libstrophe 0.9.2 supports TLS certificate verification. Tested by:
* valid certificate: verified using strace that xmppipe is reading the
system SSL cert store
* invalid certificate:
sudo chmod 700 /usr/lib/ssl
Verified xmppipe rejected the cert as invalid without the local CA
root.
* valid certificate, invalid domain
Verified a subdomain hosted on the XMPP node but not included in the
TLS certificate is rejected.
Terminate long option list so xmppipe doesn't segfault when passed an
unknown option.
Correct the usage. Revert to using --ouput for the MUC name instead of
--stdout to avoid confusion.
libstrophe 0.9.2 uses OpenSSL to validate TLS certs by checking against
the system cert store.
Allow llseek(2). Probably a better way of handling syscalls is to allow
classes of syscalls based on OpenBSD's pledge.
Add a sandbox enforced before options are parsed and the connection is
established to the XMPP server. This sandbox will allow network
operations.
The post-connect sandbox is unchanged and restricts operations to stdio.
The commit just adds the infrastructure for the pre-connect sandbox.
Use the UID of the xmppipe process instead of the PID in the default
name. This allows many processes running under the same user on a host
to share the same output channel and makes it easier to pre-create the
MUC if the xmppipe XMPP user does not have MUC creation privs.
Whether gethostname(2) returns an error depends on the implementation.
Some implementations:
* truncate the hostname if length is less than the hostname, with or
without a trailing NULL
* return -1 if length is less than hostname
* return -1 if length is 0
Set a default name if gethostanme() returns error.
Some errors will cause the XMPP file descriptor to be closed before
xmppipe exits. Return EBADF if close is called since the process will
terminate anyway.
When base64 encoding is enabled, ignore any messages that fail base64
decoding.
Previously signed-unsigned integer conversion would cause the return
value of b64_pton() on error (a negative integer) to be converted to a
large value. The attempt to allocate this value would force xmppipe to
exit.
