copyleftie
/
gajim-plural
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
13,694 Commits 5 Branches 0 Tags 56 MiB
Commit Graph

13694 Commits

Author SHA1 Message Date
Fedor Brunner 80cc75f575 New set of CA certificates is in cacert.pem, used only on Windows. 
These CA certificates were copied from debian ca-certificates, which uses
certificates from Mozilla's trust store.

spi CA certificate has be removed, no server in xmpp.net list uses this
CA certificate.
https://xmpp.net/directory.php

I have removed these CA certificates with 1024-bit RSA public keys,
because Mozilla is planning to remove them in Q1 2014 :

Digital_Signature_Trust_Co._Global_CA_1.crt
Digital_Signature_Trust_Co._Global_CA_3.crt
Entrust.net_Secure_Server_CA.crt
Equifax_Secure_CA.crt
Equifax_Secure_eBusiness_CA_1.crt
Equifax_Secure_Global_eBusiness_CA.crt
GTE_CyberTrust_Global_Root.crt
NetLock_Business_=Class_B=_Root.crt
NetLock_Express_=Class_C=_Root.crt
RSA_Root_Certificate_1.crt
Thawte_Premium_Server_CA.crt
Thawte_Server_CA.crt
ValiCert_Class_1_VA.crt
ValiCert_Class_2_VA.crt
Verisign_Class_1_Public_Primary_Certification_Authority.crt
Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt
Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt
Verisign_Class_3_Public_Primary_Certification_Authority.crt
Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt

See:
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
https://wiki.mozilla.org/CA:MD5and1024

I'm also removing TurkTrust CA certificates because of this security
incident:
https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/

TURKTRUST_Certificate_Services_Provider_Root_1.crt
TURKTRUST_Certificate_Services_Provider_Root_2007.crt
TURKTRUST_Certificate_Services_Provider_Root_2.crt

other/cacert.pem is used only on Windows. On Unix platforms
use CA certificates installed in /etc/ssl/certs
(python-nbxmpp loads CA certificates from /etc/ssl/certs directory)

Fixes #7629
 2014-02-17 14:37:29 +01:00
Fedor Brunner d7c8bdc8c4 Add ability to configure TLS protocol version. 
add configuration option tls_version

