Mercurial > pidgin3 / changeset

--- a/ChangeLog	Wed Jan 16 22:06:45 2013 +0200
+++ b/ChangeLog	Sat Jan 26 12:46:00 2013 +0200
@@ -12,11 +12,11 @@
 	libpurple:
 	* Don't link directly to libgcrypt when building with GnuTLS support.
 	  (Bartosz Brachaczek) (#15329)
-	* Fix UPNP mappings on routers that return empty <URLBase/> elements
+	* Fix UPnP mappings on routers that return empty <URLBase/> elements
 	  in their response. (Ferdinand Stehle) (#15373)
 	* Tcl plugin uses saner, race-free plugin loading.
 	* Fix the Tcl signals-test plugin for savedstatus-changed.
-          (Andrew Shadura) (#15443)
+	  (Andrew Shadura) (#15443)

 	Pidgin:
 	* Make Pidgin more friendly to non-X11 GTK+, such as MacPorts' +no_x11
@@ -32,6 +32,7 @@
 	* Print topic setter information at channel join. (#13317)

 	MSN:
+	* Fix SSL certificate issue when signing into MSN for some users.
 	* Fix a crash when removing a user before its icon is loaded. (Mark
 	  Barfield) (#15217)

@@ -45,6 +46,7 @@
 	  still have a pending invite.
 	* The buddy's name was not centered vertically in the buddy-list if they
 	  did not have a status-message or mood set.
+	* Fix decoding of font-size changes in the markup of received messages.

 	Yahoo!:
 	* Fix a double-free in profile/picture loading code. (Mihai Serban)
--- a/Makefile.mingw	Wed Jan 16 22:06:45 2013 +0200
+++ b/Makefile.mingw	Sat Jan 26 12:46:00 2013 +0200
@@ -45,6 +45,7 @@
 STRIPPED_RELEASE_DIR = $(PIDGIN_TREE_TOP)/pidgin-$(PIDGIN_VERSION)-win32bin
 DEBUG_SYMBOLS_DIR = $(PIDGIN_TREE_TOP)/pidgin-$(PIDGIN_VERSION)-dbgsym

+PIDGIN_INST_DEP_DIR="$(WIN32_DEV_TOP)/pidgin-inst-deps-20120910"

 # Any *.dll or *.exe files included in win32-install-dir that we don't compile
 # should be included in this list so they don't get stripped
@@ -67,7 +68,6 @@
 	libssp-0.dll \
 	libxml2-2.dll \
 	nss3.dll \
-	nssckbi.dll \
 	nssutil3.dll \
 	saslANONYMOUS.dll \
 	saslCRAMMD5.dll \
@@ -108,7 +108,7 @@
 	cp $(GTKSPELL_TOP)/bin/libgtkspell-0.dll $(PIDGIN_INSTALL_DIR)/spellcheck
 	cp $(ENCHANT_TOP)/bin/libenchant.dll $(PIDGIN_INSTALL_DIR)/spellcheck
 	cp -R $(ENCHANT_TOP)/lib/enchant/*.dll $(PIDGIN_INSTALL_DIR)/spellcheck/lib/enchant
-	cp $(WIN32_DEV_TOP)/pidgin-inst-deps-20100315/exchndl.dll $(PIDGIN_INSTALL_DIR)
+	cp $(PIDGIN_INST_DEP_DIR)/exchndl.dll $(PIDGIN_INSTALL_DIR)
 	cp $(GCC_SSP_TOP)/bin/libssp-0.dll $(PIDGIN_INSTALL_DIR)

 gtk_runtime_zip:
--- a/libpurple/imgstore.c	Wed Jan 16 22:06:45 2013 +0200
+++ b/libpurple/imgstore.c	Sat Jan 26 12:46:00 2013 +0200
@@ -43,9 +43,9 @@
 {
 	int id;
 	guint8 refcount;
-	size_t size;		/**< The image data's size.	*/
-	char *filename;		/**< The filename (for the UI)	*/
-	gpointer data;		/**< The image data.		*/
+	size_t size;     /**< The image data's size. */
+	char *filename;  /**< The filename (for the UI) */
+	gpointer data;   /**< The image data. */
 };

