copyleftie
/
gajim-plural
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
13,599 Commits 5 Branches 0 Tags 56 MiB
Commit Graph

13599 Commits

Author SHA1 Message Date
Fedor Brunner 667cd1eb48 Replace the obsolete method warn. 
http://docs.python.org/3/library/logging.html

  Note: There is an obsolete method warn which is functionally identical to
  warning. As warn is deprecated, please do not use it - use warning instead.
 2014-02-18 09:39:48 +01:00
Fedor Brunner 38f09a4098 Backed out changeset c1f88dc9e4d0 of backed out changeset 4ba5c2f6386e 2014-01-29 16:22:17 +01:00
Fedor Brunner b0357a9692 Backed out changeset 4ba5c2f6386e 
I have submitted the 'tls_version' to the incorrect default branch.
The correct submit was done in changeset 15331:b5831b64e5d2 ,
branch gajim_0.16 .
 2014-01-29 14:42:14 +01:00
Fedor Brunner 2fd0cbe1d3 Disable TLS tickets (RFC 5077) in OpenSSL Context for XTLS. 
More on the effect of TLS tickets:
https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf

Fixes #7638
 2014-01-29 14:12:10 +01:00
Fedor Brunner 3b629a52d2 "4096-bit MODP Group" from RFC3526, Section 5. 
The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }

RFC3526 specifies a generator of 2.

The generation of the group is described in RFC 2412.

Fixes: #7644
 2014-02-17 14:54:20 +01:00
Fedor Brunner 80cc75f575 New set of CA certificates is in cacert.pem, used only on Windows. 
These CA certificates were copied from debian ca-certificates, which uses
certificates from Mozilla's trust store.

spi CA certificate has be removed, no server in xmpp.net list uses this
CA certificate.
https://xmpp.net/directory.php

I have removed these CA certificates with 1024-bit RSA public keys,
because Mozilla is planning to remove them in Q1 2014 :

Digital_Signature_Trust_Co._Global_CA_1.crt
Digital_Signature_Trust_Co._Global_CA_3.crt
Entrust.net_Secure_Server_CA.crt
Equifax_Secure_CA.crt
Equifax_Secure_eBusiness_CA_1.crt
Equifax_Secure_Global_eBusiness_CA.crt
GTE_CyberTrust_Global_Root.crt
NetLock_Business_=Class_B=_Root.crt
NetLock_Express_=Class_C=_Root.crt
RSA_Root_Certificate_1.crt
Thawte_Premium_Server_CA.crt
Thawte_Server_CA.crt
ValiCert_Class_1_VA.crt
ValiCert_Class_2_VA.crt
Verisign_Class_1_Public_Primary_Certification_Authority.crt
Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt
Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt
Verisign_Class_3_Public_Primary_Certification_Authority.crt
Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt

See:
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
https://wiki.mozilla.org/CA:MD5and1024

I'm also removing TurkTrust CA certificates because of this security
incident:
https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/

TURKTRUST_Certificate_Services_Provider_Root_1.crt
TURKTRUST_Certificate_Services_Provider_Root_2007.crt
TURKTRUST_Certificate_Services_Provider_Root_2.crt

other/cacert.pem is used only on Windows. On Unix platforms
use CA certificates installed in /etc/ssl/certs
(python-nbxmpp loads CA certificates from /etc/ssl/certs directory)

Fixes #7629
 2014-02-17 14:37:29 +01:00
Fedor Brunner d7c8bdc8c4 Add ability to configure TLS protocol version. 
add configuration option tls_version

