summaryrefslogtreecommitdiff
path: root/chat
AgeCommit message (Collapse)AuthorFilesLines
2008-07-14Mark as destdir ready.joerg15-17/+46
2008-07-13Update MASTER_SITES (now sourceforge; bitchx.org no longer works),dholland1-4/+2
from Zafer Aydogan in followup to PR pkg/35117.
2008-07-13Upgrade silc-client to version 1.1.4. This fixes two security issues andtonnerre11-116/+124
various character set problems. The security issues fixed: * NICK_CHANGE buffer overflow: CVE-2007-3728. * pkcs_decode buffer overflow: CORE-2007-1212. Changes since version 1.0.4.1: - Fixed NEW_CLIENT packet handling crash. - Fixed partial encryption in CTR mode in AES. - Fixed printable fingerprint buffer overflow. - Fixed UNIX signal delivery il SILC scheduler. - Reprocess JOIN command synchronously after resolving channel user list. - In JOIN command reply check if the channel key is already saved. - Remove all channel keys and hmacs after giving LEAVE command. - Added missing channel unreferencing in CMODE, CUMODE, TOPIC, INVITE, BAN and KICK command replies. - Fixed connection authentication with public keys to use correct public key as responder. - Zero tail of CTR mode IV in IV Included mode. - Fixed CTR mode rekey. - Rewrote the IV Included CTR mode encryption/decryption in packet engine. - Fixed non-IPv6 compilation error. - Fixed channel private key deleting when deleting the channel. - Fixed TIMEOUT handling in user info resolving during JOINing, fixes crash. - Fixed mandatory UN and HN SILC public key identifier checking. - Fixed alignment issues with 64-bit CPUs. - Added "There are now xx nick's" to "are xx nicks". - Fixed USERS command user mode handling (integer overflow). - Fixed big-endian issues from aes implementation. - Fixed lib/silcutil/silcatomic.h compilation on IA64. - Fixed public key identifier parsing to check lengths correctly. - In silc_client_free check that scheduler is allocated before trying to free it. - Fixed buffer overflow in NICK_CHANGE notify. The destination buffer for old nicknames was too small. - Added support for rekey with PFS when using CTR mode encryption. - Added silc_idcache_move that can be used to move entries between caches. - Added better checks for invalid argument and notify payloads. - Fixed SILC_PACKET_FLAG_LONG_PAD bitmask value. - Set the destination ID to packet stream as SKE responder if ID was present in key exchange packet. - Compile sources with _GNU_SOURCE on Linux systems. - Fixed Unix signal task dispatching to not lock the signals when dispatching the callback to avoid deadlocks. - Added SILC_VERSION macro for checking package versions at compile time. - Use SILC_VERIFY to assert that silc_rwlock_wrlock can be called only once per thread on Unix. - Fixed USERS command reply write-lock unlocking. - Fixed silc_create_key_pair to check for valid identifier. - Rewrite signed public message handling, adopting the new hilight interface. - Fix off by one error when loading modules. - Don't delete hilight entry (because it's just a pointer, not a copy). - Added __SILC_TOOLKIT_x_x_x macro to all Toolkit distribution which can be used to check for Toolkit version in third-party software. - Added support for channel@server channel name strings to client library (SILC protocol version 1.3 change). - Added full_nicknames and full_channel_names settings to SilcClientParams that can be used to specify whether client library returns full nickname and channel name strings. Full strings are nick@server and channel@server. - Fixed unix connecting failure to return error code correctly. - Fixed SKE timeout double free crash. - Fixed MIME multipart decoding buffer overflow. - Fixed connection auth protocol timeout crash. - Fixed FSM machine finishing to check for existing threads at the final free callback to allow time for the threads to finish. - Fixed silc_client_get_clients_local to check the nick's server also if nick@server nickname string is given to the function. - And many more, oh well. For the user this means: better charset support, less crashes, nick names now potentially user#23, server specific channels and more sanity. Talked over a while ago with wiz with no objections.
2008-07-11Update pidgin and friends to 2.4.3. Done during pkgsrc freeze because of:tnn8-28/+31
i) CVE-2008-2927 fix ii) the previous version was being rejected from the ICQ network. version 2.4.3 (07/01/2008): libpurple: * Yahoo! Japan now uses UTF-8, matching the behavior of official clients and restoring compatibility with the web messenger (Yusuke Odate) * Setting your buddy icon once again works for Yahoo! accounts. * Fixes in the Yahoo! protocol to prevent a double free, crashes on aliases, and alias functionality * Fix crashes in the bonjour protocol * Always use UTF-8 for Yahoo! (#5973) * Fix a crash when the given jabber id is invalid. * Make the IRC "unknown message" debugging messages UTF-8 safe. * Fix connecting to ICQ * Fix a memleak when handling jabber xforms. Pidgin: * Include the send button plugin in the win32 build * Various memory leak fixes
2008-07-06Add patches for two longstanding security issues in bitchx:tonnerre4-3/+104
- CVE-2007-5839: e_hostname uses mktempnam in an unsafe manner. - CVE-2007-4584: p_mode classic buffer overflow using a static string.
