00
Andrey Starodubtsev
94ece33f16 attempt to free already freed memory fixed 2018-12-26 15:52:02 +03:00
Andrey Starodubtsev
b179c2d277 some memory leaks fixed 2018-12-26 15:44:55 +03:00
Andrey Starodubtsev
ab568a2666 memory leak in hash values fixed 2018-12-13 14:28:41 +03:00
Nikolay Lineckiy
c10c930e8f Fix incomplete send queue cleanup
Due to incomplete reset xmpp_conn_t object could not be safely reused
for reconnection
2018-12-04 18:58:36 +03:00
Dmitry Podgorny
6ddf424192 travis-ci: add -Werror flag
This flag has been removed from Makefile.am.
2018-11-06 11:45:39 +02:00
Dmitry Podgorny
6aff44184e autotools: remove AM_CFLAGS
AM_CFLAGS is ignored when target specific target_CFLAGS are present.
2018-11-06 11:35:52 +02:00
Dmitry Podgorny
9cc9ea86bb tls/openssl: log some info about certificate
Log subject name and issuer name from certificate after TLS connection
is established or fails to connect.
2018-11-06 10:53:46 +02:00
Dmitry Podgorny
13a0bc463c rand: fix comment 2018-10-24 22:28:54 +03:00
jngd
8ff510a3af Fix annoying comment about how disconnect can be performed 2018-09-26 19:15:58 +02:00
Dmitry Podgorny
633d1e9b52 travis-ci: remove check package from dependecies 2018-07-30 20:45:08 +03:00
Dmitry Podgorny
a13ba65cfb Don't pass NULL to strcmp()
There are places where code relies on well-formed stanzas and expects
that ns attribute is always present. Check whether ns NULL or not before
passing it to strcmp().

Fixes #121.
2018-07-30 20:38:43 +03:00
Stu Tomlinson
0e6b0ef84d Only require session if it is not optional
RFC6121 removes the precondition of establishing a session before a client
may exchange XML stanzas on an XMPP network.

This PR allows libstrophe to not request session where it is indicated
as optional by the server, saving a round trip.

https://tools.ietf.org/html/rfc6121#section-1.4
2018-06-08 14:27:29 +00:00
Xavi
9a86efabe5 Remove unused variable 2018-02-23 23:21:37 +01:00
25 changed files with 682 additions and 296 deletions

View File

@@ -1,15 +1,15 @@
language: c
install:
- sudo apt-get update
- sudo apt-get -y install libtool pkg-config libexpat1-dev libxml2-dev libssl-dev check
- sudo apt-get -y install libtool pkg-config libexpat1-dev libxml2-dev libssl-dev libc-ares-dev
before_script:
- ./bootstrap.sh
script:
- ./configure ${CONFIGURE_OPT} && make && make check-TESTS
- ./configure ${CONFIGURE_OPT} CFLAGS="-Werror" && make && make check
env:
- CONFIGURE_OPT="--without-libxml2"
- CONFIGURE_OPT="--with-libxml2"
- CONFIGURE_OPT="--disable-tls --without-libxml2"
- CONFIGURE_OPT="--disable-tls --with-libxml2"
- CONFIGURE_OPT="--disable-tls"
- CONFIGURE_OPT="--enable-cares"
matrix:
fast_finish: true

View File

@@ -1,3 +1,12 @@
0.9.3
- PLAIN mechanism is used only when no other mechanisms are supported
- Legacy authentication is disabled by default, can be enabled with
connection flag XMPP_CONN_FLAG_LEGACY_AUTH
- Session is not established if it is optional
- Fixed a bug causing a reused connection not to cleanup properly
- Improved debug logging in OpenSSL module
- Few memory leaks fixed
0.9.2
- OpenSSL tls module verifies certificate by default. Set flag
XMPP_CONN_FLAG_TRUST_TLS to ignore result of the verification
@@ -12,6 +21,8 @@
second in order to reduce CPU consumption
- Reduced memory usage in expat module
- New functions:
- xmpp_error_new()
- xmpp_send_error()
- xmpp_ctx_set_timeout()
- xmpp_sha1_digest()

View File

@@ -1,7 +1,6 @@
AUTOMAKE_OPTIONS = subdir-objects
ACLOCAL_AMFLAGS = -I m4
AM_CFLAGS = -g -Wall
PARSER_CFLAGS=@PARSER_CFLAGS@
PARSER_LIBS=@PARSER_LIBS@
@@ -9,6 +8,7 @@ PARSER_LIBS=@PARSER_LIBS@
SSL_CFLAGS = @openssl_CFLAGS@
SSL_LIBS = @openssl_LIBS@
RESOLV_CFLAGS = @RESOLV_CFLAGS@
RESOLV_LIBS = @RESOLV_LIBS@
STROPHE_FLAGS = -I$(top_srcdir) -Wall -Wextra -Wno-unused-parameter
@@ -17,7 +17,7 @@ STROPHE_LIBS = libstrophe.la
## Main build targets
lib_LTLIBRARIES = libstrophe.la
libstrophe_la_CFLAGS = $(SSL_CFLAGS) $(STROPHE_FLAGS) $(PARSER_CFLAGS)
libstrophe_la_CFLAGS = $(SSL_CFLAGS) $(STROPHE_FLAGS) $(PARSER_CFLAGS) $(RESOLV_CFLAGS)
libstrophe_la_LDFLAGS = $(SSL_LIBS) $(PARSER_LIBS) $(RESOLV_LIBS) -no-undefined
# Export only public API
libstrophe_la_LDFLAGS += -export-symbols-regex '^xmpp_'

View File

@@ -1,4 +1,4 @@
AC_INIT([libstrophe], [0.9.2], [jack@metajack.im])
AC_INIT([libstrophe], [0.9.3], [jack@metajack.im])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign])
LT_INIT([dlopen])
@@ -21,6 +21,8 @@ AC_ARG_WITH([libxml2],
[AS_HELP_STRING([--with-libxml2], [use libxml2 for XML parsing, expat is the default])])
AC_ARG_ENABLE([tls],
[AS_HELP_STRING([--disable-tls], [disable TLS support])])
AC_ARG_ENABLE([cares],
[AS_HELP_STRING([--enable-cares], [use c-ares for DNS resolution])])
if test "x$enable_tls" != xno; then
PKG_CHECK_MODULES([openssl], [openssl],
@@ -84,6 +86,18 @@ AC_MSG_NOTICE([libstrophe will use the $with_parser XML parser])
AC_SEARCH_LIBS([socket], [socket])
if test "x$enable_cares" = xyes; then
PKG_CHECK_MODULES([libcares], [libcares >= 1.7.0],
[
PC_REQUIRES="libcares ${PC_REQUIRES}"
RESOLV_CFLAGS=$libcares_CFLAGS
RESOLV_LIBS=$libcares_LIBS
AC_DEFINE([HAVE_CARES])
],
[AC_MSG_ERROR([libcares not found])])
# TODO: if pkg-config doesn't find, check the library manually
else
AS_CASE([$PLATFORM],
[bsd], [RESOLV_LIBS=""],
[qnx], [RESOLV_LIBS="-lsocket"],
@@ -110,6 +124,8 @@ AC_LINK_IFELSE([AC_LANG_SOURCE([
LIBS="${LIBS_TMP}"
PC_LIBS="${RESOLV_LIBS} ${PC_LIBS}"
fi
m4_ifdef([PKG_INSTALLDIR], [PKG_INSTALLDIR],
[AC_ARG_WITH([pkgconfigdir],
[AS_HELP_STRING([--with-pkgconfigdir],
@@ -126,6 +142,7 @@ AC_SUBST([PC_LIBS], [${PC_LIBS}])
AC_SUBST(PARSER_CFLAGS)
AC_SUBST(PARSER_LIBS)
AC_SUBST(RESOLV_CFLAGS)
AC_SUBST(RESOLV_LIBS)
AC_CONFIG_FILES([Makefile libstrophe.pc])
AC_OUTPUT

