Commit Graph

13629 Commits

Author SHA1 Message Date
Yann Leboulanger a0ecc52e20 require nbxmpp 0.3.1 2014-01-27 20:18:42 +01:00
Fedor Brunner bb7442b580 Add ability to configure TLS protocol version.
add configuration option tls_version

Related to
https://python-nbxmpp.gajim.org/ticket/17
2014-01-27 16:31:08 +01:00
Yann Leboulanger 02df78c9d8 include HTMLParser module in windows build for OTR plugin 2014-01-26 19:36:23 +01:00
Yann Leboulanger ef0e2fbef9 make search button insensitive before we get the search form. Fixes #7631 2014-01-26 08:59:24 +01:00
Fedor Brunner d079272f69 Add new entries from https://xmpp.net/services.xml 2014-01-23 16:29:04 +01:00
Fedor Brunner 016796c70d Sort entries in servers.xml 2014-01-23 16:18:32 +01:00
Fedor Brunner 8092d66929 Reformat the servers.xml using HTML Tidy tool
http://tidy.sourceforge.net/
2014-01-23 15:29:27 +01:00
Fedor Brunner 6588636aa5 Support for sha256 fingerprint.
Fixes #7628
2014-01-21 15:27:41 +01:00
Denis Fomin 9110ad90d5 Set parent for server error dialog in disco 2014-01-18 11:44:25 +04:00
Yann Leboulanger b9ff018a03 add a new event that is sent just before changing status. Fixes #7593 2014-01-14 22:48:51 +01:00
Yann Leboulanger 76d0f16d4a force sending muc invitation to the jid/resource if we're chatting with a specific resource. Fixes #7582 2014-01-13 20:25:07 +01:00
Yann Leboulanger 42619dc5cb change variable name 2014-01-07 19:51:56 +01:00
Yann Leboulanger 7e1fc336cb add paplay to the list of sound players. Fixes #7608 2014-01-05 23:03:43 +01:00
Denis Fomin 720a67c859 "A connection is not available" transient for chat control. Fixes#7098 2014-01-03 14:17:40 +04:00
Denis Fomin 4b33634a0b Copyright 2013>2014 2014-01-02 12:33:54 +04:00
Yann Leboulanger dc6aa56e6a send jabber:iq:last to bare jid when contact is offline. Fixes #7610 2014-01-01 22:32:00 +01:00
Yann Leboulanger 75a5c69871 add a <private> element to message stanza when message carbons is enabled and message is encrypted. Fixes #7616 2014-01-01 20:49:53 +01:00
Yann Leboulanger 309e7caf8a don't crash when we cannot connect to avahi. Fixes #7607 2013-12-31 14:28:24 +01:00
Yann Leboulanger 3cbb9df77b don't crash when Farstream is not installed 2014-03-26 18:23:58 +01:00
Yann Leboulanger e746ca9b1a start havine audio / video. Doesn't work correctly yet 2014-03-25 21:26:57 +01:00
Yann Leboulanger 659c5d2670 fix logic 2014-03-25 14:50:12 +01:00
Yann Leboulanger ca1d2331d8 rename goojim iconset files 2014-03-25 14:46:47 +01:00
Yann Leboulanger fd6689838e make buttons in dialog work 2014-03-23 20:54:54 +01:00
Yann Leboulanger 0d869cb192 merge GTK3 branch in default 2014-03-23 20:03:03 +01:00
Yann Leboulanger 2879d314a1 GLib.threads_init is no more needed 2014-03-23 16:55:45 +01:00
Yann Leboulanger 94af027043 fix banner color 2014-03-23 16:54:00 +01:00
Yann Leboulanger 6176e5c41f better way to handle close button in about dialog 2014-03-23 16:24:59 +01:00
Yann Leboulanger f36dddc8ef Close button in about dialog now work 2014-03-23 11:37:17 +01:00
Yann Leboulanger 9b2e2eb746 GLib.get_current_time is deprecated 2014-03-23 11:36:26 +01:00
Fedor Brunner 7b85094b88 correct for API changes in pyOpenSSL
Fixes #7662
2014-02-18 10:09:03 +01:00
Fedor Brunner 667cd1eb48 Replace the obsolete method warn.
http://docs.python.org/3/library/logging.html

  Note: There is an obsolete method warn which is functionally identical to
  warning. As warn is deprecated, please do not use it - use warning instead.
2014-02-18 09:39:48 +01:00
Fedor Brunner 38f09a4098 Backed out changeset c1f88dc9e4d0 of backed out changeset 4ba5c2f6386e 2014-01-29 16:22:17 +01:00
Fedor Brunner b0357a9692 Backed out changeset 4ba5c2f6386e
I have submitted the 'tls_version' to the incorrect default branch.
The correct submit was done in changeset 15331:b5831b64e5d2 ,
branch gajim_0.16 .
2014-01-29 14:42:14 +01:00
Fedor Brunner 2fd0cbe1d3 Disable TLS tickets (RFC 5077) in OpenSSL Context for XTLS.
More on the effect of TLS tickets:
https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf

Fixes #7638
2014-01-29 14:12:10 +01:00
Fedor Brunner 3b629a52d2 "4096-bit MODP Group" from RFC3526, Section 5.
The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }

RFC3526 specifies a generator of 2.

