Age | Commit message (Collapse) | Author |
|
|
|
|
|
slixmpp is vulnerable to roster push attacks as described by Daniel
Gultsch at https://gultsch.de/gajim_roster_push_and_message_interception.html.
(CVE-2015-8688)
|
|
|
|
since iq.send is non-blocking, some features handlers could end up
being executed before others were set, leading to issues. Adding yield
from where it’s necessary fixes that.
|
|
Conflicts:
README.rst
examples/IoT_TestDevice.py
examples/disco_browser.py
setup.py
sleekxmpp/jid.py
sleekxmpp/plugins/google/auth/stanza.py
sleekxmpp/plugins/google/gmail/notifications.py
sleekxmpp/plugins/google/nosave/stanza.py
sleekxmpp/plugins/google/settings/settings.py
sleekxmpp/thirdparty/__init__.py
sleekxmpp/thirdparty/socks.py
sleekxmpp/thirdparty/statemachine.py
sleekxmpp/util/__init__.py
sleekxmpp/xmlstream/xmlstream.py
slixmpp/basexmpp.py
slixmpp/plugins/xep_0004/stanza/form.py
slixmpp/plugins/xep_0009/rpc.py
slixmpp/plugins/xep_0050/adhoc.py
slixmpp/plugins/xep_0065/proxy.py
slixmpp/plugins/xep_0084/stanza.py
slixmpp/plugins/xep_0202/time.py
slixmpp/plugins/xep_0323/sensordata.py
slixmpp/plugins/xep_0325/control.py
slixmpp/plugins/xep_0325/stanza/control.py
slixmpp/roster/single.py
slixmpp/stanza/atom.py
slixmpp/stanza/rootstanza.py
slixmpp/test/slixtest.py
slixmpp/util/sasl/mechanisms.py
slixmpp/version.py
slixmpp/xmlstream/stanzabase.py
tests/test_stanza_xep_0323.py
tests/test_stanza_xep_0325.py
tests/test_stream_xep_0323.py
tests/test_stream_xep_0325.py
|
|
(use_tls is useless since slixmpp will always try to use starttls
whenever possible)
|
|
|
|
|
|
|
|
This is a big-and-dirty commit with a bunch of cleanup, maybe breaking a few
things, and not fixing all iq.send() calls yet.
|
|
|
|
Scheduled events, connection, TLS handshake (with STARTTLS), read and write
on the socket are all done using only asyncio.
A lot of threads, and thread-related (and thus useless) things still remain.
This is only a first step.
|
|
|