 PurpleStoredImage *
@@ -89,23 +89,26 @@
 purple_imgstore_add_with_id(gpointer data, size_t size, const char *filename)
 {
 	PurpleStoredImage *img = purple_imgstore_add(data, size, filename);
-	if (img) {
-		/*
-		 * Use the next unused id number.  We do it in a loop on the
-		 * off chance that nextid wraps back around to 0 and the hash
-		 * table still contains entries from the first time around.
-		 */
-		do {
-			img->id = ++nextid;
-		} while (img->id == 0 || g_hash_table_lookup(imgstore, &(img->id)) != NULL);
-
-		g_hash_table_insert(imgstore, &(img->id), img);
+	if (!img) {
+		return 0;
 	}

-	return (img ? img->id : 0);
+	/*
+	 * Use the next unused id number.  We do it in a loop on the
+	 * off chance that nextid wraps back around to 0 and the hash
+	 * table still contains entries from the first time around.
+	 */
+	do {
+		img->id = ++nextid;
+	} while (img->id == 0 || g_hash_table_lookup(imgstore, &(img->id)) != NULL);
+
+	g_hash_table_insert(imgstore, &(img->id), img);
+
+	return img->id;
 }

-PurpleStoredImage *purple_imgstore_find_by_id(int id) {
+PurpleStoredImage *purple_imgstore_find_by_id(int id)
+{
 	PurpleStoredImage *img = g_hash_table_lookup(imgstore, &id);

 	if (img != NULL)
@@ -114,7 +117,8 @@
 	return img;
 }

-gconstpointer purple_imgstore_get_data(PurpleStoredImage *img) {
+gconstpointer purple_imgstore_get_data(PurpleStoredImage *img)
+{
 	g_return_val_if_fail(img != NULL, NULL);

 	return img->data;
--- a/libpurple/imgstore.h	Wed Jan 16 22:06:45 2013 +0200
+++ b/libpurple/imgstore.h	Sat Jan 26 12:46:00 2013 +0200
@@ -29,8 +29,10 @@

 #include <glib.h>

-/** A reference-counted immutable wrapper around an image's data and its
- *  filename.
+/**
+ * A set of utility functions that provide a reference-counted immutable
+ * wrapper around an image's data and filename.  These functions do not
+ * cache any data to disk.
  */
 typedef struct _PurpleStoredImage PurpleStoredImage;

@@ -39,59 +41,73 @@
 #endif

 /**
- * Add an image to the store.
+ * Create a new PurpleStoredImage.
  *
- * The caller owns a reference to the image in the store, and must dereference
- * the image with purple_imgstore_unref() for it to be freed.
+ * Despite the name of this function, the image is NOT added to the image
+ * store and no ID is assigned.  If you need to reference the image by an
+ * ID, use purple_imgstore_add_with_id() instead.
  *
- * No ID is allocated when using this function.  If you need to reference the
- * image by an ID, use purple_imgstore_add_with_id() instead.
+ * The caller owns a reference to this image and must dereference it with
+ * purple_imgstore_unref() for it to be freed.
  *
- * @param data		Pointer to the image data, which the imgstore will take
- *                      ownership of and free as appropriate.  If you want a
- *                      copy of the data, make it before calling this function.
- * @param size		Image data's size.
- * @param filename	Filename associated with image.  This is for your
+ * @param data      Pointer to the image data, which the imgstore will take
+ *                  ownership of and free as appropriate.  If you want a
+ *                  copy of the data, make it before calling this function.
+ * @param size      Image data's size.
+ * @param filename  Filename associated with image.  This is for your
  *                  convenience.  It could be the full path to the
  *                  image or, more commonly, the filename of the image
  *                  without any directory information.  It can also be
  *                  NULL, if you don't need to keep track of a filename.
  *
- * @return The stored image.
+ * @return The stored image, or NULL if the image was not added (because of
+ *         empty data or size).
  */
 PurpleStoredImage *
 purple_imgstore_add(gpointer data, size_t size, const char *filename);

