Cleanup some warnings

2.0.1

Cleanup warnings (#96)

Version 1.0

Version 1.0

SSL/TLS Add-in framework for BlueSocket in Swift using the Swift Package Manager. Works on supported Apple platforms (using Secure Transport) and on Linux (using OpenSSL).

Prerequisites

Swift

• Swift Open Source swift-4.0.0-RELEASE toolchain (Minimum REQUIRED for latest release)
• Swift Open Source swift-5.0-RELEASE toolchain (Recommended)
• Swift toolchain included in Xcode Version 10.2 (10E125) or higher.

macOS

• macOS 10.11.6 (El Capitan) or higher.
• Xcode Version 9.0 (9A325) or higher using one of the above toolchains.
• Xcode Version 10.2 (10E125) or higher using the included toolchain (Recommended).
• Secure Transport provided by macOS.

iOS

• iOS 10.0 or higher
• Xcode Version 9.0 (9A325) or higher using one of the above toolchains.
• Xcode Version 10.2 (10E125) or higher using the included toolchain (Recommended).
• Secure Transport provided by iOS.

Linux

• Ubuntu 16.04 (or 16.10 but only tested on 16.04 and 18.04).
• One of the Swift Open Source toolchains listed above.
• OpenSSL is provided by the distribution. Note: 1.0.x, 1.1.x and later releases of OpenSSL are supported.
• The appropriate libssl-dev package is required to be installed when building.

Other Platforms

• BlueSSLService is NOT supported on watchOS since POSIX/BSD/Darwin sockets are not supported on the actual device although they are supported in the simulator.
• BlueSSLService should work on tvOS but has NOT been tested.

Changes since 1.0.0

• Require latest version of BlueSocket.
• Update to Swift 4.1.
• Support SSL_OP* constants defined as longs. Use CLong to explicitly cast these options where used. PR #52.
• Update to include Swift 4.2 in CI builds.
• Added prerequisite that the libssl-dev package is required to be installed when building on Linux.
• Minor license update.
• Updates for Xcode 10 to project.
• Swift 4.2 support. PR #57
• Make Swift 4.2 the default compiler in project.
• Rename Swift 4.2 OpenSSL system library target (#59)
• Revert (#59) back to using OpenSSL module in 4.2 format. PR #60.
• Update for Swift 4.2 and Xcode 10.
• Add support for OpenSSL 1.1.x aa well as OpenSSL 1.0.x. PR #61.
• Added CI support for building with Swift 5. PR #64.
• Fixed handshake bug that could prevent a connection when BlueSSLService is used on the client side.
• Added unit tests for cursory (at least for now) testing BlueSSLService.
• Removed requirement of Swift 4.2 to support OpenSSL 1.1.x. OpenSSL 1.1.x is now supported using Swift 4.0, 4.1 and 4.2.
• Provided more explicit documentation in the README for specifying which APIs are supported on which platforms and added warnings to documentation for APIs that are not supported on Apple Platforms.
• Update CI support to use Swift 4.2.3. PR #72
• Update to Swift 5.0. PR #73.
• Fixed for intermittent crash. PR #74
• Add CI support for Xcode 11.
• Fix warnings using Swift 5.1. PR #80
• Update to use Swift 5.1 as default.
• Added feature when using self signed certificates to allow client to check the server certificate using an embedded local certificate. PR #81.

Swift 4 Support.

This release minimally requires use of the swift-3.1.1-RELEASE toolchain or the swift-4.0.0-RELEASE toolchain which is recommended.

• Compatible with Xcode 9.0 (9A235) General Release or higher using one of the above toolchains.
• On Linux this release support OpenSSL 1.0.x only.
• Corrected some issues with SSL error handling on Linux. PR #42.
• Added framework target to Xcode project, issue #44.
• Added Cathage support. #44. #45.
• Remove build on Xcode 8.3.
• CI updates.
• Changes to adapt to Swift 4.1.

Swift 4 Support.

This release minimally requires use of the swift-3.1.1-RELEASE toolchain or the swift-4.0.0-RELEASE toolchain which is recommended.