View File

@@ -62,7 +62,7 @@ include $(BUILD_STATIC_LIBRARY)
include $(CLEAR_VARS)
LOCAL_MODULE := libexpat
LOCAL_CFLAGS := -DHAVE_MEMMOVE
LOCAL_CFLAGS := -DHAVE_MEMMOVE -DXML_DEV_URANDOM
#LOCAL_C_INCLUDES := \
# $(LOCAL_PATH)/expat

View File

@@ -1,2 +1,2 @@
APP_ABI := armeabi armeabi-v7a mips x86
APP_ABI := armeabi-v7a arm64-v8a
APP_PLATFORM := android-19

View File

@@ -61,6 +61,7 @@
#endif
static void _auth(xmpp_conn_t * const conn);
static void _auth_legacy(xmpp_conn_t *conn);
static void _handle_open_sasl(xmpp_conn_t * const conn);
static void _handle_open_tls(xmpp_conn_t * const conn);
@@ -69,11 +70,6 @@ static int _handle_component_hs_response(xmpp_conn_t * const conn,
xmpp_stanza_t * const stanza,
void * const userdata);
static int _handle_missing_legacy(xmpp_conn_t * const conn,
void * const userdata);
static int _handle_legacy(xmpp_conn_t * const conn,
xmpp_stanza_t * const stanza,
void * const userdata);
static int _handle_features_sasl(xmpp_conn_t * const conn,
xmpp_stanza_t * const stanza,
void * const userdata);
@@ -219,6 +215,7 @@ static int _handle_features(xmpp_conn_t * const conn,
void * const userdata)
{
xmpp_stanza_t *child, *mech;
const char *ns;
char *text;
/* remove the handler that detects missing stream:features */
@@ -228,8 +225,10 @@ static int _handle_features(xmpp_conn_t * const conn,
if (!conn->secured) {
if (!conn->tls_disabled) {
child = xmpp_stanza_get_child_by_name(stanza, "starttls");
if (child && (strcmp(xmpp_stanza_get_ns(child), XMPP_NS_TLS) == 0))
conn->tls_support = 1;
if (child) {
ns = xmpp_stanza_get_ns(child);
conn->tls_support = ns != NULL && strcmp(ns, XMPP_NS_TLS) == 0;
}
} else {
conn->tls_support = 0;
}
@@ -237,11 +236,15 @@ static int _handle_features(xmpp_conn_t * const conn,
/* check for SASL */
child = xmpp_stanza_get_child_by_name(stanza, "mechanisms");
if (child && (strcmp(xmpp_stanza_get_ns(child), XMPP_NS_SASL) == 0)) {
ns = child ? xmpp_stanza_get_ns(child) : NULL;
if (child && ns && strcmp(ns, XMPP_NS_SASL) == 0) {
for (mech = xmpp_stanza_get_children(child); mech;
mech = xmpp_stanza_get_next(mech)) {
if (xmpp_stanza_get_name(mech) && strcmp(xmpp_stanza_get_name(mech), "mechanism") == 0) {
text = xmpp_stanza_get_text(mech);
if (text == NULL)
continue;
if (strcasecmp(text, "PLAIN") == 0)
conn->sasl_support |= SASL_MASK_PLAIN;
else if (strcasecmp(text, "DIGEST-MD5") == 0)
@@ -256,6 +259,10 @@ static int _handle_features(xmpp_conn_t * const conn,
}
}
/* Disable PLAIN when other secure mechanisms are supported */
if (conn->sasl_support & ~(SASL_MASK_PLAIN | SASL_MASK_ANONYMOUS))
conn->sasl_support &= ~SASL_MASK_PLAIN;
_auth(conn);
return 0;
@@ -550,9 +557,11 @@ static xmpp_stanza_t *_make_sasl_auth(xmpp_conn_t * const conn,
*/
static void _auth(xmpp_conn_t * const conn)
{
xmpp_stanza_t *auth, *authdata, *query, *child, *iq;
char *str, *authid;
xmpp_stanza_t *auth;
xmpp_stanza_t *authdata;
char *authid;
char *scram_init;
char *str;
int anonjid;
/* if there is no node in conn->jid, we assume anonymous connect */
@@ -719,105 +728,12 @@ static void _auth(xmpp_conn_t * const conn)
/* SASL PLAIN was tried */
conn->sasl_support &= ~SASL_MASK_PLAIN;
} else if (conn->type == XMPP_CLIENT) {
/* legacy client authentication */
iq = xmpp_iq_new(conn->ctx, "set", "_xmpp_auth1");
if (!iq) {
disconnect_mem_error(conn);
return;
}
query = xmpp_stanza_new(conn->ctx);
if (!query) {
xmpp_stanza_release(iq);
disconnect_mem_error(conn);
return;
}
xmpp_stanza_set_name(query, "query");
xmpp_stanza_set_ns(query, XMPP_NS_AUTH);
xmpp_stanza_add_child(iq, query);
xmpp_stanza_release(query);
child = xmpp_stanza_new(conn->ctx);
if (!child) {
xmpp_stanza_release(iq);
disconnect_mem_error(conn);
return;
}
xmpp_stanza_set_name(child, "username");
xmpp_stanza_add_child(query, child);
xmpp_stanza_release(child);
authdata = xmpp_stanza_new(conn->ctx);
if (!authdata) {
xmpp_stanza_release(iq);
disconnect_mem_error(conn);
return;
}
str = xmpp_jid_node(conn->ctx, conn->jid);
xmpp_stanza_set_text(authdata, str);
xmpp_free(conn->ctx, str);
xmpp_stanza_add_child(child, authdata);
xmpp_stanza_release(authdata);
child = xmpp_stanza_new(conn->ctx);
if (!child) {
xmpp_stanza_release(iq);
disconnect_mem_error(conn);
return;
}
xmpp_stanza_set_name(child, "password");
xmpp_stanza_add_child(query, child);
xmpp_stanza_release(child);
authdata = xmpp_stanza_new(conn->ctx);
if (!authdata) {
xmpp_stanza_release(iq);
disconnect_mem_error(conn);
return;
}
xmpp_stanza_set_text(authdata, conn->pass);
xmpp_stanza_add_child(child, authdata);
xmpp_stanza_release(authdata);
child = xmpp_stanza_new(conn->ctx);
if (!child) {
xmpp_stanza_release(iq);
disconnect_mem_error(conn);
return;
}
xmpp_stanza_set_name(child, "resource");
xmpp_stanza_add_child(query, child);
xmpp_stanza_release(child);
authdata = xmpp_stanza_new(conn->ctx);
if (!authdata) {
xmpp_stanza_release(iq);
disconnect_mem_error(conn);
return;
}
str = xmpp_jid_resource(conn->ctx, conn->jid);
if (str) {
