| Wed, 21 May 2008 01:49:03 +0000 |
Evan Schoenberg |
Skip the X-GOOGLE-TOKEN mech (given us by Google Talk when connecting with
|
| Thu, 19 Jun 2008 03:17:14 +0000 |
Daniel Atallah |
applied changes from b687754dfefde18bbb1a2652261943517272a691
|
| Thu, 19 Jun 2008 03:04:56 +0000 |
Daniel Atallah |
applied changes from 43973692751b7c4e1375e090365f75a148798aed
|
| Fri, 02 May 2008 22:51:14 +0000 |
Evan Schoenberg |
merge of '21d37789f674809d615fc7676a092f1da438b0f5'
|
| Thu, 01 May 2008 04:02:31 +0000 |
Daniel Atallah |
When an XMPP account is set to require TLS, but libpurple doesn't have SSL
|
| Fri, 02 May 2008 22:50:13 +0000 |
Evan Schoenberg |
After trying the available SASL mechs, jabber_auth_handle_failure() now
|
| Tue, 15 Apr 2008 23:51:03 +0000 |
Evan Schoenberg |
The warning string for plaintext auth over an unencrypted connection is found
|
| Tue, 15 Apr 2008 23:46:03 +0000 |
Evan Schoenberg |
Remove the "Use GSSAPI (Kerberos v5) for authentication" xmpp preference,
|
| Sun, 13 Apr 2008 06:37:47 +0000 |
Stu Tomlinson |
The next version of RFC 3920, the draft of which can be found at http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-04.html, and subsequent email clarifications with Peter Saint-Andre and Alexey Melnikov indicate that we should be trying the next mechanism in line after one mechanism fails. We should also be ensuring that the mech list is sorted in order of descending security, which we don't do yet; however, servers are supposed to send us a sorted list, as well, so this isn't a major issue.
|
| Thu, 20 Mar 2008 08:42:15 +0000 |
Evan Schoenberg |
Discussion is in progress on pidgin-devel about the preference to enable/disable GSSAPI, but upon reflection it should, if it exists at all, default to TRUE. Making it do so for the time being.
|
| Thu, 20 Mar 2008 00:20:27 +0000 |
Evan Schoenberg |
Now that Adium has cyrus-sasl enabled, I'm having a lot of users report problems connecting to servers which ultimately turn out to be that the server supports GSSAPI in addition to other mechanisms and the user isn't configured serverside or clientside to authenticate properly. Generally speaking, a user/password combination is the expectation for most people for connecting.
|
| Sun, 16 Mar 2008 20:36:52 +0000 |
Mark Doliner |
Fix a bunch of compiler warnings caused by my addition of G_GNUC_PRINTF()
|
| Sat, 26 Jan 2008 03:53:18 +0000 |
Evan Schoenberg |
If falling back on the old auth method for Jabber, be sure to set js->auth_type to JABBER_AUTH_IQ_AUTH.
|
| Thu, 17 Jan 2008 08:10:37 +0000 |
Mark Doliner |
A few more of those "default_action" fixes
|
| Fri, 28 Dec 2007 17:14:52 +0000 |
Evan Schoenberg |
Ensure js->sasl is not NULL before using it in jabber_auth_handle_success(). This was, I believe, the source of the crash stu reported when my DIGEST-MD5 hack was in place; while js->sasl will probably be non-NULL whenever we reach this code point now, it's more robust to verify it here since that's an assumption originating in another function.
|