• Compatible with Xcode 9.0 (9A235) General Release or higher using one of the above toolchains.

• This version supports Apple Secure Transport on Apple Platforms and OpenSSL on Linux.

• At present on Apple platforms, only PKCS12 files are accepted in the Configuration. You should use the init function described below and further in the README.md.

• Also, on Apple platforms, changing of the cipherSuite property is not supported. Please use the default.

• Added new parameter to init function in Configuration that allows optionally specifying a password for the PKCS12 certificate chain file. That signature now looks like this:

  public init(withChainFilePath chainFilePath: String?, withPassword password: String? = nil, usingSelfSignedCerts selfSigned: Bool = true)

• Loosened up the too stringent certificate verification process.

• Added client support when using Secure Transport on Apple platforms.

• Added optional connection verification callback feature. See the section Extending Connection Verification in the README.md.

• Added optional connection verification bypass feature. See the section Skipping Connection Verification in the README.md.

• Allow use on iOS, tvOS and watchOS as well as macOS.

• Use version 0.10.24 on master if you wish to use the version that uses OpenSSL on both platforms.

• This version now merged onto master.

• Added CI (PR#2).

• Fixed Kitura issue -> #852

• A new, defaulted to nil, optional parameter has been added to the end of each of the Configuration init functions. This feature allows the setting of the cipherSuite. If this parameter is set to nil, the default cipherSuite for the platform will be used. Note: Setting the cipher suite on Apple platforms is currently not supported and attempting to do so may result in unpredictable behavior. See the README.md for more information.

• Added a new Configuration initializer that allows creating a Configuration that does NOT contain a backing certificate or certificate chain.

• Fixed issue #959 from Kitura.

• Added support (currently on Linux only) for creating a configuration that is based on PEM formatted certificate passed in as a string. Issue #10. See the README.md for information about the new configuration API. Note: This functionality has had only minimal testing. Use with caution and report any anomalies.

• Fixed issue #11 by implementing issue #12 alleviating a performance hit when processing the PKCS12 file on macOS.

• Fix for issue #983 from Kitura. On macOS, the SSLContext must only be used by one thread at a time. Access to use of it must be protected. Introduced a new SSLReadWriteDispatcher struct that allows for sync'ing access to the context when doing reads and writes. This effectively forces reads and write to occur serially.

• Related to the above fix, apparently on Linux, simultaneous reads and writes are not thread safe. Used the previously introduced SSLReadWriteDispatcher struct that allows for sync'ing access when doing reads and writes. This effectively forces reads and write to occur serially.

• Also on Linux, added a check to see if the remote connection has gone away prior to issuing a SSL_shutdown() request. This should alleviate the problem of apps receiving a SIGPIPE when attempting to shutdown SSL after the remote has already terminated.

• Fixed issue #16. Default cipher suite was not being enabled on macOS.

• More on issue #16. Enabled ECDH ciphers if linking with OpenSSL 1.0.2 or higher.

• Fixed issue #18 and #19.

• Merged PR #20.

• Bug fixes related to rejected PR #21. On Linux, after SSL_read or SSL_write, need to get the last error using SSL_get_error(). The error is NOT in the return code. If returning from SSL_write and the error is SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, an SSLError.retryNeeded exception is thrown. If we're returning from SSL_read under the same circumstances, we set the errno to EAGAIN and return -1.

• Add an option to allow clients to connect to servers that are using self-signed certificates. PR #24.

• The initializer used to create a configuration without a backing certificate should (when being used as a client) allow self-signed certificates. Reference closed PR #25.

• Added podspec for cocoapod integration. PR #27.

• Update podspec to include watchOS and tvOS. PR #29

• Support of Xcode 9 Beta.

• Fix for problem with using the default Configuration initializer. PR #30

• Fix for problem when importing PKCS12 that causes index out of bounds and subsequent crash. PR #31

• Support for ALPN. PR #26. Important Note: Usage of this functionality is dependent on the availability of version 1.0.2 of OpenSSL or higher at build and runtime.

• Fix for using client certificates (Issue #28) via PR #33.