xmpp_stanza_set_text(authdata, str);
xmpp_free(conn->ctx, str);
} else {
xmpp_stanza_release(authdata);
xmpp_stanza_release(iq);
xmpp_error(conn->ctx, "auth",
"Cannot authenticate without resource");
xmpp_disconnect(conn);
return;
}
xmpp_stanza_add_child(child, authdata);
xmpp_stanza_release(authdata);
handler_add_id(conn, _handle_legacy, "_xmpp_auth1", NULL);
handler_add_timed(conn, _handle_missing_legacy,
LEGACY_TIMEOUT, NULL);
xmpp_send(conn, iq);
xmpp_stanza_release(iq);
} else if (conn->type == XMPP_CLIENT && conn->auth_legacy_enabled) {
/* legacy client authentication */
_auth_legacy(conn);
} else {
xmpp_error(conn->ctx, "auth", "Cannot authenticate with known methods");
xmpp_disconnect(conn);
}
}
@@ -871,7 +787,8 @@ static int _handle_features_sasl(xmpp_conn_t * const conn,
xmpp_stanza_t * const stanza,
void * const userdata)
{
xmpp_stanza_t *bind, *session, *iq, *res, *text;
xmpp_stanza_t *bind, *session, *iq, *res, *text, *opt;
const char *ns;
char *resource;
/* remove missing features handler */
@@ -880,16 +797,21 @@ static int _handle_features_sasl(xmpp_conn_t * const conn,
/* we are expecting <bind/> and <session/> since this is a
XMPP style connection */
/* check whether resource binding is required */
bind = xmpp_stanza_get_child_by_name(stanza, "bind");
if (bind && strcmp(xmpp_stanza_get_ns(bind), XMPP_NS_BIND) == 0) {
/* resource binding is required */
conn->bind_required = 1;
if (bind) {
ns = xmpp_stanza_get_ns(bind);
conn->bind_required = ns != NULL && strcmp(ns, XMPP_NS_BIND) == 0;
}
/* check whether session establishment is required */
session = xmpp_stanza_get_child_by_name(stanza, "session");
if (session && strcmp(xmpp_stanza_get_ns(session), XMPP_NS_SESSION) == 0) {
/* session establishment required */
conn->session_required = 1;
if (session) {
ns = xmpp_stanza_get_ns(session);
opt = xmpp_stanza_get_child_by_name(session, "optional");
if (!opt)
conn->session_required = ns != NULL &&
strcmp(ns, XMPP_NS_SESSION) == 0;
}
/* if bind is required, go ahead and start it */
@@ -1092,6 +1014,15 @@ static int _handle_missing_session(xmpp_conn_t * const conn,
return 0;
}
static int _handle_missing_legacy(xmpp_conn_t * const conn,
void * const userdata)
{
xmpp_error(conn->ctx, "xmpp", "Server did not reply to legacy "\
"authentication request.");
xmpp_disconnect(conn);
return 0;
}
static int _handle_legacy(xmpp_conn_t * const conn,
xmpp_stanza_t * const stanza,
void * const userdata)
@@ -1128,13 +1059,97 @@ static int _handle_legacy(xmpp_conn_t * const conn,
return 0;
}
static int _handle_missing_legacy(xmpp_conn_t * const conn,
void * const userdata)
static void _auth_legacy(xmpp_conn_t *conn)
{
xmpp_error(conn->ctx, "xmpp", "Server did not reply to legacy "\
"authentication request.");
xmpp_disconnect(conn);
return 0;
xmpp_stanza_t *iq;
xmpp_stanza_t *authdata;
xmpp_stanza_t *query;
xmpp_stanza_t *child;
char *str;
xmpp_debug(conn->ctx, "auth", "Legacy authentication request");
iq = xmpp_iq_new(conn->ctx, "set", "_xmpp_auth1");
if (!iq)
goto err;
query = xmpp_stanza_new(conn->ctx);
if (!query)
goto err_free;
xmpp_stanza_set_name(query, "query");
xmpp_stanza_set_ns(query, XMPP_NS_AUTH);
xmpp_stanza_add_child(iq, query);
xmpp_stanza_release(query);
child = xmpp_stanza_new(conn->ctx);
if (!child)
goto err_free;
xmpp_stanza_set_name(child, "username");
xmpp_stanza_add_child(query, child);
xmpp_stanza_release(child);
authdata = xmpp_stanza_new(conn->ctx);
if (!authdata)
goto err_free;
str = xmpp_jid_node(conn->ctx, conn->jid);
if (!str) {
xmpp_stanza_release(authdata);
goto err_free;
}
xmpp_stanza_set_text(authdata, str);
xmpp_free(conn->ctx, str);
xmpp_stanza_add_child(child, authdata);
xmpp_stanza_release(authdata);
child = xmpp_stanza_new(conn->ctx);
if (!child)
goto err_free;
xmpp_stanza_set_name(child, "password");
xmpp_stanza_add_child(query, child);
xmpp_stanza_release(child);
authdata = xmpp_stanza_new(conn->ctx);
if (!authdata)
goto err_free;
xmpp_stanza_set_text(authdata, conn->pass);
xmpp_stanza_add_child(child, authdata);
xmpp_stanza_release(authdata);
child = xmpp_stanza_new(conn->ctx);
if (!child)
goto err_free;
xmpp_stanza_set_name(child, "resource");
xmpp_stanza_add_child(query, child);
xmpp_stanza_release(child);
authdata = xmpp_stanza_new(conn->ctx);
if (!authdata)
goto err_free;
str = xmpp_jid_resource(conn->ctx, conn->jid);
if (str) {
xmpp_stanza_set_text(authdata, str);
xmpp_free(conn->ctx, str);
} else {
xmpp_stanza_release(authdata);
xmpp_stanza_release(iq);
xmpp_error(conn->ctx, "auth", "Cannot authenticate without resource");
xmpp_disconnect(conn);
return;
}
xmpp_stanza_add_child(child, authdata);
xmpp_stanza_release(authdata);
handler_add_id(conn, _handle_legacy, "_xmpp_auth1", NULL);
handler_add_timed(conn, _handle_missing_legacy, LEGACY_TIMEOUT, NULL);
xmpp_send(conn, iq);
xmpp_stanza_release(iq);
return;
err_free:
xmpp_stanza_release(iq);
err:
disconnect_mem_error(conn);
}
void auth_handle_component_open(xmpp_conn_t * const conn)

