HGKeeper

Remove _xmppconnect support
release-2.x.y
2022-04-27, Gary Kramlich

13cdb7956bdc

Executable

Remove _xmppconnect support

It has always been vulnerable to MITM attacks when it is not used with DNSSEC,
and has been removed from XEP-0156 because of that. We have been issued
CVE-2022-26491 for this issue.

More discussion can be found at
https://mail.jabber.org/pipermail/standards/2022-February/038759.html.

Testing Done:
Compiled

Reviewed at https://reviews.imfreedom.org/r/1357/

#!/bin/sh

METHOD_NAME=$1

if test -z "$METHOD_NAME"

then

cat <<EOF

This program calls purple API functions using DBus. As opposed to purple-send,

it does not print the return value.

Usage:

$0 method-name type1:parameter1 type2:parameter2 ...

This shell script just invokes dbus-send, see man dbus-send for how

to specify the parameters.

Examples:

$0 PurpleCoreQuit

Use dbus-viewer to get the list of supported functions and their parameters.

EOF

exit 1

shift

dbus-send --dest=im.pidgin.purple.PurpleService --type=method_call /im/pidgin/purple/PurpleObject im.pidgin.purple.PurpleInterface.$METHOD_NAME "$@"

pidgin/pidgin