 /**
- * Create an image and add it to the store.
+ * Create a PurpleStoredImage using purple_imgstore_add() by reading the
+ * given filename from disk.
+ *
+ * The image is not added to the image store and no ID is assigned.  If you
+ * need to reference the image by an ID, use purple_imgstore_add_with_id()
+ * instead.
+ *
+ * The caller owns a reference to this image and must dereference it with
+ * purple_imgstore_unref() for it to be freed.
  *
  * @param path  The path to the image.
  *
- * @return  The stored image.
- * @since 2.X.X
+ * @return The stored image, or NULL if the image was not added (because of
+ *         empty data or size).
+ *
+ * @since 2.5.0
  */
 PurpleStoredImage *
 purple_imgstore_new_from_file(const char *path);

 /**
- * Add an image to the store, allocating an ID.
- *
- * The caller owns a reference to the image in the store, and must dereference
- * the image with purple_imgstore_unref_by_id() or purple_imgstore_unref()
- * for it to be freed.
+ * Create a PurpleStoredImage using purple_imgstore_add() and add the
+ * image to the image store.  A unique ID will be assigned to the image.
  *
- * @param data		Pointer to the image data, which the imgstore will take
- *                      ownership of and free as appropriate.  If you want a
- *                      copy of the data, make it before calling this function.
- * @param size		Image data's size.
- * @param filename	Filename associated with image.  This is for your
+ * The caller owns a reference to the image and must dereference it with
+ * purple_imgstore_unref() or purple_imgstore_unref_by_id() for it to be
+ * freed.
+ *
+ * @param data      Pointer to the image data, which the imgstore will take
+ *                  ownership of and free as appropriate.  If you want a
+ *                  copy of the data, make it before calling this function.
+ * @param size      Image data's size.
+ * @param filename  Filename associated with image.  This is for your
  *                  convenience.  It could be the full path to the
  *                  image or, more commonly, the filename of the image
  *                  without any directory information.  It can also be
  *                  NULL, if you don't need to keep track of a filename.
-
+ *
  * @return ID for the image.  This is a unique number that can be used
- *         within libpurple to reference the image.
+ *         within libpurple to reference the image.  0 is returned if the
+ *         image was not added (because of empty data or size).
  */
 int purple_imgstore_add_with_id(gpointer data, size_t size, const char *filename);

@@ -99,7 +115,7 @@
  * Retrieve an image from the store. The caller does not own a
  * reference to the image.
  *
- * @param id		The ID for the image.
+ * @param id The ID for the image.
  *
  * @return A pointer to the requested image, or NULL if it was not found.
  */
@@ -108,7 +124,7 @@
 /**
  * Retrieves a pointer to the image's data.
  *
- * @param img	The Image
+ * @param img The Image.
  *
  * @return A pointer to the data, which must not
  *         be freed or modified.
@@ -118,7 +134,7 @@
 /**
  * Retrieves the length of the image's data.
  *
- * @param img	The Image
+ * @param img The Image.
  *
  * @return The size of the data that the pointer returned by
  *         purple_imgstore_get_data points to.
@@ -128,7 +144,7 @@
 /**
  * Retrieves a pointer to the image's filename.
  *
- * @param img	The image
+ * @param img The image.
  *
  * @return A pointer to the filename, which must not
  *         be freed or modified.
@@ -139,7 +155,7 @@
  * Looks at the magic numbers of the image data (the first few bytes)
  * and returns an extension corresponding to the image's file type.
  *
- * @param img  The image.
+ * @param img The image.
  *
  * @return The image's extension (for example "png") or "icon"
  *         if unknown.
@@ -175,7 +191,7 @@
  * purple_imgstore_ref(), so if you have a PurpleStoredImage, it'll
  * be more efficient to call purple_imgstore_ref() directly.
  *
- * @param id		The ID for the image.
+ * @param id The ID for the image.
  */
 void purple_imgstore_ref_by_id(int id);

