[arch-commits] Commit in pidgin/trunk (2 files)

Evangelos Foutras foutrelis at nymeria.archlinux.org
Mon Feb 3 14:10:06 UTC 2014 

    Date: Monday, February 3, 2014 @ 15:10:06
  Author: foutrelis
Revision: 205034

upgpkg: pidgin 2.10.9-1

New upstream release.

Modified:
  pidgin/trunk/PKGBUILD
Deleted:
  pidgin/trunk/pidgin-2.10.8-fix-login-issues-with-certain-xmpp-servers.patch

----------------------------------------------------------------+
 PKGBUILD                                                       |   15 -
 pidgin-2.10.8-fix-login-issues-with-certain-xmpp-servers.patch |  145 ----------
 2 files changed, 5 insertions(+), 155 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-02-03 12:57:40 UTC (rev 205033)
+++ PKGBUILD	2014-02-03 14:10:06 UTC (rev 205034)
@@ -6,8 +6,8 @@
 # Contributor: Lucien Immink <l.immink at student.fnt.hvu.nl>
 
 pkgname=('pidgin' 'libpurple' 'finch')
-pkgver=2.10.8
-pkgrel=2
+pkgver=2.10.9
+pkgrel=1
 arch=('i686' 'x86_64')
 url="http://pidgin.im/"
 license=('GPL')
@@ -14,17 +14,12 @@
 makedepends=('startup-notification' 'gtkspell' 'libxss' 'nss' 'libsasl' 'libsm'
              'libidn' 'python2' 'hicolor-icon-theme' 'farstream-0.1' 'avahi'
              'tk' 'ca-certificates' 'intltool' 'networkmanager')
-source=(http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.bz2{,.asc}
-        pidgin-2.10.8-fix-login-issues-with-certain-xmpp-servers.patch)
-sha256sums=('b633367e3588ff3e615d68e812302dfdbe32e73693cbe42a0d827b7aed7a8227'
-            'SKIP'
-            '4b4cc2d0816bbc7de83d34de6880935163007193a36dcc13afc89fc1ffacc5d2')
+source=(https://downloads.sourceforge.net/project/$pkgname/Pidgin/$pkgver/$pkgname-$pkgver.tar.bz2{,.asc})
+sha256sums=('dc362ed8577f623eea4554a79e917073aa726825074fea402f2e515f0f51f319'
+            'SKIP')
 prepare() {
   cd "$srcdir/$pkgname-$pkgver"
 
-  # https://developer.pidgin.im/ticket/15879
-  patch -Np1 -i "$srcdir/pidgin-2.10.8-fix-login-issues-with-certain-xmpp-servers.patch"
-
   # Use Python 2
   sed -i 's/env python$/&2/' */plugins/*.py \
     libpurple/purple-{remote,notifications-example,url-handler}

