/pidgin/main: 829e8731d60c: Manual merge. Only 1 conflict, in Ch...
Mark Doliner
mark at kingant.net
Tue Jan 28 10:38:10 EST 2014
Changeset: 829e8731d60c6762bf271a38f70253d40c3dce57
Author: Mark Doliner <mark at kingant.net>
Date: 2014-01-09 21:12 -0800
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/829e8731d60c
Description:
Manual merge. Only 1 conflict, in ChangeLog
diffstat:
.hgignore | 2 +
ChangeLog | 8 +-
configure.ac | 22 +
libpurple/ciphers/Makefile.am | 3 +-
libpurple/plugins/ssl/ssl-nss.c | 96 +----
libpurple/protocols/jabber/oob.c | 4 +-
libpurple/win32/global.mak | 2 +-
pidgin.desktop.in | 1 +
pidgin/gtkdialogs.c | 35 +-
pidgin/plugins/Makefile.am | 8 +
pidgin/plugins/unity.c | 635 +++++++++++++++++++++++++++++++++++++++
11 files changed, 722 insertions(+), 94 deletions(-)
diffs (truncated from 1093 to 300 lines):
diff --git a/.hgignore b/.hgignore
--- a/.hgignore
+++ b/.hgignore
@@ -87,6 +87,7 @@ pidgin-.*.tar.bz2
pidgin-.*.tar.gz
pidgin.apspec$
pidgin.desktop$
+pidgin.desktop.in$
pidgin.spec$
pidgin/pidgin$
pidgin/pixmaps/emotes/default/24/theme
@@ -112,4 +113,5 @@ po/notexist
po/pidgin.pot
po/stamp-it
stamp-h1
+test-driver
win32-install-dir(\.release)?
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,12 +1,18 @@
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
version 2.10.8:
+ Stock market:
+ * Ludicrous increases on mediocre worldwide economic data.
+
libpurple:
* Impose maximum download size for all HTTP fetches.
General:
* Add support for Python3 in build scripts. (Ashish Gupta) (#15624)
+ Pidgin:
+ * Add Unity integration plugin.
+
AIM and ICQ:
* Fix a possible crash when receiving a malformed message in a Direct IM
session.
@@ -17,7 +23,7 @@ version 2.10.8:
Windows-Specific Changes:
* Updates to dependencies:
- * NSS 3.15.2 and NSPR 4.10.1
+ * NSS 3.15.3 and NSPR 4.10.2
version 2.10.7 (02/13/2013):
Alien hatchery:
diff --git a/configure.ac b/configure.ac
--- a/configure.ac
+++ b/configure.ac
@@ -1391,6 +1391,26 @@ else
fi
dnl #######################################################################
+dnl # Check for Unity and Messaging Menu
+dnl #######################################################################
+AC_ARG_ENABLE(unity, [AC_HELP_STRING([--enable-unity],
+ [compile with support for unity integration plugin])], enable_unity="$enableval", enable_unity="no")
+if test "$enable_unity" = yes; then
+ PKG_CHECK_MODULES(UNITY, [unity >= 6.8 messaging-menu >= 12.10], , [
+ AC_MSG_RESULT(no)
+ AC_MSG_ERROR([
+You must have libunity9 >= 6.8 and libmessaging-menu >= 12.10 to build the unity integration plugin.
+ ])])
+ USES_MM_CHAT_SECTION="X-MessagingMenu-UsesChatSection=true"
+ AC_SUBST(UNITY_CFLAGS)
+ AC_SUBST(UNITY_LIBS)
+ AC_SUBST(USES_MM_CHAT_SECTION)
+else
+ enable_unity=no
+fi
+AM_CONDITIONAL(ENABLE_UNITY, [test "x$enable_unity" = "xyes"])
+
+dnl #######################################################################
dnl # Check for Python
dnl #######################################################################
@@ -2604,6 +2624,7 @@ AC_CONFIG_FILES([Makefile
finch/libgnt/wms/Makefile
finch/plugins/Makefile
po/Makefile.in
+ pidgin.desktop.in
pidgin.spec
])
AC_OUTPUT
@@ -2645,6 +2666,7 @@ echo Use XScreenSaver Extension.... : $e
echo Use X Session Management...... : $enable_sm
echo Use startup notification...... : $enable_startup_notification
echo Build with GtkSpell support... : $enable_gtkspell
+echo Build Unity integration plugin.: $enable_unity
echo
echo Build with plugin support..... : $enable_plugins
echo Build with Mono support....... : $enable_mono
diff --git a/libpurple/ciphers/Makefile.am b/libpurple/ciphers/Makefile.am
--- a/libpurple/ciphers/Makefile.am
+++ b/libpurple/ciphers/Makefile.am
@@ -10,8 +10,7 @@ libpurple_ciphers_la_SOURCES=\
sha1.c \
sha256.c
-INCLUDES = -I$(top_srcdir)/libpurple
-
AM_CPPFLAGS = \
+ -I$(top_srcdir)/libpurple \
$(GLIB_CFLAGS)
diff --git a/libpurple/plugins/ssl/ssl-nss.c b/libpurple/plugins/ssl/ssl-nss.c
--- a/libpurple/plugins/ssl/ssl-nss.c
+++ b/libpurple/plugins/ssl/ssl-nss.c
@@ -155,75 +155,25 @@ ssl_nss_init_nss(void)
}
static SECStatus
-ssl_auth_cert(void *arg, PRFileDesc *socket, PRBool checksig,
- PRBool is_server)
+ssl_auth_cert(void *arg, PRFileDesc *socket, PRBool checksig, PRBool is_server)
{
+ /* We just skip cert verification here, and will verify the whole chain
+ * in ssl_nss_handshake_cb, after the handshake is complete.
