/pidgin/main: 3c9c77b80a6c: Merge the release-2.x.y branch into ...
Mark Doliner
mark at kingant.net
Sat Feb 1 14:19:35 EST 2014
Changeset: 3c9c77b80a6cb9c7bf2de15931169a9de679f8d7
Author: Mark Doliner <mark at kingant.net>
Date: 2014-02-01 11:13 -0800
Branch: default
URL: https://hg.pidgin.im/pidgin/main/rev/3c9c77b80a6c
Description:
Merge the release-2.x.y branch into default.
A few manual merges... nothing too bad.
diffstat:
ChangeLog | 5 +
ChangeLog.API | 6 +
libpurple/protocols/jabber/iq.c | 51 +-
libpurple/protocols/jabber/jutil.c | 33 +-
libpurple/protocols/jabber/jutil.h | 8 +-
pidgin/plugins/unity.c | 2 +-
pidgin/win32/nsis/create_nsis_translations.pl | 3 +-
po/ChangeLog | 3 +
po/POTFILES.in | 2 +-
po/da.po | 4 +-
po/es.po | 3224 +++++++++++++++---------
11 files changed, 2061 insertions(+), 1280 deletions(-)
diffs (truncated from 4721 to 300 lines):
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -61,6 +61,11 @@ version 3.0.0 (??/??/????):
* Various core components of libpurple are now GObjects.
* Ciphers are now built from the libpurple directory.
+version 2.10.9:
+ XMPP:
+ * Fix problems logging into some servers including jabber.org and
+ chat.facebook.com. (#15879)
+
version 2.10.8 (1/28/2014):
General:
* Python build scripts and example plugins are now compatible with
diff --git a/ChangeLog.API b/ChangeLog.API
--- a/ChangeLog.API
+++ b/ChangeLog.API
@@ -459,6 +459,12 @@ version 3.0.0 (??/??/????):
* _GntTreeColumnFlag
* _GntWidgetFlags
+version 2.10.9:
+ * No changes
+
+version 2.10.8:
+ * No changes
+
version 2.10.7:
* No changes
diff --git a/libpurple/protocols/jabber/iq.c b/libpurple/protocols/jabber/iq.c
--- a/libpurple/protocols/jabber/iq.c
+++ b/libpurple/protocols/jabber/iq.c
@@ -283,6 +283,52 @@ void jabber_iq_remove_callback_by_id(Jab
g_hash_table_remove(js->iq_callbacks, id);
}
+/**
+ * Verify that the 'from' attribute of an IQ reply is a valid match for
+ * a given IQ request. The expected behavior is outlined in section
+ * 8.1.2.1 of the XMPP CORE spec (RFC 6120). We consider the reply to
+ * be a valid match if any of the following is true:
+ * - Request 'to' matches reply 'from' (including the case where
+ * neither are set).
+ * - Request 'to' was empty and reply 'from' is server JID.
+ * - Request 'to' was empty and reply 'from' is my JID. The spec says
+ * we should only allow bare JID, but we also allow full JID for
+ * compatibility with some servers.
+ *
+ * These rules should allow valid IQ replies while preventing spoofed
+ * ones.
+ *
+ * For more discussion see the "Spoofing of iq ids and misbehaving
+ * servers" email thread from January 2014 on the jdev and security
+ * mailing lists.
+ *
+ * @return TRUE if this reply is valid for the given request.
+ */
+static gboolean does_reply_from_match_request_to(JabberStream *js, JabberID *to, JabberID *from)
+{
+ if (jabber_id_equal(to, from)) {
+ /* Request 'to' matches reply 'from' */
+ return TRUE;
+ }
+
+ if (!to && purple_strequal(from->domain, js->user->domain)) {
+ /* Request 'to' is empty and reply 'from' domain matches our domain */
+
+ if (!from->node && !from->resource) {
+ /* Reply 'from' is server bare JID */
+ return TRUE;
+ }
+
+ if (purple_strequal(from->node, js->user->node)
+ && (!from->resource || purple_strequal(from->resource, js->user->resource))) {
+ /* Reply 'from' is my full or bare JID */
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
+
void jabber_iq_parse(JabberStream *js, PurpleXmlNode *packet)
{
JabberIqCallbackData *jcd;
@@ -377,8 +423,9 @@ void jabber_iq_parse(JabberStream *js, P
/* First, lets see if a special callback got registered */
if(type == JABBER_IQ_RESULT || type == JABBER_IQ_ERROR) {
- if((jcd = g_hash_table_lookup(js->iq_callbacks, id))) {
- if(jabber_id_equal(js, jcd->to, from_id)) {
+ jcd = g_hash_table_lookup(js->iq_callbacks, id);
+ if (jcd) {
+ if (does_reply_from_match_request_to(js, jcd->to, from_id)) {
jcd->callback(js, from, type, id, packet, jcd->data);
jabber_iq_remove_callback_by_id(js, id);
jabber_id_free(from_id);
diff --git a/libpurple/protocols/jabber/jutil.c b/libpurple/protocols/jabber/jutil.c
--- a/libpurple/protocols/jabber/jutil.c
+++ b/libpurple/protocols/jabber/jutil.c
@@ -513,30 +513,21 @@ jabber_id_free(JabberID *jid)
gboolean
-jabber_id_equal(JabberStream *js, const JabberID *jid1, const JabberID *jid2)
+jabber_id_equal(const JabberID *jid1, const JabberID *jid2)
{
- const JabberID *j1, *j2;
- JabberID *bare_user_jid;
- gboolean equal;
+ if (!jid1 && !jid2) {
+ /* Both are null therefore equal */
+ return TRUE;
+ }
- /* If an outgoing stanza has no 'to', or an incoming has no 'from',
- * then those are "the server acting as my account". This function will
- * handle that correctly.