Related to
https://python-nbxmpp.gajim.org/ticket/17
 2014-01-27 16:31:08 +01:00
Fedor Brunner 3b0d68d06a Enable use of 2048, 3072, 4096 bit DH groups in ESessions. The 3072-bit DH 
group is prefered.
Fixes #7615
 2013-12-29 16:00:01 +01:00
Fedor Brunner ec2156ec42 Update entropy gathering for interface changes of pyOpenSSL. 
Fixes: #7642
 2014-02-17 13:51:45 +01:00
Fedor Brunner 460c62860a Syntax correction for Python3 2014-02-16 22:37:14 +01:00
Yann Leboulanger 58fdefa1d3 gobject -> GLib 2014-02-15 21:11:45 +01:00
Yann Leboulanger 67662ef6c0 unicode() -> str() 2014-02-15 21:09:13 +01:00
Yann Leboulanger 753c727f6e some gtk3 fixes in plugins window 2014-02-15 21:08:54 +01:00
Yann Leboulanger d337aeed4e py2 -> py3 2013-12-30 21:19:15 +01:00
Yann Leboulanger 54c3f9acaa py2 -> py3 2013-12-30 20:56:09 +01:00
Fedor Brunner 66c9ecd6cf Handle "NOTATION_NAME", "NOTATION_DATA" GPG lines. Fixes #7612 2013-12-27 12:42:19 +01:00
Fedor Brunner 4759ef235a ignore address-related errors for getaddrinfo. Fixes #7611 
cleanup of jingle_transport.py
 2013-12-27 12:16:58 +01:00
Fedor Brunner dcf1c33cc1 cipher specification cleanup 
https://trac.gajim.org/ticket/7599
 2013-12-23 23:26:54 +01:00
Fedor Brunner 4a360397fe cipher specification cleanup 
https://trac.gajim.org/ticket/7599
 2013-12-23 23:26:54 +01:00
Yann Leboulanger 5a8d757529 hide some menuitems in private chat context menu. Fixes #7603 2013-12-23 21:39:23 +01:00
Yann Leboulanger 7887f52ed7 Gajim need latest nbxmpp version 2013-12-23 16:56:58 +01:00
Yann Leboulanger 0fb4f69855 don't crash with new nbxmpp 2013-12-23 16:03:39 +01:00
Denis Fomin b3b691c345 Fix typo. Fixes #7598 2013-12-18 20:08:45 +04:00
Yann Leboulanger 65d10de012 include needed files for snarl plugin in windows installer. 2013-12-16 13:18:39 +01:00
Yann Leboulanger 7565fed0ca add missing signal. Fixes #7586 2013-12-14 09:57:50 +01:00
Yann Leboulanger 6e0785964c update die to nbxmpp update 2013-12-06 21:20:22 +01:00
Yann Leboulanger a402c064c5 missing change 2013-12-06 21:29:25 +01:00
Yann Leboulanger d12be64986 minor code improvement 2013-12-06 21:27:53 +01:00
Yann Leboulanger 905f65720e update die to nbxmpp update 2013-12-06 21:20:22 +01:00
Denis Fomin e4244075dc Fix crash when try configure plugin second time. See https://trac-plugins.gajim.org/ticket/86 2013-12-06 12:25:34 +04:00
Yann Leboulanger df11617ddb both sender and receiver request remote SSL certificate, but only if it's a new one. 
Correctly verify remote SSL certificate.
 2013-12-04 18:43:28 +01:00
Yann Leboulanger 6e410b463b show bookmarked rooms in invite to menu when possible. Fixes #4455 2013-12-02 12:17:32 +01:00
Yann Leboulanger 1b0406a814 fix the "do not ask me again" behaviour with untrusted GPG key warning. Fixes #7584 2013-12-01 10:06:38 +01:00
Yann Leboulanger cb98239794 fix adding transport contacts 2013-11-30 15:25:21 +01:00
Yann Leboulanger d3e6e22166 [Dicson] Do not display dialog confirm_metacontacts when using Make CONTACT first contact. Fixes #7576 2013-11-30 10:33:04 +01:00
Yann Leboulanger fbf8fd7ca0 [fedor] fix gpg signature when hash algo is not SHA-1. Fixes #7569 2013-11-30 10:10:39 +01:00
Yann Leboulanger 90847091c5 improve XEP-184 mark colors. see #7476 2013-11-30 10:04:50 +01:00
Yann Leboulanger 395f9575c8 Make threads usable under windows so GPG works correctly. Fixes #7565 2013-11-30 10:00:10 +01:00
Yann Leboulanger a7a8354402 prevent traceback. Fixes #7572 2013-11-30 09:48:18 +01:00
Yann Leboulanger 5095bc6598 support direct invitation (XEP-0249). Fixes #7581 2013-11-28 21:24:17 +01:00
Yann Leboulanger 349048d937 missing return 2013-11-27 18:20:49 +01:00
Yann Leboulanger ffa078ec03 gtk2 -> gtk3 2013-12-30 16:27:47 +01:00
Denis Fomin 9e39f8d01f Change cursor on location icon. Fixes #7570 2013-11-23 11:20:29 +04:00
Denis Fomin 6b35ad79e5 Add emty line to the end of help strings 2013-11-18 22:51:56 +04:00
Yann Leboulanger 8e231c1d4f fix typo. Fixes #7560 2013-11-17 21:52:02 +01:00
Yann Leboulanger fa90c358bb install dh4096.pem file. Fixes #7563 2013-11-17 09:40:21 +01:00
Denis Fomin be40a35a36 Set transient_for 'You are no longer in group chat' 2013-11-16 22:23:13 +04:00
Denis Fomin ef5ba6e83a set transient_for for 'This service does not contain any items to browse.' 2013-11-15 20:23:41 +04:00
Yann Leboulanger 928b7b67ba fix warning message 2013-11-14 21:34:15 +01:00
Yann Leboulanger d4c2fd4da8 [fedor] enable forward secrecy thanks to Diffie-Hellman parameters. Fixes #7555 2013-11-12 21:10:22 +01:00