Michael Santos
3797fc4151
macosx: fix compile errors
7 years ago
Michael Santos
38cd570d28
seccomp: allow restart_syscall in stdin sandbox
7 years ago
Michael Santos
cc828f582f
seccomp: allow restart_syscall
7 years ago
Michael Santos
9ae3dcc1a1
seccomp: raspbian: allow futex(2), sysinfo(2)
7 years ago
Michael Santos
da9d2f8e88
makefile: pass custom LDFLAGS to static build
7 years ago
Michael Santos
2d67d64ecb
Bump version to 0.9.3
7 years ago
Michael Santos
77c76d6626
makefile: enable full relro
7 years ago
Michael Santos
f0e7ef7c4c
Use -fstack-protector-strong
7 years ago
Michael Santos
2933964bca
capscicum: return result of setlrimit()
7 years ago
Michael Santos
efd009594b
makefile: fix static target
7 years ago
Michael Santos
3e1eea1069
sandbox/rlimit: return value of setrlimit()
7 years ago
Michael Santos
93c6e1378b
makefile: define behaviour for signed ints
7 years ago
Michael Santos
60895c46e4
README: use long options, bump version
...
Bump version for sandbox compilation changes.
7 years ago
Michael Santos
ec32315684
sandbox: use the lowercase name for configuration
7 years ago
Michael Santos
f0092fd58a
seccomp: adjust header for syscalls
7 years ago
Michael Santos
fa2ebb799d
Use libstrophe base64 support
...
Use the base64 interface in libstrophe for encoding/decoding instead of
the undocumented interfaces in libresolv.
7 years ago
Michael Santos
e28f208103
Optionally disable TLS cert verification
7 years ago
Michael Santos
3fa5755655
sandbox/rlimit: remove redundant code, ifdef's
7 years ago
Michael Santos
2cf8dc3f0b
Merge pull request #2 from pasis/attr-fix
...
Fix getting wrong attribute from stanza
7 years ago
Dmitry Podgorny
cca644045f
Fix getting wrong attribute from stanza
7 years ago
Michael Santos
c184ce68b2
Depend on libstrophe 0.9.2+
...
libstrophe 0.9.2 supports TLS certificate verification. Tested by:
* valid certificate: verified using strace that xmppipe is reading the
system SSL cert store
* invalid certificate:
sudo chmod 700 /usr/lib/ssl
Verified xmppipe rejected the cert as invalid without the local CA
root.
* valid certificate, invalid domain
Verified a subdomain hosted on the XMPP node but not included in the
TLS certificate is rejected.
7 years ago
Michael Santos
0ad3918c05
Fix options
...
Terminate long option list so xmppipe doesn't segfault when passed an
unknown option.
Correct the usage. Revert to using --ouput for the MUC name instead of
--stdout to avoid confusion.
7 years ago
Michael Santos
1d89c8cf96
cli: --output -> --stdout
7 years ago
Michael Santos
9fa747fd5c
seccomp: allow llseek(2) for TLS verification
...
libstrophe 0.9.2 uses OpenSSL to validate TLS certs by checking against
the system cert store.
Allow llseek(2). Probably a better way of handling syscalls is to allow
classes of syscalls based on OpenBSD's pledge.
7 years ago
Michael Santos
a6b81e9fbb
Merge branch 'pasis-uuid'
7 years ago
Dmitry Podgorny
ef78dc7deb
Replace libuuid with xmpp_uuid_gen()
...
xmpp_uuid_gen() appeared in libstrophe-0.9.0 and solves issues with
libuuid across different systems.
7 years ago
Michael Santos
f201c6a483
Add support for long options
7 years ago
Michael Santos
41a6897bc1
Use native strtonum(3) on BSDs
7 years ago
Michael Santos
78978f725d
sandbox: ignore return value of cap_rights_init(3)
8 years ago
Michael Santos
70423ab6a7
capsicum: remove duplicated process rlimit
8 years ago
Michael Santos
26ef980678
makefile: env vars to pass extra build flags
8 years ago
Michael Santos
db0769c1fd
makefile: fix static target
8 years ago
Michael Santos
3e9f34f1fb
openbsd/freebsd: cc hardening flags
8 years ago
Michael Santos
e98a6b24fa
Increment version for pre-connect sandbox
8 years ago
Michael Santos
20f8b5904c
Increment version for pre-connect sandbox
8 years ago
Michael Santos
81b4c2f4db
seccomp sandbox: allow sendmmsg(2)
8 years ago
Michael Santos
e3e3d0bcf9
seccomp: pre-connect sandbox
...
Preliminary pre-connect sandbox for Linux. Tested on 32-bit ARM,
requires testing on other platforms.
8 years ago
Michael Santos
140470458f
makefile: ensure compile before tests
8 years ago
Michael Santos
f734b5b77b
freebsd: disable forking in preconnect sandbox
8 years ago
Michael Santos
6aa2cb528e
sandbox: enforce rlimit restrictions before connect
...
Basic pre-connect sandbox: disable the ability for the xmppipe process
to fork.
8 years ago
Michael Santos
90c57630b6
openbsd: pre-connect pledge sandbox
8 years ago
Michael Santos
c17b196053
sandbox: add a pre-connect sandbox
...
Add a sandbox enforced before options are parsed and the connection is
established to the XMPP server. This sandbox will allow network
operations.
The post-connect sandbox is unchanged and restricts operations to stdio.
The commit just adds the infrastructure for the pre-connect sandbox.
8 years ago
Michael Santos
9a87cd4e1b
openbsd: fix compile error
8 years ago
Michael Santos
899e988a6f
roomname: use UID in default roomname
...
Use the UID of the xmppipe process instead of the PID in the default
name. This allows many processes running under the same user on a host
to share the same output channel and makes it easier to pre-create the
MUC if the xmppipe XMPP user does not have MUC creation privs.
8 years ago
Michael Santos
be90386d6e
stream management: check h value in server response
8 years ago
Michael Santos
f4d9184bac
Add wrapper around strtonum(3) for options
8 years ago
Michael Santos
cee9094fc8
options: use strtonum(3) to convert numbers
...
Limit the ranges for integers accepted as command line options.
8 years ago
Michael Santos
f30f666d87
Convert last handled stanza using strtonum(3)
8 years ago
Michael Santos
58cb075664
state: set room name/resource before options
8 years ago
Michael Santos
ad56bab3cc
xmppipe_roomname: use define for hostname
8 years ago