View File

@@ -160,6 +160,7 @@ struct _xmpp_conn_t {
xmpp_stream_error_t *stream_error;
sock_t sock;
xmpp_sock_t *xsock;
int ka_timeout; /* TCP keepalive timeout */
int ka_interval; /* TCP keepalive interval */
@@ -172,6 +173,7 @@ struct _xmpp_conn_t {
int tls_failed; /* set when tls fails, so we don't try again */
int sasl_support; /* if true, field is a bitfield of supported
mechanisms */
int auth_legacy_enabled;
int secured; /* set when stream is secured with TLS */
/* if server returns <bind/> or <session/> we must do them */

View File

@@ -140,6 +140,7 @@ xmpp_conn_t *xmpp_conn_new(xmpp_ctx_t * const ctx)
conn->tls_trust = 0;
conn->tls_failed = 0;
conn->sasl_support = 0;
conn->auth_legacy_enabled = 0;
conn->secured = 0;
conn->bind_required = 0;
@@ -688,7 +689,8 @@ void conn_disconnect(xmpp_conn_t * const conn)
tls_free(conn->tls);
conn->tls = NULL;
}
sock_close(conn->sock);
if (conn->sock >= 0)
sock_close(conn->sock);
/* fire off connection handler */
conn->conn_handler(conn, XMPP_CONN_DISCONNECT, conn->error,
@@ -713,7 +715,7 @@ void conn_parser_reset(xmpp_conn_t * const conn)
/** Initiate termination of the connection to the XMPP server.
* This function starts the disconnection sequence by sending
* </stream:stream> to the XMPP server. This function will do nothing
* if the connection state is CONNECTING or CONNECTED.
* if the connection state is different from CONNECTING or CONNECTED.
*
* @param conn a Strophe connection object
*
@@ -755,10 +757,10 @@ void xmpp_send_raw_string(xmpp_conn_t * const conn,
char *bigbuf;
va_start(ap, fmt);
len = xmpp_vsnprintf(buf, 1024, fmt, ap);
len = xmpp_vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
if (len >= 1024) {
if (len >= sizeof(buf)) {
/* we need more space for this data, so we allocate a big
* enough buffer and print to that */
len++; /* account for trailing \0 */
@@ -779,7 +781,6 @@ void xmpp_send_raw_string(xmpp_conn_t * const conn,
xmpp_free(conn->ctx, bigbuf);
} else {
xmpp_debug(conn->ctx, "conn", "SENT: %s", buf);
xmpp_send_raw(conn, buf, len);
}
}
@@ -844,10 +845,9 @@ void xmpp_send(xmpp_conn_t * const conn,
{
char *buf;
size_t len;
int ret;
if (conn->state == XMPP_STATE_CONNECTED) {
if ((ret = xmpp_stanza_to_text(stanza, &buf, &len)) == 0) {
if (xmpp_stanza_to_text(stanza, &buf, &len) == 0) {
xmpp_send_raw(conn, buf, len);
xmpp_debug(conn->ctx, "conn", "SENT: %s", buf);
xmpp_free(conn->ctx, buf);
@@ -922,7 +922,8 @@ long xmpp_conn_get_flags(const xmpp_conn_t * const conn)
flags = XMPP_CONN_FLAG_DISABLE_TLS * conn->tls_disabled |
XMPP_CONN_FLAG_MANDATORY_TLS * conn->tls_mandatory |
XMPP_CONN_FLAG_LEGACY_SSL * conn->tls_legacy_ssl |
XMPP_CONN_FLAG_TRUST_TLS * conn->tls_trust;
XMPP_CONN_FLAG_TRUST_TLS * conn->tls_trust |
XMPP_CONN_FLAG_LEGACY_AUTH * conn->auth_legacy_enabled;;
return flags;
}
@@ -940,6 +941,7 @@ long xmpp_conn_get_flags(const xmpp_conn_t * const conn)
* - XMPP_CONN_FLAG_MANDATORY_TLS
* - XMPP_CONN_FLAG_LEGACY_SSL
* - XMPP_CONN_FLAG_TRUST_TLS
* - XMPP_CONN_FLAG_LEGACY_AUTH
*
* @param conn a Strophe connection object
* @param flags ORed connection flags
@@ -966,6 +968,7 @@ int xmpp_conn_set_flags(xmpp_conn_t * const conn, long flags)
conn->tls_mandatory = (flags & XMPP_CONN_FLAG_MANDATORY_TLS) ? 1 : 0;
conn->tls_legacy_ssl = (flags & XMPP_CONN_FLAG_LEGACY_SSL) ? 1 : 0;
conn->tls_trust = (flags & XMPP_CONN_FLAG_TRUST_TLS) ? 1 : 0;
conn->auth_legacy_enabled = (flags & XMPP_CONN_FLAG_LEGACY_AUTH) ? 1 : 0;
return 0;
}
@@ -1211,6 +1214,9 @@ static void _conn_reset(xmpp_conn_t * const conn)
xmpp_free(ctx, tsq->data);
xmpp_free(ctx, tsq);
}
conn->send_queue_head = NULL;
conn->send_queue_tail = NULL;
conn->send_queue_len = 0;
if (conn->stream_error) {
xmpp_stanza_release(conn->stream_error->stanza);
@@ -1258,7 +1264,8 @@ static int _conn_connect(xmpp_conn_t * const conn,
conn->domain = xmpp_strdup(conn->ctx, domain);
if (!conn->domain) return XMPP_EMEM;
conn->sock = sock_connect(host, port);
conn->xsock = sock_new(conn->ctx, host, port);
conn->sock = sock_connect(conn->xsock);
xmpp_debug(conn->ctx, "xmpp", "sock_connect() to %s:%u returned %d",
host, port, conn->sock);
if (conn->sock == -1) return XMPP_EINT;

View File

@@ -47,6 +47,7 @@
#include "strophe.h"
#include "common.h"
#include "resolver.h"
#include "util.h"
/* Workaround for visual studio without va_copy support. */
@@ -63,6 +64,7 @@
void xmpp_initialize(void)
{
sock_initialize();
resolver_initialize();
tls_initialize();
}
@@ -73,6 +75,7 @@
void xmpp_shutdown(void)
{
tls_shutdown();
resolver_shutdown();
sock_shutdown();
}

View File

@@ -51,6 +51,18 @@
#include "common.h"
#include "parser.h"
static int _connect_next(xmpp_conn_t *conn)
{
sock_close(conn->sock);
conn->sock = sock_connect(conn->xsock);
if (conn->sock < 0)
return -1;
conn->timeout_stamp = time_stamp();
return 0;
}
/** Run the event loop once.
* This function will run send any data that has been queued by
* xmpp_send and related functions and run through the Strophe even
@@ -180,6 +192,11 @@ void xmpp_run_once(xmpp_ctx_t *ctx, const unsigned long timeout)
conn->connect_timeout)
FD_SET(conn->sock, &wfds);
else {
ret = _connect_next(conn);
if (ret == 0) {
FD_SET(conn->sock, &wfds);
break;
}
conn->error = ETIMEDOUT;
xmpp_info(ctx, "xmpp", "Connection attempt timed out.");
conn_disconnect(conn);
@@ -238,6 +255,11 @@ void xmpp_run_once(xmpp_ctx_t *ctx, const unsigned long timeout)
/* check for error */
ret = sock_connect_error(conn->sock);
if (ret != 0) {
ret = _connect_next(conn);
if (ret == 0)
break;
}
if (ret != 0) {
/* connection failed */
xmpp_debug(ctx, "xmpp", "connection failed, error %d", ret);

View File

@@ -163,6 +163,8 @@ int hash_add(hash_t *table, const char * const key, void *data)
entry->next = table->entries[table_index];
table->entries[table_index] = entry;
table->num_keys++;
} else {
if (table->free) table->free(ctx, entry->value);
}
entry->value = data;

View File

@@ -137,7 +137,7 @@ static void _start_element(void *userdata,
if (parser->depth == 0) {
/* notify the owner */
if (parser->startcb)
parser->startcb((char *)name, (char **)attrs,
parser->startcb(name, (char **)attrs,
parser->userdata);
} else {
/* build stanzas at depth 1 */

View File

@@ -127,9 +127,11 @@ static void Hash_DRBG_Instantiate(Hash_DRBG_CTX *ctx,
assert(entropy_input_len <= ENTROPY_MAX);
assert(nonce_len <= NONCE_MAX);
assert(nonce != NULL || nonce_len == 0);
memcpy(seed_material, entropy_input, entropy_input_len);
memcpy(seed_material + entropy_input_len, nonce, nonce_len);
if (nonce != NULL)
memcpy(seed_material + entropy_input_len, nonce, nonce_len);
Hash_df(seed_material, entropy_input_len + nonce_len, seed, seedlen);
seed0[0] = 0;

View File

@@ -36,7 +36,7 @@ xmpp_rand_t *xmpp_rand_new(xmpp_ctx_t *ctx);
*/
void xmpp_rand_free(xmpp_ctx_t *ctx, xmpp_rand_t *rand);
/** Generate random integer
/** Generate random integer.
* Analogue of rand(3).
*
* @ingroup Random

