7 Commits

Author SHA1 Message Date
Dmitry Podgorny
2d5424bcff Release libstrophe-0.10.1 2020-12-24 16:04:21 +02:00
Dmitry Podgorny
5792d52461 doxygen: set correct version number 2020-12-19 02:33:14 +02:00
Dmitry Podgorny
09229e2cd5 conn: remove extra ; symbol 2020-10-07 20:18:20 +03:00
Dmitry Podgorny
c07ac0a68d conn: don't crash when user sets password to NULL
Make it possible to reset password to NULL. It is not required for
ANONYMOUS authentication. Also, report an error and disconnect if
password is not set and libstrophe should try authentication mechanisms
other than ANONYMOUS.
2020-09-30 20:56:52 +03:00
Dmitry Podgorny
60ce94c267 auth: add missed space in log message 2020-09-30 20:43:32 +03:00
Dmitry Podgorny
99f2d4fe54 travis-ci: build libstrophe against LibreSSL 2020-09-24 15:07:15 +03:00
Dmitry Podgorny
acced31192 tls/openssl: Fix undefined error codes for LibreSSL
LibreSSL doesn't define all error codes which OpenSSL defines. Wrap them
with #ifndef.

Reference: https://bugs.gentoo.org/744127
2020-09-24 13:34:49 +03:00
8 changed files with 41 additions and 13 deletions

View File

@@ -6,18 +6,20 @@ stages:
- style - style
- test - test
before_script: before_script:
- ./bootstrap.sh - ./travis/before_script.sh
env: env:
- CONFIGURE_OPT="--without-libxml2" - CONFIGURE_OPT="--without-libxml2"
- CONFIGURE_OPT="--with-libxml2" - CONFIGURE_OPT="--with-libxml2"
- CONFIGURE_OPT="--disable-tls" - CONFIGURE_OPT="--disable-tls"
- CONFIGURE_OPT="--enable-cares" - CONFIGURE_OPT="--enable-cares"
script: ./configure ${CONFIGURE_OPT} CFLAGS="-Werror" && make && make check - CONFIGURE_OPT="PKG_CONFIG_PATH=${HOME}/libressl/lib/pkgconfig" LIBRESSL=yes LIBRESSL_COMMIT="v3.1.4"
- CONFIGURE_OPT="PKG_CONFIG_PATH=${HOME}/libressl/lib/pkgconfig" LIBRESSL=yes LIBRESSL_COMMIT="v2.1.7"
script: ./bootstrap.sh && ./configure ${CONFIGURE_OPT} CFLAGS="-Werror" && make && make check
jobs: jobs:
include: include:
- stage: style - stage: style
name: "Check code style" name: "Check code style"
script: ./configure && make format && git diff --exit-code script: ./bootstrap.sh && ./configure && make format && git diff --exit-code
env: env:
- CONFIGURE_OPT="" - CONFIGURE_OPT=""
matrix: matrix:

View File

@@ -1,3 +1,7 @@
0.10.1
- Fixed compilation error when LibreSSL is used
- Fixed crash when NULL is provided as password
0.10.0 0.10.0
- Coding style has been unified - Coding style has been unified
- SCRAM-SHA-256 and SCRAM-SHA-512 support - SCRAM-SHA-256 and SCRAM-SHA-512 support

View File

@@ -38,7 +38,7 @@ PROJECT_NAME = Strophe
# could be handy for archiving the generated documentation or if some version # could be handy for archiving the generated documentation or if some version
# control system is used. # control system is used.
PROJECT_NUMBER = 0.9 PROJECT_NUMBER = 0.10
# Using the PROJECT_BRIEF tag one can provide an optional one line description # Using the PROJECT_BRIEF tag one can provide an optional one line description
# for a project that appears at the top of each page and should give viewer a # for a project that appears at the top of each page and should give viewer a

View File

@@ -1,4 +1,4 @@
AC_INIT([libstrophe], [0.10.0], [jack@metajack.im]) AC_INIT([libstrophe], [0.10.1], [jack@metajack.im])
AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign]) AM_INIT_AUTOMAKE([foreign])
LT_INIT([dlopen]) LT_INIT([dlopen])