2008-07-03Resolve pkg/39077 by updating to 1.27smb2-7/+6
Version 1.27 * Cleaned up the buddy "Get Info" screen a bit * Fixed up a couple of compiler warnings * You are now hidden on your own contact list by default Version 1.26 * A few minor security fixes * Incomming messages with HTML-like text are displayed properly * Usernames and passwords with funny characters (like +) in them should work Version 1.25 * Plugin will automatically reconnect if the messages stop downloading * Logging you out of the plugin wont log you out of Facebook * Buddies will appear online when typing and sending messages to you * No DNS lookups for proxies Version 1.24 * Some fixes to the friends search * Messages can be auto-resent if they don't get through (buddy offline etc) Version 1.23 * You can now search for friends from the account menu (Account->Facebook->Search for friends...) Version 1.22 * Fixed receiving multiple notifications * Local alias in Pidgin will be set if you havn't set it Version 1.21 * Notifications (Inbox/Friends) appear as new emails in Pidgin
2008-07-02Add missing 'pkg-config' to USE_TOOLSsmb1-1/+3
2008-06-30 - Handle ncurses dependency properly, eliminating unintentional inclusionbjs4-10/+27
of mk/curses.b3.mk after devel/ncurses/b3.mk. - Define DATADIR correctly so that it knows where to look for help files. - Remove quotes around DOCS_PATH in snprintf() call so that smirk can actually open the help files. - Bump PKGREVISION.
2008-06-24Correct COMMENT linesmb1-2/+3
2008-06-24Add new pidgin pluginssmb1-1/+3
2008-06-23Add initial package for pidgin-facebookchat. The Makefile is ugly,smb5-0/+76
but so is the underlying code...
2008-06-22Update from version 1.26 to version 2.0. Changes:he2-12/+9
2.0 === - All of the core functionality has moved into Net::XMPP. It provides the connection, messages, iq, and presence. Net::Jabber now just provides the extensions that the JEPs define and that are truly Jabber and not XMPP. 1.30 ==== - Added initial support for XMPP 1.0 via XML::Stream 1.18. - Locked version of XML::Stream to 1.18. - Changed connectiontimeout to just timeout in the Connect function. - Hey, here's a good idea. Instead of copying the function hash out of each namespace why not just use a refrence... duh... This might make things a little faster and use a smidge less memory. Just a little thought. - Fixed a taint problem with an eval and the xmlns read from the socket. - Fixed some -w warnings. - Updated client test to user newer methods and create the test account. - Added password to MUCJoin. - Fixed typo in DefineNamespace. - Added Tree Transfer (JEP-105) 1.29 ==== - Added PubSub (JEP-60) - Added documentation for most of the below. - Added in a basic basic support for SOAP (JEP-72). You can dump in rawxml and get it back out. - Looking into using contants for the namespaces, but they don't work in hashes. =( - Removed jabber:x:sxpm (it was never used). - Added initial (low level) support for Commands (JEP-50). - Added initial (low level) support for FNeg (JEP-20), Disco (JEP-30), Bytestream (JEP-65), SI (JEP-95), and FT-Profile (JEP-96). - Made Client, Component, and Server inherit from Protocol instead of AUTOLOADing. Why didn't I do this in the beginning? - Added function RosterRequest to let the user handle processing the roster in their own callback and not return a hash. - Added function PresenceDBClear that will clear out the presence database. - Added check to see if Process generated an error, and then was called again (bad thing). - Moved Process into Client.pm, Component.pm, and Server.pm. - Locked version of XML::Stream to 1.17. - Fixed typos in the Protocol help. 1.28 ==== - Fixed bug in XPathDefined which caused the main iq callback function to not work. Show stopper bug. - Fixed iq:time test. 1.27 ==== - Update examples/client scripts to include an xpath based example. - Added support for XPath based callbacks. - Updated x:data to match the call for experience. - Requires perl 5.6 in an attempt to get Unicode support. - Added finer callback support for presence and message based on type. - Minor tweak to NOT remove an unknown xmlns packet (duh...) - Fixed bug in JID. - Updated DefineNamespace to handle most old style, and all new style. - Locked version of XML::Stream to 1.16. - Major recore due to XML::Stream::Node and XPath. - Moved from XML::Stream::Hash to XML::Stream::Node. - Fixed XDB Reply error. - Uninitialized value round up.