• Automatically enabled ECDH ciphers if linking with OpenSSL v1.0.2 or higher. See related issue #16. Previously, this required the setting of a compile time switch. That requirement has been eliminated.

• Reverted PR #33 to fix issue #36.

• Changed the default enabled cipher list from "DEFAULT" to "DEFAULT:!DH". This effectively disables DH ciphers which is fine since currently there's no API to allow setup of the required DH keys.

• Swift 4 Support.

• Remove support for watchOS. See BlueSocket issue #87 for more information.

Experimental Release using Secure Transport on macOS and OpenSSL on Linux.

This release minimally requires use of the swift-3.0-RELEASE toolchain or the swift-DEVELOPMENT-SNAPSHOT-2016-09-27-a toolchain which is recommended.

CAUTION: THIS RELEASE IS STILL STABILIZING. USE AT YOUR OWN RISK.

• Compatible with Xcode 8 General Release using one of the above toolchains.

• This version supports Apple Secure Transport on macOS and OpenSSL on Linux.

• At present on macOS, only PKCS12 files are accepted in the Configuration. You should use the init function described below and further in the README.md.

• Also, on macOS, changing of the cipherSuite property is not supported. Please use the default.

• Added new parameter to init function in Configuration that allows optionally specifying a password for the PKCS12 certificate chain file. That signature now looks like this:

  public init(withChainFilePath chainFilePath: String? = nil, withPassword password: String? = nil, usingSelfSignedCerts selfSigned: Bool = true)

• Loosened up the too stringent certificate verification process.

• Added client support when using Secure Transport on macOS.

• Added optional connection verification callback feature. See the section Extending Connection Verification in the README.md.

• Allow use on iOS, tvOS and watchOS as well as macOS.

• This version is experimental and relatively lightly tested.

• Use version 0.10.x on master if you wish to use the version that uses OpenSSL on both platforms.

• This version now merged onto master.

Update to latest (9/27) toolchain.

This release minimally requires use of the swift-3.0-RELEASE toolchain or the swift-DEVELOPMENT-SNAPSHOT-2016-09-27-a toolchain which is recommended.

• Compatible with Xcode 8 General Release using one of the above toolchains.
• Added password property to Configuration.
• Removed verifyConnection() function from delegate. Now handled internally.
• Ensured that OpenSSL libraries are only initialized once.
• Minor change to initialize delegate function of SSLServiceDelegate. SSLService.inititalize(isServer:) became SSLService.initialize(asServer:).
• Loosened up the too stringent certificate verification process.

Update to latest Xcode (Beta 6) and toolchain (8/15).

This release requires use of the swift-DEVELOPMENT-SNAPSHOT-2016-08-15-a toolchain.

• Compatible with Xcode 8 Beta 6 using the above toolchain.
• Added password property to Configuration.
• Removed verifyConnection() function from delegate. Now handled internally.
• Ensured that OpenSSL libraries are only initialized once.
• Minor change to initialize delegate function of SSLServiceDelegate. SSLService.inititalize(isServer:) became SSLService.initialize(asServer:).

Update for latest (8/7) toolchain.

This release requires use of the swift-DEVELOPMENT-SNAPSHOT-2016-08-04-a toolchain or the new swift-DEVELOPMENT-SNAPSHOT-2016-08-07-a toolchain.

• Compatible with Xcode 8 Beta 4 using the above toolchain.
• Added password property to Configuration.
• Removed verifyConnection() function from delegate. Now handled internally.
• Ensured that OpenSSL libraries are only initialized once.

Update to the latest (7/25) toolchain.

This release requires use of the new swift-DEVELOPMENT-SNAPSHOT-2016-07-25-a toolchain.

Note: Due to inconsistencies in the implementation of Data on macOS and Linux, this release continues to use the NSData and NSMutableData types. Once these inconsistencies are rectified, the Data type will be adopted.

Also, note the version jump to 0.7.0 to sync up with BlueSocket.

Updated for swift-DEVELOPMENT-SNAPSHOT-2016-06-20-a toolchain.

This release requires use of the new swift-DEVELOPMENT-SNAPSHOT-2016-06-20-a toolchain. No other changes.