View File

@@ -346,8 +346,7 @@ static int _handle_sasl_result(xmpp_conn_t *const conn,
} else { } else {
/* got unexpected reply */ /* got unexpected reply */
xmpp_error(conn->ctx, "xmpp", xmpp_error(conn->ctx, "xmpp",
"Got unexpected reply to SASL %s" "Got unexpected reply to SASL %s authentication.",
"authentication.",
(char *)userdata); (char *)userdata);
xmpp_disconnect(conn); xmpp_disconnect(conn);
} }
@@ -668,6 +667,10 @@ static void _auth(xmpp_conn_t *const conn)
xmpp_error(conn->ctx, "auth", xmpp_error(conn->ctx, "auth",
"No node in JID, and SASL ANONYMOUS unsupported."); "No node in JID, and SASL ANONYMOUS unsupported.");
xmpp_disconnect(conn); xmpp_disconnect(conn);
} else if (conn->pass == NULL) {
xmpp_error(conn->ctx, "auth",
"Password hasn't been set, and SASL ANONYMOUS unsupported.");
xmpp_disconnect(conn);
} else if (conn->sasl_support & SASL_MASK_SCRAM) { } else if (conn->sasl_support & SASL_MASK_SCRAM) {
scram_ctx = xmpp_alloc(conn->ctx, sizeof(*scram_ctx)); scram_ctx = xmpp_alloc(conn->ctx, sizeof(*scram_ctx));
if (conn->sasl_support & SASL_MASK_SCRAMSHA512) if (conn->sasl_support & SASL_MASK_SCRAMSHA512)

View File

@@ -420,7 +420,7 @@ void xmpp_conn_set_pass(xmpp_conn_t *const conn, const char *const pass)
{ {
if (conn->pass) if (conn->pass)
xmpp_free(conn->ctx, conn->pass); xmpp_free(conn->ctx, conn->pass);
conn->pass = xmpp_strdup(conn->ctx, pass); conn->pass = pass ? xmpp_strdup(conn->ctx, pass) : NULL;
} }
/** Get the strophe context that the connection is associated with. /** Get the strophe context that the connection is associated with.
@@ -951,7 +951,6 @@ long xmpp_conn_get_flags(const xmpp_conn_t *const conn)
XMPP_CONN_FLAG_LEGACY_SSL * conn->tls_legacy_ssl | XMPP_CONN_FLAG_LEGACY_SSL * conn->tls_legacy_ssl |
XMPP_CONN_FLAG_TRUST_TLS * conn->tls_trust | XMPP_CONN_FLAG_TRUST_TLS * conn->tls_trust |
XMPP_CONN_FLAG_LEGACY_AUTH * conn->auth_legacy_enabled; XMPP_CONN_FLAG_LEGACY_AUTH * conn->auth_legacy_enabled;
;
return flags; return flags;
} }