2008-06-21Initial commit of plug-in to render latex as imagessmb4-0/+41
2008-06-20Add DESTDIR support.joerg6-9/+21
2008-06-17Update to 3.2.0.gdt2-7/+6
28 May 2008: - The functionality of the OTR button has now moved to a menu. There's an "OTR" menu, as well as an icon showing the current OTR state of each active conversation in the window. - New OTR icons from <cyrus_xiii@yahoo.com> - OTR icons show up inline in the conversation window when the OTR status changes. - Buddy authentication has been revamped, based on the user study published in SOUPS 2008. The default is now to choose a question and an answer only you and the buddy should know. The question is displayed to the buddy, who is prompted for the answer. The "shared secret" and "fingerprint" authentication methods are still available.
2008-06-17Update to 3.2.0.gdt3-8/+8
- Added support for one-way authentication using an explicit question, based on the SOUPS 2008 user study.
2008-06-17Replace "dircproxy" package with with "dircproxy-devel" package andtron20-216/+53
remove the later. The old version 1.0.5 is unmaintained, has a remote DoS vulnerability and is less reliable than version 1.2.0beta2. Approved by Adrian Portelli.
2008-06-16Fix DESTDIR.joerg1-2/+1
2008-06-16+athemeadrianp1-1/+2
2008-06-16atheme-services is a set of Services for IRC networks that allows users toadrianp8-0/+558
manage their channels in a secure and efficient way and allows operators to manage various things about their networks. Unlike it's predecessor, Shrike, services has a completely reworked form of channel management that feels somewhat like eggdrop and is somewhat more useful. Services currently works with many irc daemons. More details are available in the config file.
2008-06-14* Increase pkg-config magic to get SSL enabled build to work when theadrianp4-9/+42
builtin version of OpenSSL is used. * Do not, under any case, do anything with svn during the configure process
2008-06-14Update to 1.1.20adrianp2-6/+6
1.1.20 follows up with the latest fixes of the maintenence release. It is a HIGHLY RECOMENDED upgrade for all 1.1.19 (and prior) users, as it addresses a number of client compatibility and general stability fixes.
2008-06-14Treat DragonFly same as other *BSDs.obache2-4/+13
Patch provided by Hasso Tepper in PR 38849.
2008-06-13Update to 1.7.21adrianp2-6/+10
Version 1.7.20 (revision 1324) With all currently known bugs fixed, this new release of Anope contains loads of bugfixes and should provide a stable experience. This is one of the last releases in the 1.7 series of Anope. We encourage users who were not using the 1.7 series for stability reasons to try out this release and report any bugs found on our bugtracker at http://bugs.anope.org/ . An important note for MySQL users: various database schema improvements have been added in Changes.mysql. Be sure to apply these changes to your database schema for a large increase in performance of the MySQL code. Take a look at the change log for more information about the changes made for this release. Version 1.7.21 (revision 1341) This new release fixes a XOP-related exploitable crash bug which appeared in Anope version 1.7.20. Earlier versions are not affected. Networks running Anope 1.7.20 are strongly advised to upgrade to this release. Even though networks running earlier versions are not affected by this bug, they are still advised to upgrade due to numerous other bugfixes. Next to the fix for the crash bug mentioned above, a number of other things have been fixed as well, including various InspIRCd-related issues, bugs in the MySQL code and a shiny new Russian translation. Take a look at the change log for more information about the changes made for this release.
2008-06-13More chroot build fixes from Michael Stapelberg.adrianp2-9/+21
2008-06-13Update home page URL.tron1-2/+2
2008-06-12Add DESTDIR support.joerg12-22/+46
2008-06-09Fix typo pointed out by Michael Stapelberg in private emailadrianp1-2/+2
2008-06-08Add patch for CVE-2007-4400 for Konversation to stop escape song namestonnerre3-3/+16
properly in the media script.
2008-06-07Re-add PERL5_PACKLIST, lost previous commit. Fixes PR 38846.obache1-4/+6
While here, add DESTDIR support.
2008-05-30Bump PKGREVISION for gtkspell API bump.wiz4-6/+8
2008-05-27Fix and simplify workaround for broken db4 library detection.obache2-15/+14
Should fix PR 38354. While here, add DESTDIR support.
2008-05-27Install README.reed2-3/+9
Bump PKGREVISION.
2008-05-26Turn IPv6 support on by default. Bump package revision.tron2-4/+4
2008-05-26Second round of explicit pax dependencies. As reminded by tnn@,joerg5-18/+21
many packages used to use ${PAX}. Use the common way of directly calling pax, it is created as tool after all.
2008-05-25Reset maintainer on his request.wiz1-2/+2
2008-05-25Fix indentation.tron3-6/+6
2008-05-25Remove me as maintainer of some package, clame ownership of a few packages.tron3-6/+6
2008-05-22Always pass --disable-nm (NetWorkManager, a Linux specific thing)tnn1-1/+2
Otherwise libpurple insists on having it if the dbus option is enabled. From David Brownlee.