The generation of the group is described in RFC 2412.

Fixes: #7644
2014-02-17 14:54:20 +01:00
Fedor Brunner 80cc75f575 New set of CA certificates is in cacert.pem, used only on Windows.
These CA certificates were copied from debian ca-certificates, which uses
certificates from Mozilla's trust store.

spi CA certificate has be removed, no server in xmpp.net list uses this
CA certificate.
https://xmpp.net/directory.php

I have removed these CA certificates with 1024-bit RSA public keys,
because Mozilla is planning to remove them in Q1 2014 :

Digital_Signature_Trust_Co._Global_CA_1.crt
Digital_Signature_Trust_Co._Global_CA_3.crt
Entrust.net_Secure_Server_CA.crt
Equifax_Secure_CA.crt
Equifax_Secure_eBusiness_CA_1.crt
Equifax_Secure_Global_eBusiness_CA.crt
GTE_CyberTrust_Global_Root.crt
NetLock_Business_=Class_B=_Root.crt
NetLock_Express_=Class_C=_Root.crt
RSA_Root_Certificate_1.crt
Thawte_Premium_Server_CA.crt
Thawte_Server_CA.crt
ValiCert_Class_1_VA.crt
ValiCert_Class_2_VA.crt
Verisign_Class_1_Public_Primary_Certification_Authority.crt
Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt
Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt
Verisign_Class_3_Public_Primary_Certification_Authority.crt
Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt

See:
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
https://wiki.mozilla.org/CA:MD5and1024

I'm also removing TurkTrust CA certificates because of this security
incident:
https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/

TURKTRUST_Certificate_Services_Provider_Root_1.crt
TURKTRUST_Certificate_Services_Provider_Root_2007.crt
TURKTRUST_Certificate_Services_Provider_Root_2.crt

other/cacert.pem is used only on Windows. On Unix platforms
use CA certificates installed in /etc/ssl/certs
(python-nbxmpp loads CA certificates from /etc/ssl/certs directory)

Fixes #7629
2014-02-17 14:37:29 +01:00
Fedor Brunner d7c8bdc8c4 Add ability to configure TLS protocol version.
add configuration option tls_version

Related to
https://python-nbxmpp.gajim.org/ticket/17
2014-01-27 16:31:08 +01:00
Fedor Brunner 3b0d68d06a Enable use of 2048, 3072, 4096 bit DH groups in ESessions. The 3072-bit DH
group is prefered.
Fixes #7615
2013-12-29 16:00:01 +01:00
Fedor Brunner ec2156ec42 Update entropy gathering for interface changes of pyOpenSSL.
Fixes: #7642
2014-02-17 13:51:45 +01:00
Fedor Brunner 460c62860a Syntax correction for Python3 2014-02-16 22:37:14 +01:00
Yann Leboulanger 58fdefa1d3 gobject -> GLib 2014-02-15 21:11:45 +01:00
Yann Leboulanger 67662ef6c0 unicode() -> str() 2014-02-15 21:09:13 +01:00
Yann Leboulanger 753c727f6e some gtk3 fixes in plugins window 2014-02-15 21:08:54 +01:00
Yann Leboulanger d337aeed4e py2 -> py3 2013-12-30 21:19:15 +01:00
Yann Leboulanger 54c3f9acaa py2 -> py3 2013-12-30 20:56:09 +01:00
Fedor Brunner 66c9ecd6cf Handle "NOTATION_NAME", "NOTATION_DATA" GPG lines. Fixes #7612 2013-12-27 12:42:19 +01:00
Fedor Brunner 4759ef235a ignore address-related errors for getaddrinfo. Fixes #7611
cleanup of jingle_transport.py
2013-12-27 12:16:58 +01:00
Fedor Brunner dcf1c33cc1 cipher specification cleanup
https://trac.gajim.org/ticket/7599
2013-12-23 23:26:54 +01:00
Fedor Brunner 4a360397fe cipher specification cleanup
https://trac.gajim.org/ticket/7599
2013-12-23 23:26:54 +01:00
Yann Leboulanger 5a8d757529 hide some menuitems in private chat context menu. Fixes #7603 2013-12-23 21:39:23 +01:00