- */
- if (!jid1 && !jid2)
- return TRUE;
+ if (!jid1 || !jid2) {
+ /* One is null, other is non-null, therefore not equal */
+ return FALSE;
+ }
- bare_user_jid = jabber_id_to_bare_jid(js->user);
- j1 = jid1 ? jid1 : bare_user_jid;
- j2 = jid2 ? jid2 : bare_user_jid;
-
- equal = purple_strequal(j1->node, j2->node) &&
- purple_strequal(j1->domain, j2->domain) &&
- purple_strequal(j1->resource, j2->resource);
-
- jabber_id_free(bare_user_jid);
-
- return equal;
+ return purple_strequal(jid1->node, jid2->node) &&
+ purple_strequal(jid1->domain, jid2->domain) &&
+ purple_strequal(jid1->resource, jid2->resource);
}
char *jabber_get_domain(const char *in)
diff --git a/libpurple/protocols/jabber/jutil.h b/libpurple/protocols/jabber/jutil.h
--- a/libpurple/protocols/jabber/jutil.h
+++ b/libpurple/protocols/jabber/jutil.h
@@ -46,12 +46,10 @@ typedef enum {
JabberID* jabber_id_new(const char *str);
/**
- * Compare two JIDs for equality.
- *
- * Warning: If either JID is NULL then this function uses the user's
- * bare JID, instead!
+ * Compare two JIDs for equality. In addition to the node and domain,
+ * the resources of the two JIDs must also be equal (or both absent).
*/
-gboolean jabber_id_equal(JabberStream *js, const JabberID *jid1, const JabberID *jid2);
+gboolean jabber_id_equal(const JabberID *jid1, const JabberID *jid2);
void jabber_id_free(JabberID *jid);
diff --git a/pidgin/plugins/unity.c b/pidgin/plugins/unity.c
--- a/pidgin/plugins/unity.c
+++ b/pidgin/plugins/unity.c
@@ -469,7 +469,7 @@ get_config_frame(PurplePlugin *plugin)
G_CALLBACK(launcher_config_cb), GUINT_TO_POINTER(LAUNCHER_COUNT_MESSAGES));
toggle = gtk_radio_button_new_with_mnemonic_from_widget(GTK_RADIO_BUTTON(toggle),
- _("Show number of unread _conversations on launcher icon"));
+ _("Show number of unread co_nversations on launcher icon"));
gtk_box_pack_start(GTK_BOX(vbox), toggle, FALSE, FALSE, 0);
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(toggle),
purple_prefs_get_int("/plugins/gtk/unity/launcher_count") == LAUNCHER_COUNT_SOURCES);
diff --git a/pidgin/win32/nsis/create_nsis_translations.pl b/pidgin/win32/nsis/create_nsis_translations.pl
--- a/pidgin/win32/nsis/create_nsis_translations.pl
+++ b/pidgin/win32/nsis/create_nsis_translations.pl
@@ -107,7 +107,8 @@ my %localeNames = (
"es" => ["Spanish", "WINDOWS-1252", "1034"],
"et" => ["Estonian", "WINDOWS-1257", "1061"],
"eu" => ["Basque", "WINDOWS-1252", "1069"],
- "fa" => ["Farsi", "WINDOWS-1256", "1065"],
+#Some values in the farsi translation can't be represented in what iconv thinks is WINDOWS-1256, so we disable it
+# "fa" => ["Farsi", "WINDOWS-1256", "1065"],
"fi" => ["Finnish", "WINDOWS-1252", "1035"],
"fr" => ["French", "WINDOWS-1252", "1036"],
"ga" => ["Irish", "WINDOWS-1252", "2108"],
diff --git a/po/ChangeLog b/po/ChangeLog
--- a/po/ChangeLog
+++ b/po/ChangeLog
@@ -1,5 +1,8 @@
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
+version 2.10.9
+ * No changes
+
version 2.10.8
* Albanian translation updated (Besnik Bleta)
* Asturian translation added (Llumex03)
diff --git a/po/POTFILES.in b/po/POTFILES.in
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -268,9 +268,9 @@ pidgin/plugins/spellchk.c
pidgin/plugins/themeedit-icon.c
pidgin/plugins/themeedit.c
pidgin/plugins/ticker/ticker.c
+pidgin/plugins/unity.c
pidgin/plugins/webkit.c
pidgin/plugins/win32/transparency/win2ktrans.c
pidgin/plugins/win32/winprefs/winprefs.c
-pidgin/plugins/unity.c
pidgin/plugins/xmppconsole.c
pidgin/win32/nsis/nsis_translations.desktop.in
diff --git a/po/da.po b/po/da.po
--- a/po/da.po
+++ b/po/da.po
@@ -15006,7 +15006,7 @@ msgid ""
"use the 'Offline Installer' from http://pidgin.im/download/windows/ ."