2008-05-18Update to finch-2.4.2.tnn2-10/+2
* New default binding ctrl+x to open context menus. * Menu triggers and other bindings will no longer conflict. * Middle click pastes the internal clipboard (when mouse support is enabled).
2008-05-17catch up with pidgin-2.4.2tnn3-14/+8
2008-05-17Update to pidgin-2.4.2.tnn4-14/+10
* The typing notification in the conversation history can be disabled or customized (font, color etc.) in .gtkrc-2.0. * Added a plugin (not installed by default) which adds a Send button back to the conversation window. People without physical keyboards have a hard time with the lack of the button. * Clicking on the buddyicon in the conversation window toggles the size of the icon between small and large. * The settings of a chat (e.g. Handle in an XMPP chat, or Exchange in an AIM chat) can be edited from its context menu in the buddy list. * Add a "Present conversation window" preference to the Message Notification plugin; the "Raise conversation window" option does not unminimize windows or draw attention to them when they are on other workspaces--the "Present" option should. * Add a preference to set Escape as the keyboard shortcut for closing the conversation window. * Add an option in the context menu to disable smileys in the selected text in the conversation history/log viewer. This should help people who regularly paste code in conversations. * Add a preference to choose the minimum size of the text input area in lines. * Moved the "Local alias" field in the Modify Account dialog to be below the "User Options" heading on the "Basic" tab. * Number of room occupants is now shown in chat tooltips where possible
2008-05-17Aggressively disable options in Makefile.common and selectivelytnn2-14/+12
enable them in options.mk, through overrides.
2008-05-17Update to libpurple-2.4.2.tnn6-26/+48
o In MySpaceIM, messages from spambots are discarded (Justin Williams) o Strip mIRC formatting codes from quit and part messages. o IRC now displays ban lists in-channel for joined channels. o Fixed a bug where the list of loaded plugins would get removed when switching between different operating systems. o Fix reception of IRC PART without a part message on Undernet (fixes a problem with litter in the channel user list). o IRC no longer crashes on /list on servers which erroneously omit RPL_LISTSTART o Update the NetworkManager support to use D-Bus directly, instead of libnm-glib. Hopefully it's stable now. It will now compile by default if you have D-Bus support and NetworkManager.h. (Elliott Sales de Andrade) o MSN buddy list synchronization is now more forgiving, only asking about buddies who have disappeared completely from the server list and not those that have simply moved groups. o IRC will now try to append 1-9 to your nick if it is in use, instead of substituting the last character with 1-9 where possible. o Bonjour buddies will be saved persistently if they're moved out of the "Bonjour" group. (Eion Robb)
2008-05-13centerim>=4.22.5 does not conflict.obache1-2/+2
2008-05-13Update centerim to 4.22.5.obache14-490/+55
Based on patch provided in PR 38624. 'cicqconv' command is renamed for 'cimconv', conflict with centericq is gone away. 2008-04-08 New version (4.22.5) released. This release fixes various segfaults in the Yahoo protocol. It also introduces a bar which displays all open chats nicely. 2008-03-29 New version (4.22.4) released. This release fixes the possible url exploit described in CVE-2008-1467. It also makes CenterIM ready for the Yahoo protocol change kicking in on 2nd april 2008. 2008-03-11 New version (4.22.3) released. This version fixes the various ICQ contact list issues (e.g adding contacts should now work). 2007-12-08 New version (4.22.2) released. More than 90 fixes/improvements have been added to centerim since our last release in June. The main fixes included are: * Fixed bug in msn login when the server sent a NOT message * Fixed bug in ICQ protocol which prevented others from seeing your presence (partial) * New version tracking/updating (Thanks to David Riebenbauer for this helpful feature) * Added an "Out for Lunch" state
2008-05-11Add a wide-curses option, to enable utf-8 support.tonio2-4/+9
Based on patch from Leonardo Taccari in PR pkg/38418
2008-05-11Fix multiple connection handling Denial of Service vulnerability in licqtonnerre6-5/+126
(CVE-2008-1996). Before this, the application would crash if too many TCP connections are opened.
2008-05-051.1.19adrianp3-8/+7
There is a single crash fix in versions prior 1.1.19, in KLINE use. Opers on older versions are advised to avoid KLINE, and to use GLINE instead. Minor server buffering enhancements (should be a bit faster on netburst and use less CPU for highly loaded servers) Tempramental linking fix (thanks to djGrrr for helping finally track this down) Upgrade at your leisure.
2008-05-05Add explicit --disable-ipv6 when -inet6 is specifiedadrianp1-1/+3
From Daniel Horecki in PR #38570