@@ -186,7 +202,7 @@
  * purple_imgstore_unref(), so if you have a PurpleStoredImage, it'll
  * be more efficient to call purple_imgstore_unref() directly.
  *
- * @param id		The ID for the image.
+ * @param id The ID for the image.
  */
 void purple_imgstore_unref_by_id(int id);
--- a/libpurple/plugins/ssl/Makefile.mingw	Wed Jan 16 22:06:45 2013 +0200
+++ b/libpurple/plugins/ssl/Makefile.mingw	Sat Jan 26 12:46:00 2013 +0200
@@ -19,7 +19,6 @@
 			$(NSS_TOP)/lib/libplc4.dll \
 			$(NSS_TOP)/lib/libplds4.dll \
 			$(NSS_TOP)/lib/nss3.dll \
-			$(NSS_TOP)/lib/nssckbi.dll \
 			$(NSS_TOP)/lib/nssutil3.dll \
 			$(NSS_TOP)/lib/smime3.dll \
 			$(NSS_TOP)/lib/softokn3.dll \
--- a/libpurple/plugins/ssl/ssl-nss.c	Wed Jan 16 22:06:45 2013 +0200
+++ b/libpurple/plugins/ssl/ssl-nss.c	Sat Jan 26 12:46:00 2013 +0200
@@ -125,18 +125,8 @@
 static void
 ssl_nss_init_nss(void)
 {
-	char *lib;
 	PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
 	NSS_NoDB_Init(".");
-
-	/* TODO: Fix this so autoconf does the work trying to find this lib. */
-#ifndef _WIN32
-	lib = g_strdup(LIBDIR "/libnssckbi.so");
-#else
-	lib = g_strdup("nssckbi.dll");
-#endif
-	SECMOD_AddNewModule("Builtins", lib, 0, 0);
-	g_free(lib);
 	NSS_SetDomesticPolicy();

 	SSL_CipherPrefSetDefault(TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 1);
--- a/libpurple/protocols/bonjour/bonjour_ft.c	Wed Jan 16 22:06:45 2013 +0200
+++ b/libpurple/protocols/bonjour/bonjour_ft.c	Sat Jan 26 12:46:00 2013 +0200
@@ -33,7 +33,7 @@
 static void
 bonjour_bytestreams_init(PurpleXfer *xfer);
 static void
-bonjour_bytestreams_connect(PurpleXfer *xfer, PurpleBuddy *pb);
+bonjour_bytestreams_connect(PurpleXfer *xfer);
 static void
 bonjour_xfer_init(PurpleXfer *xfer);
 static void
@@ -280,6 +280,25 @@
 	xep_iq_send_and_free(iq);
 }

+/**
+ * Frees the whole tree of an xml node
+ *
+ * First determines the root of the xml tree and then frees the whole tree
+ * from there.
+ *
+ * @param node	The node to free the tree from
+ */
+static void
+xmlnode_free_tree(xmlnode *node)
+{
+	g_return_if_fail(node != NULL);
+
+	while(xmlnode_get_parent(node))
+		node = xmlnode_get_parent(node);
+
+	xmlnode_free(node);
+}
+
 static void
 bonjour_free_xfer(PurpleXfer *xfer)
 {
@@ -310,6 +329,9 @@
 		g_free(xf->proxy_host);
 		g_free(xf->buddy_ip);
 		g_free(xf->sid);
+
+		xmlnode_free_tree(xf->streamhost);
+
 		g_free(xf);
 		xfer->data = NULL;
 	}
@@ -440,7 +462,7 @@
 		if (si && (profile = xmlnode_get_attrib(si, "profile"))
 				&& !strcmp(profile, "http://jabber.org/protocol/si/profile/file-transfer")) {
 			const char *filename = NULL, *filesize_str = NULL;
-			int filesize = 0;
+			goffset filesize = 0;
 			xmlnode *file;

 			const char *sid = xmlnode_get_attrib(si, "id");
@@ -448,7 +470,7 @@
 			if ((file = xmlnode_get_child(si, "file"))) {
 				filename = xmlnode_get_attrib(file, "name");
 				if((filesize_str = xmlnode_get_attrib(file, "size")))
-					filesize = atoi(filesize_str);
+					filesize = g_ascii_strtoll(filesize_str, NULL, 10);
 			}

 			/* TODO: Make sure that it is advertising a bytestreams transfer */
@@ -546,20 +568,98 @@
 	return !strcmp(host, buddy_ip);
 }

