/pidgin/main: f017a2e85832: Merge 2.x.y
Tomasz Wasilczyk
twasilczyk at pidgin.im
Fri Jan 3 15:13:55 EST 2014
Changeset: f017a2e85832942b6f48dc373dca4af928463253
Author: Tomasz Wasilczyk <twasilczyk at pidgin.im>
Date: 2014-01-03 21:13 +0100
Branch: default
URL: https://hg.pidgin.im/pidgin/main/rev/f017a2e85832
Description:
Merge 2.x.y
diffstat:
ChangeLog | 13 ++++-
libpurple/plugins/ssl/ssl-nss.c | 96 +++++++++-------------------------------
pidgin/plugins/Makefile.am | 7 ++
3 files changed, 41 insertions(+), 75 deletions(-)
diffs (194 lines):
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -59,17 +59,26 @@ version 3.0.0 (??/??/????):
was an offline message. (Flavius Anton) (#2497)
General:
- * Add support for Python3 in build scripts. (Ashish Gupta) (#15624)
* Various core components of libpurple are now GObjects.
* Ciphers are now built from the libpurple directory.
+version 2.10.8:
+ Stock market:
+ * Ludicrous increases on mediocre worldwide economic data.
+
+ General:
+ * Add support for Python3 in build scripts. (Ashish Gupta) (#15624)
+
+ Pidgin:
+ * Add Unity integration plugin.
+
Gadu-Gadu:
* Disabled buddy list import/export from/to server (it didn't worked
anymore). Buddy list synchronization will be implemented in 3.0.0.
Windows-Specific Changes:
* Updates to dependencies:
- * NSS 3.15.2 and NSPR 4.10.1
+ * NSS 3.15.3 and NSPR 4.10.2
version 2.10.7 (02/13/2013):
Alien hatchery:
diff --git a/libpurple/plugins/ssl/ssl-nss.c b/libpurple/plugins/ssl/ssl-nss.c
--- a/libpurple/plugins/ssl/ssl-nss.c
+++ b/libpurple/plugins/ssl/ssl-nss.c
@@ -155,75 +155,25 @@ ssl_nss_init_nss(void)
}
static SECStatus
-ssl_auth_cert(void *arg, PRFileDesc *socket, PRBool checksig,
- PRBool is_server)
+ssl_auth_cert(void *arg, PRFileDesc *socket, PRBool checksig, PRBool is_server)
{
+ /* We just skip cert verification here, and will verify the whole chain
+ * in ssl_nss_handshake_cb, after the handshake is complete.
+ *
+ * The problem is, purple_certificate_verify is asynchronous and
+ * ssl_auth_cert should return the result synchronously (it may ask the
+ * user, if an unknown certificate should be trusted or not).
+ *
+ * Ideally, SSL_AuthCertificateHook/ssl_auth_cert should decide
+ * immediately, if the certificate chain is already trusted and possibly
+ * SSL_BadCertHook to deal with unknown certificates.
+ *
+ * Current implementation may not be ideal, but is no less secure in
+ * terms of MITM attack.
