Mercurial > pidgin.yaz

changeset 30901:efb82b6b9406

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge of '36b528cbf13e606208f74b6ec90ce973f512df75' and '95bdb96951c9aaae802bf85e057270a6a37d2ca8'
author Paul Aurich <paul@darkrain42.org>
date Tue, 31 Aug 2010 02:57:59 +0000
parents 4072761e3454 (diff) 3d045343e04d (current diff)
children 195d034b6cfe
files ChangeLog pidgin/pixmaps/emotes/small/16/cool.png pidgin/pixmaps/emotes/small/16/grin.png pidgin/win32/IdleTracker/Makefile.mingw pidgin/win32/IdleTracker/idletrack.c pidgin/win32/IdleTracker/idletrack.h
diffstat 7 files changed, 82 insertions(+), 21 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Tue Aug 31 01:49:53 2010 +0000
+++ b/ChangeLog	Tue Aug 31 02:57:59 2010 +0000
@@ -12,10 +12,24 @@
 	  including a thumbnail in Finch.
 
 	Pidgin:
-	* Remap the "Set User Mood" shortcut to Control+D which does not
-	  conflict with the previous shortcut to Get Buddy Info on the
+	* Add support for the Gadu-Gadu protocol in the gevolution plugin to
+	  provide Evolution integration with contacts with GG IDs. (#10709)
+	* Remap the "Set User Mood" shortcut to Control-D, which does not
+	  conflict with the previous shortcut for Get Buddy Info on the
 	  selected buddy.
 
+	Finch:
+	* Add support for drop-down account options (like the SILC cipher
+	  and HMAC options or the QQ protocol version).
+
+	XMPP:
+	* Unify the connection security-related settings into one dropdown.
+	* Fix a crash when multiple accounts are simultaneously performing
+	  SASL authentication when built with Cyrus SASL support.  (thanks
+	  to Jan Kaluza) (#11560)
+	* Restore the ability to connect to XMPP servers that do not offer
+	  Stream ID. (#12331)
+
 	Yahoo/Yahoo JAPAN:
 	* Stop doing unnecessary lookups of certain alias information.  This
 	  solves deadlocks when a given Yahoo account has a ridiculously large
--- a/libpurple/account.c	Tue Aug 31 01:49:53 2010 +0000
+++ b/libpurple/account.c	Tue Aug 31 02:57:59 2010 +0000
@@ -513,6 +513,25 @@
 }
 
 static void
+migrate_xmpp_encryption(PurpleAccount *account)
+{
+	/* When this is removed, nuke the "old_ssl" and "require_tls" settings */
+	if (g_str_equal(purple_account_get_protocol_id(account), "prpl-jabber")) {
+		const char *sec = purple_account_get_string(account, "connection_security", "");
+
+		if (g_str_equal("", sec)) {
+			const char *val = "require_tls";
+			if (purple_account_get_bool(account, "old_ssl", FALSE))
+				val = "old_ssl";
+			else if (!purple_account_get_bool(account, "require_tls", TRUE))
+				val = "opportunistic_tls";
+
+			purple_account_set_string(account, "connection_security", val);
+		}
+	}
+}
+
+static void
 parse_settings(xmlnode *node, PurpleAccount *account)
 {
 	const char *ui;
@@ -579,6 +598,9 @@
 	/* we do this here because we need access to account settings to determine
 	 * if we can/should migrate an old Yahoo! JAPAN account */
 	migrate_yahoo_japan(account);
+	/* we do this here because we need to do it before the user views the
+	 * Edit Account dialog. */
+	migrate_xmpp_encryption(account);
 }
 
 static GList *
--- a/libpurple/protocols/jabber/auth.c	Tue Aug 31 01:49:53 2010 +0000
+++ b/libpurple/protocols/jabber/auth.c	Tue Aug 31 02:57:59 2010 +0000
@@ -251,7 +251,8 @@
 		g_free(msg);
 	} else if (type == JABBER_IQ_RESULT) {
 		query = xmlnode_get_child(packet, "query");
-		if(js->stream_id && xmlnode_get_child(query, "digest")) {
+		if (js->stream_id && *js->stream_id &&
+				xmlnode_get_child(query, "digest")) {
 			char *s, *hash;
 
 			iq = jabber_iq_new_query(js, JABBER_IQ_SET, "jabber:iq:auth");
@@ -269,8 +270,10 @@
 			g_free(s);
 			jabber_iq_set_callback(iq, auth_old_result_cb, NULL);
 			jabber_iq_send(iq);
-
-		} else if(js->stream_id && (x = xmlnode_get_child(query, "crammd5"))) {
+		} else if ((x = xmlnode_get_child(query, "crammd5"))) {
+			/* For future reference, this appears to be a custom OS X extension
+			 * to non-SASL authentication.
+			 */
 			const char *challenge;
 			gchar digest[33];
 			PurpleCipherContext *hmac;
@@ -340,7 +343,8 @@
 	 * is requiring SSL/TLS, we need to enforce it.
 	 */
 	if (!jabber_stream_is_ssl(js) &&
-			purple_account_get_bool(account, "require_tls", JABBER_DEFAULT_REQUIRE_TLS)) {
+			g_str_equal("require_tls",
+				purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS))) {
 		purple_connection_error_reason(js->gc,
 			PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR,
 			_("You require encryption, but it is not available on this server."));
--- a/libpurple/protocols/jabber/jabber.c	Tue Aug 31 01:49:53 2010 +0000
+++ b/libpurple/protocols/jabber/jabber.c	Tue Aug 31 02:57:59 2010 +0000
@@ -232,7 +232,7 @@
 		return TRUE;
 	}
 