+static inline gint
+xep_addr_differ(const char *buddy_ip, const char *host)
+{
+	return !xep_cmp_addr(host, buddy_ip);
+}
+
+/**
+ * Create and insert an identical twin
+ *
+ * Creates a copy of the specified node and inserts it right after
+ * this original node.
+ *
+ * @param node	The node to clone
+ * @return	A pointer to the new, cloned twin if successful
+ *		or NULL otherwise.
+ */
+static xmlnode *
+xmlnode_insert_twin_copy(xmlnode *node) {
+	xmlnode *copy;
+
+	g_return_val_if_fail(node != NULL, NULL);
+
+	copy = xmlnode_copy(node);
+	g_return_val_if_fail(copy != NULL, NULL);
+
+	copy->next = node->next;
+	node->next = copy;
+
+	return copy;
+}
+
+/**
+ * Tries to append an interface scope to an IPv6 link local address.
+ *
+ * If the given address is a link local IPv6 address (with no
+ * interface scope) then we try to determine all fitting interfaces
+ * from our Bonjour IP address list.
+ *
+ * For any such found matches we insert a copy of our current xml
+ * streamhost entry right after this streamhost entry and append
+ * the determined interface to the host address of this copy.
+ *
+ * @param cur_streamhost	The XML streamhost node we examine
+ * @param host	The host address to examine in text form
+ * @param pb	Buddy to get the list of link local IPv6 addresses
+ *		and their interface from
+ * @return	Returns TRUE if the specified 'host' address is a
+ *		link local IPv6 address with no interface scope.
+ *		Otherwise returns FALSE.
+ */
 static gboolean
-__xep_bytestreams_parse(PurpleBuddy *pb, PurpleXfer *xfer, xmlnode *query,
+add_ipv6_link_local_ifaces(xmlnode *cur_streamhost, const char *host,
+			   const PurpleBuddy *pb) {
+	xmlnode *new_streamhost = NULL;
+	struct in6_addr in6_addr;
+	BonjourBuddy *bb;
+	GSList *ip_elem;
+
+	if (inet_pton(AF_INET6, host, &in6_addr) != 1 ||
+	    !IN6_IS_ADDR_LINKLOCAL(&in6_addr) ||
+	    strchr(host, '%'))
+		return FALSE;
+
+	bb = purple_buddy_get_protocol_data(pb);
+
+	for (ip_elem = bb->ips;
+	     (ip_elem = g_slist_find_custom(ip_elem, host, (GCompareFunc)&xep_addr_differ));
+	     ip_elem = ip_elem->next) {
+		purple_debug_info("bonjour", "Inserting an xmlnode twin copy for %s with new host address %s\n",
+				  host, (char*)ip_elem->data);
+		new_streamhost = xmlnode_insert_twin_copy(cur_streamhost);
+		xmlnode_set_attrib(new_streamhost, "host", ip_elem->data);
+	}
+
+	if (!new_streamhost)
+		purple_debug_info("bonjour", "No interface for this IPv6 link local address found: %s\n",
+				  host);
+
+	return TRUE;
+}
+
+static gboolean
+__xep_bytestreams_parse(PurpleBuddy *pb, PurpleXfer *xfer, xmlnode *streamhost,
 			const char *iq_id)
 {
+	char *tmp_iq_id;
 	const char *jid, *host, *port;
 	int portnum;
-	xmlnode *streamhost;
 	XepXfer *xf = NULL;

 	xf = (XepXfer*)xfer->data;
-	for(streamhost = xmlnode_get_child(query, "streamhost");
-			streamhost;
-			streamhost = xmlnode_get_next_twin(streamhost)) {
-
+	for(; streamhost; streamhost = xmlnode_get_next_twin(streamhost)) {
 		if(!(jid = xmlnode_get_attrib(streamhost, "jid")) ||
 		   !(host = xmlnode_get_attrib(streamhost, "host")) ||
 		   !(port = xmlnode_get_attrib(streamhost, "port")) ||
@@ -568,29 +668,36 @@
 			continue;
 		}

-		if(!xep_cmp_addr(host, xf->buddy_ip))
+		/* skip IPv6 link local addresses with no interface scope
+		 * (but try to add a new one with an interface scope then) */
+		if(add_ipv6_link_local_ifaces(streamhost, host, pb))
 			continue;