View File

@@ -1,4 +1,4 @@
/* resolver.h
/* resolver.c
* strophe XMPP client library -- DNS resolver
*
* Copyright (C) 2015 Dmitry Podgorny <pasis.ua@gmail.com>
@@ -13,11 +13,15 @@
* DNS resolver.
*/
#ifndef _WIN32
#if !defined(_WIN32) && !defined(HAVE_CARES)
#include <netinet/in.h>
#include <arpa/nameser.h>
#include <resolv.h> /* res_query */
#endif /* _WIN32 */
#endif /* _WIN32 && HAVE_CARES */
#ifdef HAVE_CARES
#include <ares.h>
#endif /* HAVE_CARES */
#include <string.h> /* strncpy */
@@ -31,6 +35,189 @@
#define MESSAGE_T_SRV 33
#define MESSAGE_C_IN 1
/*******************************************************************************
* Forward declarations.
******************************************************************************/
#ifdef HAVE_CARES
static int resolver_ares_srv_lookup_buf(xmpp_ctx_t *ctx,
const unsigned char *buf,
size_t len,
resolver_srv_rr_t **srv_rr_list);
static int resolver_ares_srv_lookup(xmpp_ctx_t *ctx, const char *fulldomain,
resolver_srv_rr_t **srv_rr_list);
#endif /* HAVE_CARES */
#ifndef HAVE_CARES
static int resolver_raw_srv_lookup_buf(xmpp_ctx_t *ctx,
const unsigned char *buf,
size_t len,
resolver_srv_rr_t **srv_rr_list);
#endif /* !HAVE_CARES */
#ifdef _WIN32
static int resolver_win32_srv_lookup(xmpp_ctx_t *ctx, const char *fulldomain,
resolver_srv_rr_t **srv_rr_list);
static int resolver_win32_srv_query(const char *fulldomain,
unsigned char *buf, size_t len);
#endif /* _WIN32 */
/*******************************************************************************
* Implementation.
******************************************************************************/
void resolver_initialize(void)
{
#ifdef HAVE_CARES
ares_library_init(ARES_LIB_INIT_ALL);
#endif
}
void resolver_shutdown(void)
{
#ifdef HAVE_CARES
ares_library_cleanup();
#endif
}
static void resolver_srv_list_sort(resolver_srv_rr_t **srv_rr_list)
{
resolver_srv_rr_t *rr_head;
resolver_srv_rr_t *rr_current;
resolver_srv_rr_t *rr_next;
resolver_srv_rr_t *rr_prev;
int swap;
rr_head = *srv_rr_list;
if ((rr_head == NULL) || (rr_head->next == NULL)) {
/* Empty or single record list */
return;
}
do {
rr_prev = NULL;
rr_current = rr_head;
rr_next = rr_head->next;
swap = 0;
while (rr_next != NULL) {
/*
* RFC2052: A client MUST attempt to contact the target host
* with the lowest-numbered priority it can reach.
* RFC2052: When selecting a target host among the
* those that have the same priority, the chance of trying
* this one first SHOULD be proportional to its weight.
*/
if ((rr_current->priority > rr_next->priority) ||
(rr_current->priority == rr_next->priority &&
rr_current->weight < rr_next->weight))
{
/* Swap node */
swap = 1;
if (rr_prev != NULL) {
rr_prev->next = rr_next;
} else {
/* Swap head node */
rr_head = rr_next;
}
rr_current->next = rr_next->next;
rr_next->next = rr_current;
rr_prev = rr_next;
rr_next = rr_current->next;
} else {
/* Next node */
rr_prev = rr_current;
rr_current = rr_next;
rr_next = rr_next->next;
}
}
} while (swap != 0);
*srv_rr_list = rr_head;
}
int resolver_srv_lookup_buf(xmpp_ctx_t *ctx, const unsigned char *buf,
size_t len, resolver_srv_rr_t **srv_rr_list)
{
int set;
#ifdef HAVE_CARES
set = resolver_ares_srv_lookup_buf(ctx, buf, len, srv_rr_list);
#else
set = resolver_raw_srv_lookup_buf(ctx, buf, len, srv_rr_list);
#endif
resolver_srv_list_sort(srv_rr_list);
return set;
}
int resolver_srv_lookup(xmpp_ctx_t *ctx, const char *service, const char *proto,
const char *domain, resolver_srv_rr_t **srv_rr_list)
{
#define RESOLVER_BUF_MAX 65536
unsigned char *buf;
char fulldomain[2048];
int len;
int set = XMPP_DOMAIN_NOT_FOUND;
(void)buf;
(void)len;
xmpp_snprintf(fulldomain, sizeof(fulldomain),
"_%s._%s.%s", service, proto, domain);
*srv_rr_list = NULL;
#ifdef HAVE_CARES
set = resolver_ares_srv_lookup(ctx, fulldomain, srv_rr_list);
#else /* HAVE_CARES */
#ifdef _WIN32
set = resolver_win32_srv_lookup(ctx, fulldomain, srv_rr_list);
if (set == XMPP_DOMAIN_FOUND)
return set;
#endif /* _WIN32 */
buf = xmpp_alloc(ctx, RESOLVER_BUF_MAX);
if (buf == NULL)
return XMPP_DOMAIN_NOT_FOUND;
#ifdef _WIN32
len = resolver_win32_srv_query(fulldomain, buf, RESOLVER_BUF_MAX);
#else /* _WIN32 */
len = res_query(fulldomain, MESSAGE_C_IN, MESSAGE_T_SRV, buf,
RESOLVER_BUF_MAX);
#endif /* _WIN32 */
if (len > 0)
set = resolver_srv_lookup_buf(ctx, buf, (size_t)len, srv_rr_list);
xmpp_free(ctx, buf);
#endif /* HAVE_CARES */
return set;
}
void resolver_srv_free(xmpp_ctx_t *ctx, resolver_srv_rr_t *srv_rr_list)
{
resolver_srv_rr_t *rr;
while (srv_rr_list != NULL) {
rr = srv_rr_list->next;
xmpp_free(ctx, srv_rr_list);
srv_rr_list = rr;
}
}
#ifndef HAVE_CARES
/*******************************************************************************
* Resolver raw implementation.
*
* This code is common for both unix and win32.
******************************************************************************/
struct message_header {
uint16_t id;
uint8_t octet2;
@@ -41,13 +228,6 @@ struct message_header {
uint16_t arcount;
};
#ifdef _WIN32
static int resolver_win32_srv_lookup(xmpp_ctx_t *ctx, const char *fulldomain,
resolver_srv_rr_t **srv_rr_list);
static int resolver_win32_srv_query(const char *fulldomain,
unsigned char *buf, size_t len);
#endif /* _WIN32 */
/* the same as ntohs(), but receives pointer to the value */
static uint16_t xmpp_ntohs_ptr(const void *ptr)
{
@@ -80,7 +260,7 @@ static size_t message_name_append_safe(char *name, size_t name_len,
copy_len = name_max > name_len ? name_max - name_len : 0;
copy_len = xmpp_min(tail_len, copy_len);
if (copy_len > 0)
strncpy(&name[name_len], tail, copy_len);
memcpy(&name[name_len], tail, copy_len);
return name_len + tail_len;
}
@@ -160,63 +340,6 @@ static unsigned message_name_len(const unsigned char *buf, size_t buf_len,
return message_name_get(buf, buf_len, buf_offset, NULL, SIZE_MAX);
}
static void resolver_srv_list_sort(resolver_srv_rr_t **srv_rr_list)
{
resolver_srv_rr_t * rr_head;
resolver_srv_rr_t * rr_current;
resolver_srv_rr_t * rr_next;
resolver_srv_rr_t * rr_prev;
