Compare commits
1 Commits
control-au
...
0.13.0
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
d6d71e97f8 |
12
ChangeLog
12
ChangeLog
@@ -1,3 +1,13 @@
|
||||
0.13.0
|
||||
- Fix connected/connecting signaling to user (#227)
|
||||
- Fix wording of licensing terms (#225)
|
||||
- Prepare for future changes in OpenSSL (#226)
|
||||
- Improve Stream Management (#227) (#230)
|
||||
- Add SCRAM-PLUS Variants (#228)
|
||||
- Introduce XEP-0138 stream compression (#231)
|
||||
- Deprecated the following API (#227):
|
||||
- xmpp_conn_disable_tls() - replaced by a flag set by xmpp_conn_set_flags()
|
||||
|
||||
0.12.3
|
||||
- Improve TCP-connection establishment (#221)
|
||||
- Handle case where the server doesn't provide the `bind` feature (#224)
|
||||
@@ -21,7 +31,7 @@
|
||||
- Fix some build steps when builddir != srcdir (#208)
|
||||
- Allow the user to disable build of examples (#209)
|
||||
- CI builds against OpenSSL 3 (#206)
|
||||
- Change the call signature of the following API:
|
||||
- Change the call signature of the following API (#208):
|
||||
- xmpp_conn_set_client_cert() - the PKCS#12 file has now to be passed via the `cert`
|
||||
parameter. Originally it was via `key`. Currently both styles are supported,
|
||||
but in a future release only passing via `cert` will be accepted.
|
||||
|
||||
2
Doxyfile
2
Doxyfile
@@ -38,7 +38,7 @@ PROJECT_NAME = Strophe
|
||||
# could be handy for archiving the generated documentation or if some version
|
||||
# control system is used.
|
||||
|
||||
PROJECT_NUMBER = 0.12
|
||||
PROJECT_NUMBER = 0.13
|
||||
|
||||
# Using the PROJECT_BRIEF tag one can provide an optional one line description
|
||||
# for a project that appears at the top of each page and should give viewer a
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
m4_define([v_maj], [0])
|
||||
m4_define([v_min], [12])
|
||||
m4_define([v_patch], [3])
|
||||
m4_define([v_min], [13])
|
||||
m4_define([v_patch], [0])
|
||||
m4_define([project_version], [v_maj.v_min.v_patch])
|
||||
|
||||
m4_define([lt_cur], m4_eval(v_maj + v_min))
|
||||
|
||||
10
src/auth.c
10
src/auth.c
@@ -799,9 +799,7 @@ static void _auth(xmpp_conn_t *conn)
|
||||
conn->ctx, "auth",
|
||||
"Password hasn't been set, and SASL ANONYMOUS unsupported.");
|
||||
xmpp_disconnect(conn);
|
||||
} else if ((conn->sasl_support & SASL_MASK_SCRAM_PLUS) ||
|
||||
((conn->sasl_support & SASL_MASK_SCRAM_WEAK) &&
|
||||
!conn->only_strong_auth)) {
|
||||
} else if (conn->sasl_support & SASL_MASK_SCRAM) {
|
||||
size_t n;
|
||||
scram_ctx = strophe_alloc(conn->ctx, sizeof(*scram_ctx));
|
||||
memset(scram_ctx, 0, sizeof(*scram_ctx));
|
||||
@@ -859,8 +857,7 @@ static void _auth(xmpp_conn_t *conn)
|
||||
|
||||
/* SASL algorithm was tried, unset flag */
|
||||
conn->sasl_support &= ~scram_ctx->alg->mask;
|
||||
} else if ((conn->sasl_support & SASL_MASK_DIGESTMD5) &&
|
||||
conn->weak_auth_enabled) {
|
||||
} else if (conn->sasl_support & SASL_MASK_DIGESTMD5) {
|
||||