+		tmp_iq_id = g_strdup(iq_id);
 		g_free(xf->iq_id);
-		xf->iq_id = g_strdup(iq_id);
+		g_free(xf->jid);
+		g_free(xf->proxy_host);
+
+		xf->iq_id = tmp_iq_id;
 		xf->jid = g_strdup(jid);
-		xf->proxy_host = g_strdup(xf->buddy_ip);
+		xf->proxy_host = g_strdup(host);
 		xf->proxy_port = portnum;
+		xf->streamhost = streamhost;
+		xf->pb = pb;
 		purple_debug_info("bonjour", "bytestream offer parse"
 				  "jid=%s host=%s port=%d.\n", jid, host, portnum);
-		bonjour_bytestreams_connect(xfer, pb);
+		bonjour_bytestreams_connect(xfer);
 		return TRUE;
 	}

 	return FALSE;
 }

-
 void
 xep_bytestreams_parse(PurpleConnection *pc, xmlnode *packet, PurpleBuddy *pb)
 {
 	const char *type, *from, *iq_id, *sid;
-	xmlnode *query;
+	xmlnode *query, *streamhost;
 	BonjourData *bd;
 	PurpleXfer *xfer;

@@ -610,6 +717,10 @@
 	if(!type)
 		return;

+	query = xmlnode_copy(query);
+	if (!query)
+		return;
+
 	if(strcmp(type, "set")) {
 		purple_debug_info("bonjour", "bytestream offer Message type - Unknown-%s.\n", type);
 		return;
@@ -621,7 +732,9 @@

 	sid = xmlnode_get_attrib(query, "sid");
 	xfer = bonjour_si_xfer_find(bd, sid, from);
-	if(xfer && __xep_bytestreams_parse(pb, xfer, query, iq_id))
+	streamhost = xmlnode_get_child(query, "streamhost");
+
+	if(xfer && streamhost && __xep_bytestreams_parse(pb, xfer, streamhost, iq_id))
 		return; /* success */

 	purple_debug_error("bonjour", "Didn't find an acceptable streamhost.\n");
@@ -874,15 +987,22 @@
 	XepIq *iq;
 	xmlnode *q_node, *tmp_node;
 	BonjourData *bd;
+	gboolean ret = FALSE;

 	xf->proxy_connection = NULL;

 	if(source < 0) {
-		purple_debug_error("bonjour", "Error connecting via SOCKS5 - %s\n",
-			error_message ? error_message : "(null)");
-		xep_ft_si_reject(xf->data, xf->iq_id, xfer->who, "404", "cancel");
-		/* Cancel the connection */
-		purple_xfer_cancel_local(xfer);
+		purple_debug_error("bonjour", "Error connecting via SOCKS5 to %s - %s\n",
+			xf->proxy_host, error_message ? error_message : "(null)");
+
+		tmp_node = xmlnode_get_next_twin(xf->streamhost);
+		ret = __xep_bytestreams_parse(xf->pb, xfer, tmp_node, xf->iq_id);
+
+		if (!ret) {
+			xep_ft_si_reject(xf->data, xf->iq_id, purple_xfer_get_remote_user(xfer), "404", "cancel");
+			/* Cancel the connection */
+			purple_xfer_cancel_local(xfer);
+		}
 		return;
 	}

@@ -904,8 +1024,9 @@
 }

 static void
-bonjour_bytestreams_connect(PurpleXfer *xfer, PurpleBuddy *pb)
+bonjour_bytestreams_connect(PurpleXfer *xfer)
 {
+	PurpleBuddy *pb;
 	PurpleAccount *account = NULL;
 	XepXfer *xf;
 	char dstaddr[41];
@@ -923,6 +1044,7 @@
 	if(!xf)
 		return;

+	pb = xf->pb;
 	name = purple_buddy_get_name(pb);
 	account = purple_buddy_get_account(pb);
--- a/libpurple/protocols/bonjour/bonjour_ft.h	Wed Jan 16 22:06:45 2013 +0200
+++ b/libpurple/protocols/bonjour/bonjour_ft.h	Sat Jan 26 12:46:00 2013 +0200
@@ -50,6 +50,8 @@
 	char *jid;
 	char *proxy_host;
 	int proxy_port;
+	xmlnode *streamhost;
+	PurpleBuddy *pb;
 };