-	if(purple_account_get_bool(account, "require_tls", JABBER_DEFAULT_REQUIRE_TLS)) {
+	if (g_str_equal("require_tls", purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS))) {
 		purple_connection_error_reason(js->gc,
 				PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
 				_("You require encryption, but no TLS/SSL support was found."));
@@ -244,12 +244,16 @@
 
 void jabber_stream_features_parse(JabberStream *js, xmlnode *packet)
 {
-	if(xmlnode_get_child(packet, "starttls")) {
-		if(jabber_process_starttls(js, packet)) {
+	PurpleAccount *account = purple_connection_get_account(js->gc);
+	const char *connection_security =
+		purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS);
+
+	if (xmlnode_get_child(packet, "starttls")) {
+		if (jabber_process_starttls(js, packet)) {
 			jabber_stream_set_state(js, JABBER_STREAM_INITIALIZING_ENCRYPTION);
 			return;
 		}
-	} else if(purple_account_get_bool(js->gc->account, "require_tls", JABBER_DEFAULT_REQUIRE_TLS) && !jabber_stream_is_ssl(js)) {
+	} else if (g_str_equal(connection_security, "require_tls") && !jabber_stream_is_ssl(js)) {
 		purple_connection_error_reason(js->gc,
 			 PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR,
 			_("You require encryption, but it is not available on this server."));
@@ -1014,7 +1018,7 @@
 	js->certificate_CN = g_strdup(connect_server[0] ? connect_server : js->user->domain);
 
 	/* if they've got old-ssl mode going, we probably want to ignore SRV lookups */
-	if(purple_account_get_bool(account, "old_ssl", FALSE)) {
+	if (g_str_equal("old_ssl", purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS))) {
 		if(purple_ssl_is_supported()) {
 			js->gsc = purple_ssl_connect(account, js->certificate_CN,
 					purple_account_get_int(account, "port", 5223),
--- a/libpurple/protocols/jabber/jabber.h	Tue Aug 31 01:49:53 2010 +0000
+++ b/libpurple/protocols/jabber/jabber.h	Tue Aug 31 02:57:59 2010 +0000
@@ -80,7 +80,7 @@
 
 #define CAPS0115_NODE "http://pidgin.im/"
 
-#define JABBER_DEFAULT_REQUIRE_TLS    TRUE
+#define JABBER_DEFAULT_REQUIRE_TLS    "require_starttls"
 #define JABBER_DEFAULT_FT_PROXIES     "proxy.eu.jabber.org"
 
 /* Index into attention_types list */
--- a/libpurple/protocols/jabber/libxmpp.c	Tue Aug 31 01:49:53 2010 +0000
+++ b/libpurple/protocols/jabber/libxmpp.c	Tue Aug 31 02:57:59 2010 +0000
@@ -253,6 +253,7 @@
 {
 	PurpleAccountUserSplit *split;
 	PurpleAccountOption *option;
+	GList *encryption_values = NULL;
 
 	/* Translators: 'domain' is used here in the context of Internet domains, e.g. pidgin.im */
 	split = purple_account_user_split_new(_("Domain"), NULL, '@');
@@ -263,13 +264,26 @@
 	purple_account_user_split_set_reverse(split, FALSE);
 	prpl_info.user_splits = g_list_append(prpl_info.user_splits, split);
 
-	option = purple_account_option_bool_new(_("Require SSL/TLS"), "require_tls", JABBER_DEFAULT_REQUIRE_TLS);
-	prpl_info.protocol_options = g_list_append(prpl_info.protocol_options,
-											   option);
+#define ADD_VALUE(list, desc, v) { \
+	PurpleKeyValuePair *kvp = g_new0(PurpleKeyValuePair, 1); \
+	kvp->key = g_strdup((desc)); \
+	kvp->value = g_strdup((v)); \
+	list = g_list_prepend(list, kvp); \
+}
 
-	option = purple_account_option_bool_new(_("Force old (port 5223) SSL"), "old_ssl", FALSE);
+	ADD_VALUE(encryption_values, _("Require encryption"), "require_tls");
+	ADD_VALUE(encryption_values, _("Use encryption if available"), "opportunistic_tls");
+	ADD_VALUE(encryption_values, _("Use old-style SSL"), "old_ssl");
+#if 0
+	ADD_VALUE(encryption_values, "None", "none");
+#endif
+	encryption_values = g_list_reverse(encryption_values);
+
+#undef ADD_VALUE
+
+	option = purple_account_option_list_new(_("Connection security"), "connection_security", encryption_values);
 	prpl_info.protocol_options = g_list_append(prpl_info.protocol_options,
-											   option);
+						   option);
 
 	option = purple_account_option_bool_new(
 						_("Allow plaintext auth over unencrypted streams"),
--- a/libpurple/protocols/jabber/parser.c	Tue Aug 31 01:49:53 2010 +0000
+++ b/libpurple/protocols/jabber/parser.c	Tue Aug 31 02:57:59 2010 +0000
@@ -102,11 +102,14 @@
 					PURPLE_CONNECTION_ERROR_AUTHENTICATION_IMPOSSIBLE,
 					_("XMPP stream missing ID"));
 #else
-			/* Instead, let's make up a fancy-schmancy stream ID, which
-			 * we need to do because we flag on js->stream_id == NULL being
-			 * a special case in this function.
+			/* Instead, let's make up a placeholder stream ID, which we need
+			 * to do because we flag on it being NULL as a special case
+			 * in this parsing code.
 			 */
-			js->stream_id = purple_uuid_random();
+			js->stream_id = g_strdup("");
+			purple_debug_info("jabber", "Server failed to specify a stream "
+			                  "ID (underspecified in rfc3920, but intended "
+			                  "to be a MUST; digest legacy auth may fail."); 
 #endif
 		}
 	} else {