msgstr ""
"Fejl ved installeringen af fejlsøgningssymbolerne ($R2).$\\rHvis gentagne "
-"forsøg fejler, har du muligvis brug for det \"offline installeringsprogram\" "
+"forsøg fejler, har du muligvis brug for det 'offline installeringsprogram' "
"fra http://pidgin.im/download/windows/ ."
#. $R2 will display the URL that the GTK+ Runtime failed to download from
@@ -15017,7 +15017,7 @@ msgid ""
msgstr ""
"Fejl ved download af GTK+-kørselsmiljø ($R2).$\\rDette er nødvendigt for at "
"Pidgin kan fungere; hvis gentagne forsøg fejler, har du muligvis brug for "
-"det \"offline installeringsprogram\" fra http://pidgin.im/download/windows/ ."
+"det 'offline installeringsprogram' fra http://pidgin.im/download/windows/ ."
msgid ""
"The uninstaller could not find registry entries for Pidgin.$\\rIt is likely "
diff --git a/po/es.po b/po/es.po
--- a/po/es.po
+++ b/po/es.po
@@ -8,7 +8,7 @@
# Copyright (C) February 2010, Francisco Javier F. Serrador <fserrador at gmail.com>
# Copyright (C) June 2002, April 2003, January 2004, March 2004, September 2004,
# January 2005, 2006-2008, July 2009, July 2010, August 2010, January 2011
-# February 2012
+# February 2012, January 2014
# Javier Fernández-Sanguino Peña <jfs at debian.org>
#
# Agradecemos la ayuda de revisión realizada por:
@@ -54,11 +54,11 @@ msgid ""
msgstr ""
"Project-Id-Version: Pidgin\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2012-03-12 02:26-0700\n"
-"PO-Revision-Date: 2012-02-16 01:08+0100\n"
+"POT-Creation-Date: 2013-12-05 09:57-0600\n"
+"PO-Revision-Date: 2014-01-29 18:56+0100\n"
"Last-Translator: Javier Fernández-Sanguino <jfs at debian.org>\n"
"Language-Team: Spanish team <es at li.org>\n"
-"Language: \n"
+"Language: es\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
@@ -127,9 +127,12 @@ msgstr ""
"X-POFile-SpellExtra: Facebook persist ymsgr addbudy CLICK GPL\n"
"X-POFile-SpellExtra: authserv TOC RC Installing Punjabà Indentar apilable\n"
"X-POFile-SpellExtra: Evolution Maratà MultiMX Gtkrc kannada win debugwin\n"
-"X-POFile-SpellExtra: profileedit sobreescribirá blocklist STUN Comprobador\n"
+"X-POFile-SpellExtra: profileedit blocklist STUN Comprobador\n"
"X-POFile-SpellExtra: windows dlls IdUsuario gtkrc Name listicon Chromium\n"
-"X-POFile-SpellExtra: Pidgwin browser\n"
+"X-POFile-SpellExtra: Pidgwin browser ZWJ Service Esc unicode WebKit ZWJ ZWS\n"
+"X-POFile-SpellExtra: AMI DROP Zero HTML KWallet PBKDF XML widget Windows Enter\n"
+"X-POFile-SpellExtra: PDF Farstream RLM LRE RLO RLE Asamés Bokmål Unicode\n"
+"X-POFile-SpellExtra: LRO LRM Nepalés Secret lx multi\n"
#. Translators may want to transliterate the name.
#. It is not to be translated.
@@ -162,16 +165,6 @@ msgstr ""
" -n, --nologin no conectarse de forma automática\n"
" -v, --version mostrar la versión actual y salir\n"
-#, c-format
-msgid ""
-"%s encountered errors migrating your settings from %s to %s. Please "
-"investigate and complete the migration by hand. Please report this error at "
-"http://developer.pidgin.im"
-msgstr ""
-"%s se encontró con errores al migrar su configuración de %s a %s. Investigue "
-"el problema y complete la migración de forma manual. Por favor, informe de "
-"este error en http://developer.pidgin.im"
-
#. the user did not fill in the captcha
msgid "Error"
msgstr "Error"
@@ -324,6 +317,8 @@ msgstr "La cuenta seleccionada no está
msgid "Error adding buddy"
msgstr "Error al añadir al amigo"
+#. TODO: Check whether it's correct to call add_pair_html,
More information about the Commits
mailing list