 /**


--- a/libpurple/win32/global.mak	Wed Jan 16 22:06:45 2013 +0200
+++ b/libpurple/win32/global.mak	Sat Jan 26 12:46:00 2013 +0200
@@ -90,7 +90,7 @@

 DEFINES += -DHAVE_CONFIG_H -DWIN32_LEAN_AND_MEAN

-CFLAGS += -O2 -Wall $(GCCWARNINGS) $(CC_HARDENING_OPTIONS) -pipe -mno-cygwin -mms-bitfields -g
+CFLAGS += -O2 -Wall $(GCCWARNINGS) $(CC_HARDENING_OPTIONS) -pipe -mms-bitfields -g

 # If not specified, dlls are built with the default base address of 0x10000000.
 # When loaded into a process address space a dll will be rebased if its base
--- a/pidgin/win32/gtkwin32dep.c	Wed Jan 16 22:06:45 2013 +0200
+++ b/pidgin/win32/gtkwin32dep.c	Sat Jan 26 12:46:00 2013 +0200
@@ -171,10 +171,19 @@
 }

 void winpidgin_notify_uri(const char *uri) {
-	/* We'll allow whatever URI schemes are supported by the
-	 * default http browser.
+	/* Allow a few commonly used and "safe" schemes to go to the specific
+	 * class handlers and send everything else to the default http browser.
+	 * This isn't optimal, but should cover the most common cases. I didn't
+	 * see any better secure solutions when I did some research.
 	 */
-	winpidgin_shell_execute(uri, "open", "http");
+	gchar *scheme = g_uri_parse_scheme(uri);
+	if (scheme && (g_ascii_strcasecmp(scheme, "https") == 0
+			|| g_ascii_strcasecmp(scheme, "ftp") == 0
+			|| g_ascii_strcasecmp(scheme, "mailto") == 0))
+		winpidgin_shell_execute(uri, "open", scheme);
+	else
+		winpidgin_shell_execute(uri, "open", "http");
+	g_free(scheme);
 }

 #define PIDGIN_WM_FOCUS_REQUEST (WM_APP + 13)
--- a/pidgin/win32/nsis/pidgin-installer.nsi	Wed Jan 16 22:06:45 2013 +0200
+++ b/pidgin/win32/nsis/pidgin-installer.nsi	Sat Jan 26 12:46:00 2013 +0200
@@ -643,7 +643,6 @@
     Delete "$INSTDIR\libymsg.dll"
     Delete "$INSTDIR\nss3.dll"
     Delete "$INSTDIR\nssutil3.dll"
-    Delete "$INSTDIR\nssckbi.dll"
     Delete "$INSTDIR\pidgin.dll"
     Delete "$INSTDIR\pidgin.exe"
     Delete "$INSTDIR\smime3.dll"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/share/ca-certs/Baltimore_CyberTrust_Root.pem	Sat Jan 26 12:46:00 2013 +0200
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
+RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
+VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
+DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
+ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
+VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
+mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
+IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
+mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
+XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
+dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
+jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
+BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
+DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
+9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
+jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
+Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
+ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
+R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
+-----END CERTIFICATE-----
--- a/share/ca-certs/Makefile.am	Wed Jan 16 22:06:45 2013 +0200
+++ b/share/ca-certs/Makefile.am	Sat Jan 26 12:46:00 2013 +0200
@@ -1,6 +1,7 @@
 CERTIFICATES = \
 		AddTrust_External_Root.pem \
 		America_Online_Root_Certification_Authority_1.pem \
+		Baltimore_CyberTrust_Root.pem \
 		CAcert_Root.pem \
 		CAcert_Class3.pem \
 		Deutsche_Telekom_Root_CA_2.pem \
libpurple/protocols/mxit/markup.c		file \| annotate \| diff \| comparison \| revisions
libpurple/protocols/mxit/protocol.c		file \| annotate \| diff \| comparison \| revisions
libpurple/protocols/mxit/protocol.h		file \| annotate \| diff \| comparison \| revisions