+ *
+ * The problem is, purple_certificate_verify is asynchronous and
+ * ssl_auth_cert should return the result synchronously (it may ask the
+ * user, if an unknown certificate should be trusted or not).
+ *
+ * Ideally, SSL_AuthCertificateHook/ssl_auth_cert should decide
+ * immediately, if the certificate chain is already trusted and possibly
+ * SSL_BadCertHook to deal with unknown certificates.
+ *
+ * Current implementation may not be ideal, but is no less secure in
+ * terms of MITM attack.
+ */
return SECSuccess;
-
-#if 0
- CERTCertificate *cert;
- void *pinArg;
- SECStatus status;
-
- cert = SSL_PeerCertificate(socket);
- pinArg = SSL_RevealPinArg(socket);
-
- status = CERT_VerifyCertNow((CERTCertDBHandle *)arg, cert, checksig,
- certUsageSSLClient, pinArg);
-
- if (status != SECSuccess) {
- purple_debug_error("nss", "CERT_VerifyCertNow failed\n");
- CERT_DestroyCertificate(cert);
- return status;
- }
-
- CERT_DestroyCertificate(cert);
- return SECSuccess;
-#endif
}
-#if 0
-static SECStatus
-ssl_bad_cert(void *arg, PRFileDesc *socket)
-{
- SECStatus status = SECFailure;
- PRErrorCode err;
-
- if (arg == NULL)
- return status;
-
- *(PRErrorCode *)arg = err = PORT_GetError();
-
- switch (err)
- {
- case SEC_ERROR_INVALID_AVA:
- case SEC_ERROR_INVALID_TIME:
- case SEC_ERROR_BAD_SIGNATURE:
- case SEC_ERROR_EXPIRED_CERTIFICATE:
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_CERT:
- case SEC_ERROR_CERT_VALID:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- case SEC_ERROR_CRL_EXPIRED:
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- case SEC_ERROR_EXTENSION_VALUE_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_CERT_USAGES_INVALID:
- case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
- status = SECSuccess;
- break;
-
- default:
- status = SECFailure;
- break;
- }
-
- purple_debug_error("nss", "Bad certificate: %d\n", err);
-
- return status;
-}
-#endif
-
static gboolean
ssl_nss_init(void)
{
@@ -362,7 +312,10 @@ ssl_nss_handshake_cb(gpointer data, int
purple_certificate_destroy_list(peers);
} else {
/* Otherwise, just call the "connection complete"
- callback */
+ * callback. The verification was already done with
+ * SSL_AuthCertificate, the default verifier
+ * (SSL_AuthCertificateHook was not called in ssl_nss_connect).