+ */
return SECSuccess;
-
-#if 0
- CERTCertificate *cert;
- void *pinArg;
- SECStatus status;
-
- cert = SSL_PeerCertificate(socket);
- pinArg = SSL_RevealPinArg(socket);
-
- status = CERT_VerifyCertNow((CERTCertDBHandle *)arg, cert, checksig,
- certUsageSSLClient, pinArg);
-
- if (status != SECSuccess) {
- purple_debug_error("nss", "CERT_VerifyCertNow failed\n");
- CERT_DestroyCertificate(cert);
- return status;
- }
-
- CERT_DestroyCertificate(cert);
- return SECSuccess;
-#endif
}
-#if 0
-static SECStatus
-ssl_bad_cert(void *arg, PRFileDesc *socket)
-{
- SECStatus status = SECFailure;
- PRErrorCode err;
-
- if (arg == NULL)
- return status;
-
- *(PRErrorCode *)arg = err = PORT_GetError();
-
- switch (err)
- {
- case SEC_ERROR_INVALID_AVA:
- case SEC_ERROR_INVALID_TIME:
- case SEC_ERROR_BAD_SIGNATURE:
- case SEC_ERROR_EXPIRED_CERTIFICATE:
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_CERT:
- case SEC_ERROR_CERT_VALID:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- case SEC_ERROR_CRL_EXPIRED:
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- case SEC_ERROR_EXTENSION_VALUE_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_CERT_USAGES_INVALID:
- case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
- status = SECSuccess;
- break;
-
- default:
- status = SECFailure;
- break;
- }
-
- purple_debug_error("nss", "Bad certificate: %d\n", err);
-
- return status;
-}
-#endif
-
static gboolean
ssl_nss_init(void)
{
@@ -362,7 +312,10 @@ ssl_nss_handshake_cb(gpointer data, int
purple_certificate_destroy_list(peers);
} else {
/* Otherwise, just call the "connection complete"
- callback */
+ * callback. The verification was already done with
+ * SSL_AuthCertificate, the default verifier
+ * (SSL_AuthCertificateHook was not called in ssl_nss_connect).
+ */
gsc->connect_cb(gsc->connect_cb_data, gsc, cond);
}
}
@@ -427,13 +380,10 @@ ssl_nss_connect(PurpleSslConnection *gsc
SSL_OptionSet(nss_data->in, SSL_SECURITY, PR_TRUE);
SSL_OptionSet(nss_data->in, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- SSL_AuthCertificateHook(nss_data->in,
- (SSLAuthCertificate)ssl_auth_cert,
- (void *)CERT_GetDefaultCertDB());
-#if 0
- /* No point in hooking BadCert, since ssl_auth_cert always succeeds */
- SSL_BadCertHook(nss_data->in, (SSLBadCertHandler)ssl_bad_cert, NULL);
-#endif
+ /* If we have our internal verifier set up, use it. Otherwise,
+ * use default. */
+ if (gsc->verifier != NULL)
+ SSL_AuthCertificateHook(nss_data->in, ssl_auth_cert, NULL);
if(gsc->host)
SSL_SetURL(nss_data->in, gsc->host);
diff --git a/pidgin/plugins/Makefile.am b/pidgin/plugins/Makefile.am
--- a/pidgin/plugins/Makefile.am
+++ b/pidgin/plugins/Makefile.am
@@ -47,6 +47,7 @@ spellchk_la_LDFLAGS = -module -a
themeedit_la_LDFLAGS = -module -avoid-version
unity_la_LDFLAGS = -module -avoid-version
webkit_la_LDFLAGS = -module -avoid-version
+unity_la_LDFLAGS = -module -avoid-version
xmppconsole_la_LDFLAGS = -module -avoid-version
if PLUGINS
@@ -71,6 +72,10 @@ if ENABLE_UNITY
plugin_LTLIBRARIES += unity.la
endif
+if ENABLE_UNITY
+plugin_LTLIBRARIES += unity.la
+endif
+
noinst_LTLIBRARIES = \
contact_priority.la \
gtk_signals_test.la
@@ -91,6 +96,7 @@ spellchk_la_SOURCES = spellchk.c
themeedit_la_SOURCES = themeedit.c themeedit-icon.c themeedit-icon.h
unity_la_SOURCES = unity.c
webkit_la_SOURCES = webkit.c
+unity_la_SOURCES = unity.c
xmppconsole_la_SOURCES = xmppconsole.c
convcolors_la_LIBADD = $(GTK_LIBS)
@@ -109,6 +115,7 @@ spellchk_la_LIBADD = $(GTK_LIBS
themeedit_la_LIBADD = $(GTK_LIBS)
unity_la_LIBADD = $(GTK_LIBS) $(UNITY_LIBS)
webkit_la_LIBADD = $(GTK_LIBS) $(WEBKIT_LIBS)
+unity_la_LIBADD = $(GTK_LIBS) $(UNITY_LIBS)
xmppconsole_la_LIBADD = $(GTK_LIBS)
endif # PLUGINS
More information about the Commits
mailing list