adium 5626:4e5db49ec6d9: Merged adium-1.5.8 into adium-1.6.

commits at adium.im commits at adium.im
Fri Jul 5 20:37:23 UTC 2013 

details:	http://hg.adium.im/adium/rev/4e5db49ec6d9
revision:	5626:4e5db49ec6d9
branch:		adium-1.6
author:		Thijs Alkemade <me at thijsalkema.de>
date:		Fri Jul 05 22:37:16 2013 +0200

Merged adium-1.5.8 into adium-1.6.

diffs (94 lines):

diff -r 80b4bd62f0d2 -r 4e5db49ec6d9 .hgtags
--- a/.hgtags	Fri Jul 05 13:53:42 2013 -0400
+++ b/.hgtags	Fri Jul 05 22:37:16 2013 +0200
@@ -6,3 +6,6 @@
 0000000000000000000000000000000000000000 adium-1.5.4
 90a171a6b0fc033ebeba46112223e20fcee0a004 1.5.6
 fc2294917bf61da7cf8c1560db443fe29e2acfb8 1.5.5
+a40ffe152e617ebb603ce3c6677eef0ce00cb1ad 1.5.7
+a40ffe152e617ebb603ce3c6677eef0ce00cb1ad 1.5.7
+c72b164f75a705caf2b01853be031399d10c254e 1.5.7
diff -r 80b4bd62f0d2 -r 4e5db49ec6d9 ChangeLogs/Changes.txt
--- a/ChangeLogs/Changes.txt	Fri Jul 05 13:53:42 2013 -0400
+++ b/ChangeLogs/Changes.txt	Fri Jul 05 22:37:16 2013 +0200
@@ -57,13 +57,18 @@
 - Fixed DNS leaks in libpurple. / Added a "Tor (SOCKS5)" proxy option, which uses the Tor proxy option of libpurple. (#15161)
 - "Proxy bypass when registered jabber handle" (#15957)
 
-Version 1.5.7 (XX/06/2013)
+Version 1.5.7 (7/2/2013)
  * Updated Twitter support. (#16118)
    * Retweets (RTs) now properly display the original author.
    * t.co links are now expanded.
    * Fixed parsing to conform to the standard. (#13947)
- * Removed StatusNet support.
+ * Removed StatusNet support, see http://adium.im/blog/2013/07/adium-1-5-7-released.
+ * Fixed a crash when redrawing the contact list. (#16119)
  * Fixed a bug that could cause SSL connections to be closed prematurely. (#15405, #15411, #15741, #16356)
+ * Fixed the following weaknesses in the SSL code:
+   * Removed all anonymous ciphers from the list Adium tries, these are insecure and would crash Adium.
+   * Removed SSL_RSA_WITH_NULL_MD5 from the list of ciphers, as it doesn't use encryption.
+   * Removed the caching of untrusted certificates, as the implementation would make it easy to replace it with a different certificate when reconnecting.
 
 Version 1.5.6 (3/18/2013)
  * Fixed a crash on startup on 10.6.8.
diff -r 80b4bd62f0d2 -r 4e5db49ec6d9 Plugins/Purple Service/AIPurpleCertificateTrustWarningAlert.m
--- a/Plugins/Purple Service/AIPurpleCertificateTrustWarningAlert.m	Fri Jul 05 13:53:42 2013 -0400
+++ b/Plugins/Purple Service/AIPurpleCertificateTrustWarningAlert.m	Fri Jul 05 22:37:16 2013 +0200
@@ -201,28 +201,6 @@
 	CFRelease(policyRef);
 }
 
-/*
- * Function: SSLSecPolicyCopy
- * Purpose:
- *   Returns a copy of the SSL policy.
- */
-static SecPolicyRef SSLSecPolicyCopy()
-{
-	SecPolicyRef policy = NULL;
-	SecPolicySearchRef policy_search;
-	OSStatus status;
-	
-	status = SecPolicySearchCreate(CSSM_CERT_X_509v3, &CSSMOID_APPLE_TP_SSL, NULL, &policy_search);
-	if (status == noErr) {
-		status = SecPolicySearchCopyNext(policy_search, &policy);
-		if (status != noErr) policy = NULL;
-	}
-
-	CFRelease(policy_search);
-	
-	return policy;
-}
-
 - (void)runTrustPanelOnWindow:(NSWindow *)window
 {
 	SFCertificateTrustPanel *trustPanel = [[SFCertificateTrustPanel alloc] init];
@@ -240,7 +218,7 @@
 	[trustPanel setAlternateButtonTitle:AILocalizedString(@"Cancel",nil)];
 	[trustPanel setShowsHelp:YES];
 
-	SecPolicyRef sslPolicy = SSLSecPolicyCopy();
+	SecPolicyRef sslPolicy = SecPolicyCreateSSL(TRUE, (CFStringRef)hostname);
 	if (sslPolicy) {
 		[trustPanel setPolicies:(id)sslPolicy];
 		CFRelease(sslPolicy);
diff -r 80b4bd62f0d2 -r 4e5db49ec6d9 Plugins/Purple Service/ESSimpleService.m
--- a/Plugins/Purple Service/ESSimpleService.m	Fri Jul 05 13:53:42 2013 -0400
+++ b/Plugins/Purple Service/ESSimpleService.m	Fri Jul 05 22:37:16 2013 +0200
@@ -51,13 +51,13 @@
 	return @"SIP / SIMPLE";
 }
 - (NSCharacterSet *)allowedCharacters{
-	return [NSCharacterSet characterSetWithCharactersInString:@"+abcdefghijklmnopqrstuvwxyz0123456789._-@\\"];
+	return [NSCharacterSet characterSetWithCharactersInString:@"+abcdefghijklmnopqrstuvwxyzABCEDFGHIJKLMNOPQRSTUVWXYZ0123456789._-@\\"];
 }
 - (NSUInteger)allowedLength{
 	return 255;
 }
 - (BOOL)caseSensitive{
-	return NO;
+	return YES;
 }
 - (AIServiceImportance)serviceImportance{
 	return AIServiceSecondary;

More information about the commits mailing list