int swap;
rr_head = *srv_rr_list;
if ((rr_head == NULL) || (rr_head->next == NULL)) {
/* Empty or single record list */
return;
}
do {
rr_prev = NULL;
rr_current = rr_head;
rr_next = rr_head->next;
swap = 0;
while (rr_next != NULL) {
/*
* RFC2052: A client MUST attempt to contact the target host
* with the lowest-numbered priority it can reach.
* RFC2052: When selecting a target host among the
* those that have the same priority, the chance of trying
* this one first SHOULD be proportional to its weight.
*/
if ((rr_current->priority > rr_next->priority) ||
(rr_current->priority == rr_next->priority &&
rr_current->weight < rr_next->weight))
{
/* Swap node */
swap = 1;
if (rr_prev != NULL) {
rr_prev->next = rr_next;
} else {
/* Swap head node */
rr_head = rr_next;
}
rr_current->next = rr_next->next;
rr_next->next = rr_current;
rr_prev = rr_next;
rr_next = rr_current->next;
} else {
/* Next node */
rr_prev = rr_current;
rr_current = rr_next;
rr_next = rr_next->next;
}
}
} while (swap != 0);
*srv_rr_list = rr_head;
}
#define BUF_OVERFLOW_CHECK(ptr, len) do { \
if ((ptr) >= (len)) { \
if (*srv_rr_list != NULL) \
@@ -226,8 +349,10 @@ static void resolver_srv_list_sort(resolver_srv_rr_t **srv_rr_list)
} \
} while (0)
int resolver_srv_lookup_buf(xmpp_ctx_t *ctx, const unsigned char *buf,
size_t len, resolver_srv_rr_t **srv_rr_list)
static int resolver_raw_srv_lookup_buf(xmpp_ctx_t *ctx,
const unsigned char *buf,
size_t len,
resolver_srv_rr_t **srv_rr_list)
{
unsigned i;
unsigned j;
@@ -292,52 +417,110 @@ int resolver_srv_lookup_buf(xmpp_ctx_t *ctx, const unsigned char *buf,
}
j += rdlength;
}
resolver_srv_list_sort(srv_rr_list);
return *srv_rr_list != NULL ? XMPP_DOMAIN_FOUND : XMPP_DOMAIN_NOT_FOUND;
}
int resolver_srv_lookup(xmpp_ctx_t *ctx, const char *service, const char *proto,
const char *domain, resolver_srv_rr_t **srv_rr_list)
{
char fulldomain[2048];
unsigned char buf[65535];
int len;
int set = XMPP_DOMAIN_NOT_FOUND;
#endif /* !HAVE_CARES */
xmpp_snprintf(fulldomain, sizeof(fulldomain),
"_%s._%s.%s", service, proto, domain);
#ifdef HAVE_CARES
/*******************************************************************************
* Resolver implementation using c-ares library.
******************************************************************************/
struct resolver_ares_ctx {
xmpp_ctx_t *ctx;
int result;
resolver_srv_rr_t *srv_rr_list;
};
static int resolver_ares_srv_lookup_buf(xmpp_ctx_t *ctx,
const unsigned char *buf,
size_t len,
resolver_srv_rr_t **srv_rr_list)
{
struct ares_srv_reply *srv;
struct ares_srv_reply *item;
resolver_srv_rr_t *rr;
int rc;
*srv_rr_list = NULL;
#ifdef _WIN32
set = resolver_win32_srv_lookup(ctx, fulldomain, srv_rr_list);
if (set == XMPP_DOMAIN_FOUND)
return set;
len = resolver_win32_srv_query(fulldomain, buf, sizeof(buf));
#else /* _WIN32 */
len = res_query(fulldomain, MESSAGE_C_IN, MESSAGE_T_SRV, buf, sizeof(buf));
#endif /* _WIN32 */
rc = ares_parse_srv_reply(buf, len, &srv);
if (rc != ARES_SUCCESS)
return XMPP_DOMAIN_NOT_FOUND;
if (len > 0)
set = resolver_srv_lookup_buf(ctx, buf, (size_t)len, srv_rr_list);
return set;
}
void resolver_srv_free(xmpp_ctx_t *ctx, resolver_srv_rr_t *srv_rr_list)
{
resolver_srv_rr_t *rr;
while (srv_rr_list != NULL) {
rr = srv_rr_list->next;
xmpp_free(ctx, srv_rr_list);
srv_rr_list = rr;
item = srv;
while (item != NULL) {
rr = xmpp_alloc(ctx, sizeof(*rr));
if (rr == NULL)
break;
rr->next = *srv_rr_list;
rr->priority = item->priority;
rr->weight = item->weight;
rr->port = item->port;
strncpy(rr->target, item->host, sizeof(rr->target) - 1);
rr->target[sizeof(rr->target) - 1] = '\0';
*srv_rr_list = rr;
item = item->next;
}
ares_free_data(srv);
return *srv_rr_list == NULL ? XMPP_DOMAIN_NOT_FOUND : XMPP_DOMAIN_FOUND;
}
#ifdef _WIN32
static void ares_srv_lookup_callback(void *arg, int status, int timeouts,
unsigned char *buf, int len)
{
struct resolver_ares_ctx *actx = arg;
if (status != ARES_SUCCESS)
actx->result = XMPP_DOMAIN_NOT_FOUND;
else
actx->result = resolver_ares_srv_lookup_buf(actx->ctx, buf, len,
&actx->srv_rr_list);
}
static int resolver_ares_srv_lookup(xmpp_ctx_t *ctx, const char *fulldomain,
resolver_srv_rr_t **srv_rr_list)
{
struct resolver_ares_ctx actx;
ares_channel chan;
struct timeval tv;
struct timeval *tvp;
fd_set rfds;
fd_set wfds;
int nfds;
int rc;
actx.ctx = ctx;
actx.result = XMPP_DOMAIN_NOT_FOUND;
actx.srv_rr_list = NULL;
rc = ares_init(&chan);
if (rc == ARES_SUCCESS) {
ares_query(chan, fulldomain, MESSAGE_C_IN, MESSAGE_T_SRV,
ares_srv_lookup_callback, &actx);
while (1) {
FD_ZERO(&rfds);
FD_ZERO(&wfds);
nfds = ares_fds(chan, &rfds, &wfds);
if (nfds == 0)
break;
tvp = ares_timeout(chan, NULL, &tv);
select(nfds, &rfds, &wfds, NULL, tvp);
ares_process(chan, &rfds, &wfds);
}
ares_destroy(chan);
}
*srv_rr_list = actx.srv_rr_list;
return actx.result;
}
#endif /* HAVE_CARES */
#ifdef _WIN32
/*******************************************************************************
* Next part was copied from sock.c and contains old win32 code.
*
@@ -470,21 +653,21 @@ static int resolver_win32_srv_lookup(xmpp_ctx_t *ctx, const char *fulldomain,
resolver_srv_rr_t *rr;
HINSTANCE hdnsapi = NULL;
DNS_STATUS (WINAPI * pDnsQuery_A)(PCSTR, WORD, DWORD, PIP4_ARRAY, PDNS_RECORD*, PVOID*);
void (WINAPI * pDnsRecordListFree)(PDNS_RECORD, DNS_FREE_TYPE);
DNS_STATUS (WINAPI * pDnsQuery_A)(PCSTR, WORD, DWORD, PIP4_ARRAY, DNS_RECORDA**, PVOID*);
void (WINAPI * pDnsRecordListFree)(DNS_RECORDA*, DNS_FREE_TYPE);
if (hdnsapi = LoadLibrary("dnsapi.dll")) {
pDnsQuery_A = (void *)GetProcAddress(hdnsapi, "DnsQuery_A");
pDnsRecordListFree = (void *)GetProcAddress(hdnsapi, "DnsRecordListFree");
if (pDnsQuery_A && pDnsRecordListFree) {
PDNS_RECORD dnsrecords = NULL;
DNS_RECORDA *dnsrecords = NULL;
DNS_STATUS error;
error = pDnsQuery_A(fulldomain, DNS_TYPE_SRV, DNS_QUERY_STANDARD, NULL, &dnsrecords, NULL);
if (error == 0) {
PDNS_RECORD current = dnsrecords;
DNS_RECORDA *current = dnsrecords;
while (current) {
if (current->wType == DNS_TYPE_SRV) {