+ */
gsc->connect_cb(gsc->connect_cb_data, gsc, cond);
}
}
@@ -427,13 +380,10 @@ ssl_nss_connect(PurpleSslConnection *gsc
SSL_OptionSet(nss_data->in, SSL_SECURITY, PR_TRUE);
SSL_OptionSet(nss_data->in, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- SSL_AuthCertificateHook(nss_data->in,
- (SSLAuthCertificate)ssl_auth_cert,
- (void *)CERT_GetDefaultCertDB());
-#if 0
- /* No point in hooking BadCert, since ssl_auth_cert always succeeds */
- SSL_BadCertHook(nss_data->in, (SSLBadCertHandler)ssl_bad_cert, NULL);
-#endif
+ /* If we have our internal verifier set up, use it. Otherwise,
+ * use default. */
+ if (gsc->verifier != NULL)
+ SSL_AuthCertificateHook(nss_data->in, ssl_auth_cert, NULL);
if(gsc->host)
SSL_SetURL(nss_data->in, gsc->host);
diff --git a/libpurple/protocols/jabber/oob.c b/libpurple/protocols/jabber/oob.c
--- a/libpurple/protocols/jabber/oob.c
+++ b/libpurple/protocols/jabber/oob.c
@@ -137,8 +137,8 @@ static gssize jabber_oob_xfer_read(gucha
*tmp = '\0';
lenstr = strstr(jox->headers->str, "Content-Length: ");
if(lenstr) {
- int size;
- if (sscanf(lenstr, "Content-Length: %d", &size) == 1)
+ gsize size;
+ if (sscanf(lenstr, "Content-Length: %" G_GSIZE_FORMAT, &size) == 1)
purple_xfer_set_size(xfer, size);
else {
purple_debug_error("jabber", "Unable to parse Content-Length!\n");
diff --git a/libpurple/win32/global.mak b/libpurple/win32/global.mak
--- a/libpurple/win32/global.mak
+++ b/libpurple/win32/global.mak
@@ -17,7 +17,7 @@ GTK_BIN ?= $(GTK_TOP)/bin
BONJOUR_TOP ?= $(WIN32_DEV_TOP)/Bonjour_SDK
LIBXML2_TOP ?= $(WIN32_DEV_TOP)/libxml2-2.9.0
MEANWHILE_TOP ?= $(WIN32_DEV_TOP)/meanwhile-1.0.2_daa3
-NSS_TOP ?= $(WIN32_DEV_TOP)/nss-3.15.2-nspr-4.10.1
+NSS_TOP ?= $(WIN32_DEV_TOP)/nss-3.15.3-nspr-4.10.2
PERL_LIB_TOP ?= $(WIN32_DEV_TOP)/perl-5.10.0
SILC_TOOLKIT ?= $(WIN32_DEV_TOP)/silc-toolkit-1.1.10
TCL_LIB_TOP ?= $(WIN32_DEV_TOP)/tcl-8.4.5
diff --git a/pidgin.desktop.in b/pidgin.desktop.in.in
rename from pidgin.desktop.in
rename to pidgin.desktop.in.in
--- a/pidgin.desktop.in
+++ b/pidgin.desktop.in.in
@@ -8,3 +8,4 @@ StartupNotify=true
Terminal=false
Type=Application
Categories=Network;InstantMessaging;
+ at USES_MM_CHAT_SECTION@
diff --git a/pidgin/gtkdialogs.c b/pidgin/gtkdialogs.c
--- a/pidgin/gtkdialogs.c
+++ b/pidgin/gtkdialogs.c
@@ -74,13 +74,10 @@ struct artist {
static const struct developer developers[] = {
{"Daniel 'datallah' Atallah", NULL, NULL},
{"Paul 'darkrain42' Aurich", NULL, NULL},
- {"John 'rekkanoryo' Bailey", NULL, NULL},
{"Ethan 'Paco-Paco' Blanton", NULL, NULL},
{"Hylke Bons", N_("artist"), "hylkebons at gmail.com"},
{"Sadrul Habib Chowdhury", NULL, NULL},
{"Mark 'KingAnt' Doliner", NULL, "mark at kingant.net"},
- {"Casey Harkins", NULL, NULL},
- {"Ivan Komarov", NULL, "ivan.komarov at pidgin.im"},
{"Gary 'grim' Kramlich", NULL, "grim at pidgin.im"},
{"Richard 'rlaager' Laager", NULL, "rlaager at pidgin.im"},
{"Marcus 'malu' Lundblad", NULL, NULL},
@@ -95,6 +92,7 @@ static const struct developer developers
{"Will 'resiak' Thompson", NULL, NULL},
{"Stu 'nosnilmot' Tomlinson", NULL, NULL},
{"Jorge 'Masca' Villaseñor", NULL, NULL},
+ {"Tomasz Wasilczyk", NULL, "https://www.wasilczyk.pl"},
{NULL, NULL, NULL}
};
@@ -103,23 +101,24 @@ static const struct developer patch_writ
{"Jakub 'haakon' Adam", NULL, NULL},
{"Krzysztof Klinikowski", NULL, NULL},
{"Eion Robb", NULL, NULL},
- {"Peter 'Fmoo' Ruibal", NULL, NULL},
- {"Gabriel 'Nix' Schulhof", NULL, NULL},
- {"Tomasz Wasilczyk", NULL, NULL},
{NULL, NULL, NULL}
More information about the Commits
mailing list