Deleted: pidgin-2.10.8-fix-login-issues-with-certain-xmpp-servers.patch
===================================================================
--- pidgin-2.10.8-fix-login-issues-with-certain-xmpp-servers.patch	2014-02-03 12:57:40 UTC (rev 205033)
+++ pidgin-2.10.8-fix-login-issues-with-certain-xmpp-servers.patch	2014-02-03 14:10:06 UTC (rev 205034)
@@ -1,145 +0,0 @@
-
-# HG changeset patch
-# User Mark Doliner <mark at kingant.net>
-# Date 1391153359 28800
-# Node ID b8e2a5fbffd3052ccba7160b56eac70f8e19c49a
-# Parent  e733020a9d3840275ffa931a9aeefe4d8befc08e
-Fix problems logging into some servers including jabber.org and
-chat.facebook.com.
-
-See my length comment in iq.c for details.
-
-diff --git a/libpurple/protocols/jabber/iq.c b/libpurple/protocols/jabber/iq.c
---- a/libpurple/protocols/jabber/iq.c
-+++ b/libpurple/protocols/jabber/iq.c
-@@ -283,6 +283,52 @@
- 	g_hash_table_remove(js->iq_callbacks, id);
- }
- 
-+/**
-+ * Verify that the 'from' attribute of an IQ reply is a valid match for
-+ * a given IQ request. The expected behavior is outlined in section
-+ * 8.1.2.1 of the XMPP CORE spec (RFC 6120). We consider the reply to
-+ * be a valid match if any of the following is true:
-+ * - Request 'to' matches reply 'from' (including the case where
-+ *   neither are set).
-+ * - Request 'to' was empty and reply 'from' is server JID.
-+ * - Request 'to' was empty and reply 'from' is my JID. The spec says
-+ *   we should only allow bare JID, but we also allow full JID for
-+ *   compatibility with some servers.
-+ *
-+ * These rules should allow valid IQ replies while preventing spoofed
-+ * ones.
-+ *
-+ * For more discussion see the "Spoofing of iq ids and misbehaving
-+ * servers" email thread from January 2014 on the jdev and security
-+ * mailing lists.
-+ *
-+ * @return TRUE if this reply is valid for the given request.
-+ */
-+static gboolean does_reply_from_match_request_to(JabberStream *js, JabberID *to, JabberID *from)
-+{
-+	if (jabber_id_equal(to, from)) {
-+		/* Request 'to' matches reply 'from' */
-+		return TRUE;
-+	}
-+
-+	if (!to && purple_strequal(from->domain, js->user->domain)) {
-+		/* Request 'to' is empty and reply 'from' domain matches our domain */
-+
-+		if (!from->node && !from->resource) {
-+			/* Reply 'from' is server bare JID */
-+			return TRUE;
-+		}
-+
-+		if (purple_strequal(from->node, js->user->node)
-+				&& (!from->resource || purple_strequal(from->resource, js->user->resource))) {
-+			/* Reply 'from' is my full or bare JID */
-+			return TRUE;
-+		}
-+	}
-+
-+	return FALSE;
-+}
-+
- void jabber_iq_parse(JabberStream *js, xmlnode *packet)
- {
- 	JabberIqCallbackData *jcd;
-@@ -377,8 +423,9 @@
- 
- 	/* First, lets see if a special callback got registered */
- 	if(type == JABBER_IQ_RESULT || type == JABBER_IQ_ERROR) {
--		if((jcd = g_hash_table_lookup(js->iq_callbacks, id))) {
--			if(jabber_id_equal(js, jcd->to, from_id)) {
-+		jcd = g_hash_table_lookup(js->iq_callbacks, id);
-+		if (jcd) {
-+			if (does_reply_from_match_request_to(js, jcd->to, from_id)) {
- 				jcd->callback(js, from, type, id, packet, jcd->data);
- 				jabber_iq_remove_callback_by_id(js, id);
- 				jabber_id_free(from_id);
-diff --git a/libpurple/protocols/jabber/jutil.c b/libpurple/protocols/jabber/jutil.c
---- a/libpurple/protocols/jabber/jutil.c
-+++ b/libpurple/protocols/jabber/jutil.c
-@@ -510,30 +510,21 @@
- 
- 
- gboolean
--jabber_id_equal(JabberStream *js, const JabberID *jid1, const JabberID *jid2)
-+jabber_id_equal(const JabberID *jid1, const JabberID *jid2)
- {
--	const JabberID *j1, *j2;
--	JabberID *bare_user_jid;
--	gboolean equal;
-+	if (!jid1 && !jid2) {
-+		/* Both are null therefore equal */
-+		return TRUE;
-+	}
- 
--	/* If an outgoing stanza has no 'to', or an incoming has no 'from',
--	 * then those are "the server acting as my account". This function will
--	 * handle that correctly.
--	 */
--	if (!jid1 && !jid2)
--		return TRUE;
-+	if (!jid1 || !jid2) {
-+		/* One is null, other is non-null, therefore not equal */
-+		return FALSE;
-+	}
- 
--	bare_user_jid = jabber_id_to_bare_jid(js->user);
--	j1 = jid1 ? jid1 : bare_user_jid;
--	j2 = jid2 ? jid2 : bare_user_jid;
--
--	equal = purple_strequal(j1->node, j2->node) &&
--			purple_strequal(j1->domain, j2->domain) &&
--			purple_strequal(j1->resource, j2->resource);
--
--	jabber_id_free(bare_user_jid);
--
--	return equal;
-+	return purple_strequal(jid1->node, jid2->node) &&
-+			purple_strequal(jid1->domain, jid2->domain) &&
-+			purple_strequal(jid1->resource, jid2->resource);
- }
- 
- char *jabber_get_domain(const char *in)
-diff --git a/libpurple/protocols/jabber/jutil.h b/libpurple/protocols/jabber/jutil.h
---- a/libpurple/protocols/jabber/jutil.h
-+++ b/libpurple/protocols/jabber/jutil.h
-@@ -46,12 +46,10 @@
- JabberID* jabber_id_new(const char *str);
- 
- /**
-- * Compare two JIDs for equality.
-- *
-- * Warning: If either JID is NULL then this function uses the user's
-- * bare JID, instead!
-+ * Compare two JIDs for equality. In addition to the node and domain,
-+ * the resources of the two JIDs must also be equal (or both absent).
-  */
--gboolean jabber_id_equal(JabberStream *js, const JabberID *jid1, const JabberID *jid2);
-+gboolean jabber_id_equal(const JabberID *jid1, const JabberID *jid2);
- 
- void jabber_id_free(JabberID *jid);
- 
-

More information about the arch-commits mailing list