View File

@@ -33,6 +33,9 @@ typedef struct resolver_srv_rr_struc {
struct resolver_srv_rr_struc *next;
} resolver_srv_rr_t;
void resolver_initialize(void);
void resolver_shutdown(void);
/** Perform lookup for RFC1035 message format.
* This function allocates all elements.
*

View File

@@ -197,8 +197,9 @@ void crypto_SHA1_Update(SHA1_CTX* context, const uint8_t* data,
size_t i, j;
j = (context->count[0] >> 3) & 63;
if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
context->count[1] += (len >> 29);
if ((context->count[0] += (uint32_t)len << 3) < ((uint32_t)len << 3))
context->count[1]++;
context->count[1] += (uint32_t)(len >> 29);
if ((j + len) > 63) {
memcpy(&context->buffer[j], data, (i = 64-j));
SHA1_Transform(context->state, context->buffer);

View File

@@ -33,9 +33,17 @@
#include <fcntl.h>
#endif
#include "common.h"
#include "sock.h"
#include "snprintf.h"
struct _xmpp_sock_t {
xmpp_ctx_t *ctx;
struct addrinfo *ainfo_list;
struct addrinfo *current;
sock_t sock;
};
void sock_initialize(void)
{
#ifdef _WIN32
@@ -69,13 +77,23 @@ static int _in_progress(int error)
#endif
}
sock_t sock_connect(const char * const host, const unsigned short port)
xmpp_sock_t *sock_new(xmpp_ctx_t *ctx, const char *host, unsigned short port)
{
sock_t sock;
xmpp_sock_t *xsock;
char service[6];
struct addrinfo *res, *ainfo, hints;
struct addrinfo hints;
int err;
xsock = xmpp_alloc(ctx, sizeof *xsock);
if (xsock == NULL) {
xmpp_error(ctx, "sock", "Memory allocation error.");
return NULL;
}
xsock->ctx = ctx;
xsock->ainfo_list = NULL;
xsock->current = NULL;
xsock->sock = -1;
xmpp_snprintf(service, 6, "%u", port);
memset(&hints, 0, sizeof(struct addrinfo));
@@ -86,11 +104,33 @@ sock_t sock_connect(const char * const host, const unsigned short port)
hints.ai_protocol = IPPROTO_TCP;
hints.ai_socktype = SOCK_STREAM;
err = getaddrinfo(host, service, &hints, &res);
if (err != 0)
return -1;
err = getaddrinfo(host, service, &hints, &xsock->ainfo_list);
if (err != 0) {
xmpp_free(ctx, xsock);
xsock = NULL;
}
return xsock;
}
for (ainfo = res; ainfo != NULL; ainfo = ainfo->ai_next) {
void sock_free(xmpp_sock_t *xsock)
{
if (xsock->ainfo_list != NULL)
freeaddrinfo(xsock->ainfo_list);
xmpp_free(xsock->ctx, xsock);
}
sock_t sock_connect(xmpp_sock_t *xsock)
{
struct addrinfo *ainfo;
sock_t sock = -1;
int err;
if (xsock->current == NULL)
ainfo = xsock->ainfo_list;
else
ainfo = xsock->current->ai_next;
for (; ainfo != NULL; ainfo = ainfo->ai_next) {
sock = socket(ainfo->ai_family, ainfo->ai_socktype, ainfo->ai_protocol);
if (sock < 0)
continue;
@@ -103,9 +143,13 @@ sock_t sock_connect(const char * const host, const unsigned short port)
}
sock_close(sock);
}
freeaddrinfo(res);
sock = ainfo == NULL ? -1 : sock;
xsock->sock = sock;
xsock->current = ainfo;
if (ainfo == NULL) {
freeaddrinfo(xsock->ainfo_list);
xsock->ainfo_list = NULL;
}
return sock;
}
@@ -158,38 +202,33 @@ int sock_close(const sock_t sock)
#endif
}
int sock_set_blocking(const sock_t sock)
static int _sock_set_blocking_mode(sock_t sock, int blocking)
{
#ifdef _WIN32
u_long block = 0;
return ioctlsocket(sock, FIONBIO, &block);
#else
int rc;
rc = fcntl(sock, F_GETFL, NULL);
if (rc >= 0) {
rc = fcntl(sock, F_SETFL, rc & (~O_NONBLOCK));
}
return rc;
#endif
}
int sock_set_nonblocking(const sock_t sock)
{
#ifdef _WIN32
u_long nonblock = 1;
u_long nonblock = blocking ? 0 : 1;
return ioctlsocket(sock, FIONBIO, &nonblock);
#else
int rc;
rc = fcntl(sock, F_GETFL, NULL);
if (rc >= 0) {
rc = fcntl(sock, F_SETFL, rc | O_NONBLOCK);
rc = blocking ? rc & (~O_NONBLOCK) : rc | O_NONBLOCK;
rc = fcntl(sock, F_SETFL, rc);
}
return rc;
#endif
}
int sock_set_blocking(const sock_t sock)
{
return _sock_set_blocking_mode(sock, 1);
}
int sock_set_nonblocking(const sock_t sock)
{
return _sock_set_blocking_mode(sock, 0);
}
int sock_read(const sock_t sock, void * const buff, const size_t len)
{
return recv(sock, buff, len, 0);

View File

@@ -25,12 +25,16 @@ typedef int sock_t;
typedef SOCKET sock_t;
#endif
typedef struct _xmpp_sock_t xmpp_sock_t;
void sock_initialize(void);
void sock_shutdown(void);
int sock_error(void);
sock_t sock_connect(const char * const host, const unsigned short port);
xmpp_sock_t *sock_new(xmpp_ctx_t *ctx, const char *host, unsigned short port);
void sock_free(xmpp_sock_t *xsock);
sock_t sock_connect(xmpp_sock_t *xsock);
int sock_close(const sock_t sock);
int sock_set_blocking(const sock_t sock);