Related to
https://python-nbxmpp.gajim.org/ticket/17
 2014-01-27 16:31:08 +01:00
Fedor Brunner 3b0d68d06a Enable use of 2048, 3072, 4096 bit DH groups in ESessions. The 3072-bit DH 
group is prefered.
Fixes #7615
 2013-12-29 16:00:01 +01:00
Fedor Brunner ec2156ec42 Update entropy gathering for interface changes of pyOpenSSL. 
Fixes: #7642
 2014-02-17 13:51:45 +01:00
Fedor Brunner 460c62860a Syntax correction for Python3 2014-02-16 22:37:14 +01:00
Yann Leboulanger 58fdefa1d3 gobject -> GLib 2014-02-15 21:11:45 +01:00
Yann Leboulanger 67662ef6c0 unicode() -> str() 2014-02-15 21:09:13 +01:00
Yann Leboulanger 753c727f6e some gtk3 fixes in plugins window 2014-02-15 21:08:54 +01:00
Yann Leboulanger d337aeed4e py2 -> py3 2013-12-30 21:19:15 +01:00
Yann Leboulanger 54c3f9acaa py2 -> py3 2013-12-30 20:56:09 +01:00
Fedor Brunner 66c9ecd6cf Handle "NOTATION_NAME", "NOTATION_DATA" GPG lines. Fixes #7612 2013-12-27 12:42:19 +01:00
Fedor Brunner 4759ef235a ignore address-related errors for getaddrinfo. Fixes #7611 
cleanup of jingle_transport.py
 2013-12-27 12:16:58 +01:00
Fedor Brunner dcf1c33cc1 cipher specification cleanup 
https://trac.gajim.org/ticket/7599
 2013-12-23 23:26:54 +01:00
Fedor Brunner 4a360397fe cipher specification cleanup 
https://trac.gajim.org/ticket/7599
 2013-12-23 23:26:54 +01:00
Yann Leboulanger 5a8d757529 hide some menuitems in private chat context menu. Fixes #7603 2013-12-23 21:39:23 +01:00
Yann Leboulanger 7887f52ed7 Gajim need latest nbxmpp version 2013-12-23 16:56:58 +01:00
Yann Leboulanger 0fb4f69855 don't crash with new nbxmpp 2013-12-23 16:03:39 +01:00
Denis Fomin b3b691c345 Fix typo. Fixes #7598 2013-12-18 20:08:45 +04:00
Yann Leboulanger 65d10de012 include needed files for snarl plugin in windows installer. 2013-12-16 13:18:39 +01:00
Yann Leboulanger 7565fed0ca add missing signal. Fixes #7586 2013-12-14 09:57:50 +01:00
Yann Leboulanger 6e0785964c update die to nbxmpp update 2013-12-06 21:20:22 +01:00
Yann Leboulanger a402c064c5 missing change 2013-12-06 21:29:25 +01:00
Yann Leboulanger d12be64986 minor code improvement 2013-12-06 21:27:53 +01:00
Yann Leboulanger 905f65720e update die to nbxmpp update 2013-12-06 21:20:22 +01:00
Denis Fomin e4244075dc Fix crash when try configure plugin second time. See https://trac-plugins.gajim.org/ticket/86 2013-12-06 12:25:34 +04:00
Yann Leboulanger df11617ddb both sender and receiver request remote SSL certificate, but only if it's a new one. 
Correctly verify remote SSL certificate.
 2013-12-04 18:43:28 +01:00
Yann Leboulanger 6e410b463b show bookmarked rooms in invite to menu when possible. Fixes #4455 2013-12-02 12:17:32 +01:00
Yann Leboulanger 1b0406a814 fix the "do not ask me again" behaviour with untrusted GPG key warning. Fixes #7584 2013-12-01 10:06:38 +01:00
Yann Leboulanger cb98239794 fix adding transport contacts 2013-11-30 15:25:21 +01:00
Yann Leboulanger d3e6e22166 [Dicson] Do not display dialog confirm_metacontacts when using Make CONTACT first contact. Fixes #7576 2013-11-30 10:33:04 +01:00
Yann Leboulanger fbf8fd7ca0 [fedor] fix gpg signature when hash algo is not SHA-1. Fixes #7569 2013-11-30 10:10:39 +01:00
Yann Leboulanger 90847091c5 improve XEP-184 mark colors. see #7476 2013-11-30 10:04:50 +01:00
Yann Leboulanger 395f9575c8 Make threads usable under windows so GPG works correctly. Fixes #7565 2013-11-30 10:00:10 +01:00
Yann Leboulanger a7a8354402 prevent traceback. Fixes #7572 2013-11-30 09:48:18 +01:00
Yann Leboulanger 5095bc6598 support direct invitation (XEP-0249). Fixes #7581 2013-11-28 21:24:17 +01:00
Yann Leboulanger 349048d937 missing return 2013-11-27 18:20:49 +01:00
Yann Leboulanger ffa078ec03 gtk2 -> gtk3 2013-12-30 16:27:47 +01:00
Denis Fomin 9e39f8d01f Change cursor on location icon. Fixes #7570 2013-11-23 11:20:29 +04:00
Denis Fomin 6b35ad79e5 Add emty line to the end of help strings 2013-11-18 22:51:56 +04:00
Yann Leboulanger 8e231c1d4f fix typo. Fixes #7560 2013-11-17 21:52:02 +01:00
Yann Leboulanger fa90c358bb install dh4096.pem file. Fixes #7563 2013-11-17 09:40:21 +01:00
Denis Fomin be40a35a36 Set transient_for 'You are no longer in group chat' 2013-11-16 22:23:13 +04:00
Denis Fomin ef5ba6e83a set transient_for for 'This service does not contain any items to browse.' 2013-11-15 20:23:41 +04:00
Yann Leboulanger 928b7b67ba fix warning message 2013-11-14 21:34:15 +01:00
Yann Leboulanger d4c2fd4da8 [fedor] enable forward secrecy thanks to Diffie-Hellman parameters. Fixes #7555 2013-11-12 21:10:22 +01:00
Yann Leboulanger 7d72b8089a improve manage bookmark jid handling. Fixes #7547 2013-11-11 13:37:16 +01:00
Denis Fomin 190bb38faf Add date to gajim logs. Fixes #7556 2013-11-11 15:43:56 +04:00
Denis Fomin 755c04270f Fix wrong import 2013-11-11 14:27:30 +04:00
Yann Leboulanger 0789b47646 [fedor] use openssl random number generator if available, and improve entropy. Fixes #7550 2013-11-10 08:39:50 +01:00
Denis Fomin 1e68c92bc8 fix var name 2013-11-08 14:06:22 +04:00