auth = _make_sasl_auth(conn, "DIGEST-MD5");
|
||||
if (!auth) {
|
||||
disconnect_mem_error(conn);
|
||||
@@ -874,8 +871,7 @@ static void _auth(xmpp_conn_t *conn)
|
||||
|
||||
/* SASL DIGEST-MD5 was tried, unset flag */
|
||||
conn->sasl_support &= ~SASL_MASK_DIGESTMD5;
|
||||
} else if ((conn->sasl_support & SASL_MASK_PLAIN) &&
|
||||
conn->weak_auth_enabled) {
|
||||
} else if (conn->sasl_support & SASL_MASK_PLAIN) {
|
||||
auth = _make_sasl_auth(conn, "PLAIN");
|
||||
if (!auth) {
|
||||
disconnect_mem_error(conn);
|
||||
|
||||
@@ -259,8 +259,6 @@ struct _xmpp_conn_t {
|
||||
int sasl_support; /* if true, field is a bitfield of supported
|
||||
mechanisms */
|
||||
int auth_legacy_enabled;
|
||||
int weak_auth_enabled;
|
||||
int only_strong_auth;
|
||||
int secured; /* set when stream is secured with TLS */
|
||||
xmpp_certfail_handler certfail_handler;
|
||||
xmpp_password_callback password_callback;
|
||||
|
||||
@@ -1133,8 +1133,6 @@ long xmpp_conn_get_flags(const xmpp_conn_t *conn)
|
||||
XMPP_CONN_FLAG_DISABLE_SM * conn->sm_disable |
|
||||
XMPP_CONN_FLAG_ENABLE_COMPRESSION * conn->compression.allowed |
|
||||
XMPP_CONN_FLAG_COMPRESSION_DONT_RESET * conn->compression.dont_reset |
|
||||
XMPP_CONN_FLAG_WEAK_AUTH * conn->weak_auth_enabled |
|
||||
XMPP_CONN_FLAG_STRONG_AUTH * conn->only_strong_auth |
|
||||
XMPP_CONN_FLAG_LEGACY_AUTH * conn->auth_legacy_enabled;
|
||||
|
||||
return flags;
|
||||
@@ -1190,14 +1188,11 @@ int xmpp_conn_set_flags(xmpp_conn_t *conn, long flags)
|
||||
(flags & XMPP_CONN_FLAG_ENABLE_COMPRESSION) ? 1 : 0;
|
||||
conn->compression.dont_reset =
|
||||
(flags & XMPP_CONN_FLAG_COMPRESSION_DONT_RESET) ? 1 : 0;
|
||||
conn->weak_auth_enabled = (flags & XMPP_CONN_FLAG_WEAK_AUTH) ? 1 : 0;
|
||||
conn->only_strong_auth = (flags & XMPP_CONN_FLAG_STRONG_AUTH) ? 1 : 0;
|
||||
flags &= ~(XMPP_CONN_FLAG_DISABLE_TLS | XMPP_CONN_FLAG_MANDATORY_TLS |
|
||||
XMPP_CONN_FLAG_LEGACY_SSL | XMPP_CONN_FLAG_TRUST_TLS |
|
||||
XMPP_CONN_FLAG_LEGACY_AUTH | XMPP_CONN_FLAG_DISABLE_SM |
|
||||
XMPP_CONN_FLAG_ENABLE_COMPRESSION |
|
||||
XMPP_CONN_FLAG_COMPRESSION_DONT_RESET |
|
||||
XMPP_CONN_FLAG_WEAK_AUTH | XMPP_CONN_FLAG_STRONG_AUTH);
|
||||
XMPP_CONN_FLAG_COMPRESSION_DONT_RESET);
|
||||
if (flags) {
|
||||
strophe_error(conn->ctx, "conn", "Flags 0x%04lx unknown", flags);
|
||||
return XMPP_EINVOP;
|
||||
|
||||
@@ -208,14 +208,6 @@ typedef struct _xmpp_sm_t xmpp_sm_state_t;
|
||||
* Only enable this flag if you know what you're doing.
|
||||
*/
|
||||
#define XMPP_CONN_FLAG_COMPRESSION_DONT_RESET (1UL << 7)
|
||||
/** @def XMPP_CONN_FLAG_WEAK_AUTH
|
||||
* Allow weak authentication methods (DIGEST-MD5 and PLAIN).
|
||||
*/
|
||||
#define XMPP_CONN_FLAG_WEAK_AUTH (1UL << 8)
|
||||
/** @def XMPP_CONN_FLAG_STRONG_AUTH
|
||||
* Only allow strong authentication methods (Only the SCRAM-*-PLUS variants).
|
||||
*/
|
||||
#define XMPP_CONN_FLAG_STRONG_AUTH (1UL << 9)
|
||||
|
||||
/* connect callback */
|
||||
typedef enum {
|
||||
|
||||
Reference in New Issue
Block a user