View File

@@ -344,10 +344,16 @@ static int _render_stanza_recursive(xmpp_stanza_t *stanza,
}
tmp = _escape_xml(stanza->ctx,
(char *)hash_get(stanza->attributes, key));
if (tmp == NULL) return XMPP_EMEM;
if (tmp == NULL) {
hash_iter_release(iter);
return XMPP_EMEM;
}
ret = xmpp_snprintf(ptr, left, " %s=\"%s\"", key, tmp);
xmpp_free(stanza->ctx, tmp);
if (ret < 0) return XMPP_EMEM;
if (ret < 0) {
hash_iter_release(iter);
return XMPP_EMEM;
}
_render_update(&written, buflen, ret, &left, &ptr);
}
hash_iter_release(iter);
@@ -421,7 +427,12 @@ int xmpp_stanza_to_text(xmpp_stanza_t *stanza,
}
ret = _render_stanza_recursive(stanza, buffer, length);
if (ret < 0) return ret;
if (ret < 0) {
xmpp_free(stanza->ctx, buffer);
*buf = NULL;
*buflen = 0;
return ret;
}
if ((size_t)ret > length - 1) {
tmp = xmpp_realloc(stanza->ctx, buffer, ret + 1);
@@ -435,7 +446,12 @@ int xmpp_stanza_to_text(xmpp_stanza_t *stanza,
buffer = tmp;
ret = _render_stanza_recursive(stanza, buffer, length);
if ((size_t)ret > length - 1) return XMPP_EMEM;
if ((size_t)ret > length - 1) {
xmpp_free(stanza->ctx, buffer);
*buf = NULL;
*buflen = 0;
return XMPP_EMEM;
}
}
buffer[length - 1] = 0;
@@ -573,7 +589,6 @@ int xmpp_stanza_set_attribute(xmpp_stanza_t * const stanza,
val = xmpp_strdup(stanza->ctx, value);
if (!val) {
hash_release(stanza->attributes);
return XMPP_EMEM;
}
@@ -809,10 +824,11 @@ xmpp_stanza_t *xmpp_stanza_get_child_by_ns(xmpp_stanza_t * const stanza,
const char * const ns)
{
xmpp_stanza_t *child;
const char *child_ns;
for (child = stanza->children; child; child = child->next) {
if (xmpp_stanza_get_ns(child) &&
strcmp(ns, xmpp_stanza_get_ns(child)) == 0)
child_ns = xmpp_stanza_get_ns(child);
if (child_ns && strcmp(ns, child_ns) == 0)
break;
}

View File

@@ -31,6 +31,22 @@
#include "tls.h"
#include "sock.h"
/*
* Redefine OPENSSL_VERSION_NUMBER for LibreSSL.
* LibreSSL and OpenSSL use different and incompatible version schemes. Solve
* this issue in the way how nginx project did.
*/
#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
#undef OPENSSL_VERSION_NUMBER
#if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL)
#define OPENSSL_VERSION_NUMBER 0x1010000fL
#elif (LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
#define OPENSSL_VERSION_NUMBER 0x1000200fL
#else
#define OPENSSL_VERSION_NUMBER 0x1000107fL
#endif
#endif
struct _tls {
xmpp_ctx_t *ctx;
sock_t sock;
@@ -48,6 +64,7 @@ enum {
static void _tls_sock_wait(tls_t *tls, int error);
static void _tls_set_error(tls_t *tls, int error);
static void _tls_log_error(xmpp_ctx_t *ctx);
static void _tls_dump_cert_info(tls_t *tls);
void tls_initialize(void)
{
@@ -188,6 +205,7 @@ int tls_start(tls_t *tls)
x509_res = SSL_get_verify_result(tls->ssl);
xmpp_debug(tls->ctx, "tls", "Certificate verification %s",
x509_res == X509_V_OK ? "passed" : "FAILED");
_tls_dump_cert_info(tls);
_tls_set_error(tls, error);
return ret <= 0 ? 0 : 1;
@@ -199,6 +217,11 @@ int tls_stop(tls_t *tls)
int error;
int ret;
/* According to OpenSSL.org, we must not call SSL_shutdown(3)
if a previous fatal error has occurred on a connection. */
if (tls->lasterror == SSL_ERROR_SYSCALL || tls->lasterror == SSL_ERROR_SSL)
return 1;
while (1) {
++retries;
ret = SSL_shutdown(tls->ssl);
@@ -307,3 +330,26 @@ static void _tls_log_error(xmpp_ctx_t *ctx)
}
} while (e != 0);
}
static void _tls_dump_cert_info(tls_t *tls)
{
X509 *cert;
char *name;
cert = SSL_get_peer_certificate(tls->ssl);
if (cert == NULL)
xmpp_debug(tls->ctx, "tls", "Certificate was not presented by peer");
else {
name = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
if (name != NULL) {
xmpp_debug(tls->ctx, "tls", "Subject=%s", name);
OPENSSL_free(name);
}
name = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
if (name != NULL) {
xmpp_debug(tls->ctx, "tls", "Issuer=%s", name);
OPENSSL_free(name);
}
X509_free(cert);
}
}

View File

@@ -255,10 +255,18 @@ int tls_start(tls_t *tls)
NULL, 0, &(tls->hctxt), &sbdout,
&ctxtattr, NULL);
unsigned char *p = sbin[0].pvBuffer;
int len = 0;
while (ret == SEC_I_CONTINUE_NEEDED
|| ret == SEC_I_INCOMPLETE_CREDENTIALS) {
unsigned char *p = sbin[0].pvBuffer;
int len = 0, inbytes = 0;
|| ret == SEC_I_INCOMPLETE_CREDENTIALS
|| ret == SEC_E_INCOMPLETE_MESSAGE) {
int inbytes = 0;
if (ret != SEC_E_INCOMPLETE_MESSAGE) {
len = 0;
p = sbin[0].pvBuffer;
}
if (sbdout.pBuffers[0].cbBuffer) {
unsigned char *writebuff = sbdout.pBuffers[0].pvBuffer;

View File

@@ -169,6 +169,10 @@ typedef struct _xmpp_stanza_t xmpp_stanza_t;
* Trust server's certificate even if it is invalid.
*/
#define XMPP_CONN_FLAG_TRUST_TLS (1UL << 3)
/** @def XMPP_CONN_FLAG_LEGACY_AUTH
* Enable legacy authentication support.
*/
#define XMPP_CONN_FLAG_LEGACY_AUTH (1UL << 4)
/* connect callback */
typedef enum {

View File

@@ -16,18 +16,19 @@
#include "strophe.h"
#include "common.h"
#include "hash.h"
#include "test.h"
#define TABLESIZE 100
#define TESTSIZE 500
/* static test data */
const int nkeys = 5;
const char *keys[] = {
"foo", "bar", "baz", "quux", "xyzzy"
};
const char *values[] = {
"wuzzle", "mug", "canonical", "rosebud", "lottery"
};
const int nkeys = ARRAY_SIZE(keys);
int main(int argc, char **argv)
{
@@ -58,7 +59,7 @@ int main(int argc, char **argv)
}
/* allocate a hash table */
table = hash_new(ctx, TABLESIZE, NULL);
table = hash_new(ctx, TABLESIZE, xmpp_free);
if (table == NULL) {
/* table allocation failed! */
return 1;
@@ -66,7 +67,7 @@ int main(int argc, char **argv)
/* test insertion */
for (i = 0; i < nkeys; i++) {
err = hash_add(table, keys[i], (void*)values[i]);
err = hash_add(table, keys[i], xmpp_strdup(ctx, values[i]));
if (err) return err;
}
@@ -78,7 +79,7 @@ int main(int argc, char **argv)
/* test replacing old values */
for (i = 0; i < nkeys; i++) {
err = hash_add(table, keys[0], (void*)values[i]);
err = hash_add(table, keys[0], xmpp_strdup(ctx, values[i]));
if (err) return err;
if (hash_num_keys(table) != nkeys) return 1;
result = hash_get(table, keys[0]);
@@ -86,7 +87,7 @@ int main(int argc, char **argv)
if (strcmp(result, values[i]) != 0) return 1;
}
/* restore value for the 1st key */
hash_add(table, keys[0], (void*)values[0]);
hash_add(table, keys[0], xmpp_strdup(ctx, values[0]));
/* test cloning */
clone = hash_clone(table);