View File

@@ -81,6 +81,7 @@ const char *tls_errors[] = {
TLS_ERROR_FIELD(SSL_ERROR_ZERO_RETURN), TLS_ERROR_FIELD(SSL_ERROR_ZERO_RETURN),
TLS_ERROR_FIELD(SSL_ERROR_WANT_CONNECT), TLS_ERROR_FIELD(SSL_ERROR_WANT_CONNECT),
TLS_ERROR_FIELD(SSL_ERROR_WANT_ACCEPT), TLS_ERROR_FIELD(SSL_ERROR_WANT_ACCEPT),
#ifndef LIBRESSL_VERSION_NUMBER
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L
TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC), TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC),
TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC_JOB), TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC_JOB),
@@ -88,6 +89,7 @@ const char *tls_errors[] = {
#if OPENSSL_VERSION_NUMBER >= 0x10101000L #if OPENSSL_VERSION_NUMBER >= 0x10101000L
TLS_ERROR_FIELD(SSL_ERROR_WANT_CLIENT_HELLO_CB), TLS_ERROR_FIELD(SSL_ERROR_WANT_CLIENT_HELLO_CB),
#endif #endif
#endif /* !LIBRESSL_VERSION_NUMBER */
}; };
const char *cert_errors[] = { const char *cert_errors[] = {
TLS_ERROR_FIELD(X509_V_OK), TLS_ERROR_FIELD(X509_V_OK),
@@ -148,30 +150,34 @@ const char *cert_errors[] = {
TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX), TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX),
TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX), TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX),
TLS_ERROR_FIELD(X509_V_ERR_CRL_PATH_VALIDATION_ERROR), TLS_ERROR_FIELD(X509_V_ERR_CRL_PATH_VALIDATION_ERROR),
#ifndef LIBRESSL_VERSION_NUMBER
TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_VERSION), TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_VERSION),
TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_ALGORITHM), TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_ALGORITHM),
TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_CURVE), TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_CURVE),
TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM), TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM),
TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED), TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED),
TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256), TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256),
#endif /* !LIBRESSL_VERSION_NUMBER */
TLS_ERROR_FIELD(X509_V_ERR_HOSTNAME_MISMATCH), TLS_ERROR_FIELD(X509_V_ERR_HOSTNAME_MISMATCH),
TLS_ERROR_FIELD(X509_V_ERR_EMAIL_MISMATCH), TLS_ERROR_FIELD(X509_V_ERR_EMAIL_MISMATCH),
TLS_ERROR_FIELD(X509_V_ERR_IP_ADDRESS_MISMATCH), TLS_ERROR_FIELD(X509_V_ERR_IP_ADDRESS_MISMATCH),
#endif #endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */
#if OPENSSL_VERSION_NUMBER >= 0x10100000L #if OPENSSL_VERSION_NUMBER >= 0x10100000L
TLS_ERROR_FIELD(X509_V_ERR_INVALID_CALL),
TLS_ERROR_FIELD(X509_V_ERR_STORE_LOOKUP),
#ifndef LIBRESSL_VERSION_NUMBER
TLS_ERROR_FIELD(X509_V_ERR_PATH_LOOP), TLS_ERROR_FIELD(X509_V_ERR_PATH_LOOP),
TLS_ERROR_FIELD(X509_V_ERR_DANE_NO_MATCH), TLS_ERROR_FIELD(X509_V_ERR_DANE_NO_MATCH),
TLS_ERROR_FIELD(X509_V_ERR_EE_KEY_TOO_SMALL), TLS_ERROR_FIELD(X509_V_ERR_EE_KEY_TOO_SMALL),
TLS_ERROR_FIELD(X509_V_ERR_CA_KEY_TOO_SMALL), TLS_ERROR_FIELD(X509_V_ERR_CA_KEY_TOO_SMALL),
TLS_ERROR_FIELD(X509_V_ERR_CA_MD_TOO_WEAK), TLS_ERROR_FIELD(X509_V_ERR_CA_MD_TOO_WEAK),
TLS_ERROR_FIELD(X509_V_ERR_INVALID_CALL),
TLS_ERROR_FIELD(X509_V_ERR_STORE_LOOKUP),
TLS_ERROR_FIELD(X509_V_ERR_NO_VALID_SCTS), TLS_ERROR_FIELD(X509_V_ERR_NO_VALID_SCTS),
TLS_ERROR_FIELD(X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION), TLS_ERROR_FIELD(X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION),
TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_NEEDED), TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_NEEDED),
TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_FAILED), TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_FAILED),
TLS_ERROR_FIELD(X509_V_ERR_OCSP_CERT_UNKNOWN), TLS_ERROR_FIELD(X509_V_ERR_OCSP_CERT_UNKNOWN),
#endif #endif /* !LIBRESSL_VERSION_NUMBER */
#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
}; };
#undef TLS_ERROR_FIELD #undef TLS_ERROR_FIELD

14
travis/before_script.sh Executable file
View File

@@ -0,0 +1,14 @@
#!/bin/sh
if [ "x$LIBRESSL" = "xyes" ]; then
cd "$HOME"
git clone https://github.com/libressl-portable/portable.git libressl-git
cd libressl-git
if [ -n "$LIBRESSL_COMMIT" ]; then
git checkout "$LIBRESSL_COMMIT"
fi
./autogen.sh
./configure --prefix="$HOME/libressl"
make -j"$(nproc)"
make install
fi