[Pkg-telepathy-commits] [SCM] telepathy-gabble packaging branch, debian-lenny, updated. 4b78eacff702d56845dc2e9bba6e5ebc295bc732

Thu Feb 17 09:31:56 UTC 2011

The following commit has been merged in the debian-lenny branch:
commit b9033f647b661f5be206050c9d4b0ccde994350d
Author: Jonny Lamb <jonny at debian.org>
Date:   Wed Feb 16 15:27:01 2011 +0000

    debian/patches/00-jingleinfo.diff: Added.

diff --git a/debian/changelog b/debian/changelog
index c6c83e8..30b5dea 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+telepathy-gabble (0.7.6-1) UNRELEASED; urgency=low
+
+  * debian/patches/00-jingleinfo.diff: Added.
+
+ -- Jonny Lamb <jonny at debian.org>  Wed, 16 Feb 2011 15:22:38 +0000
+
 telepathy-gabble (0.7.6-1) unstable; urgency=low
 
   * New upstream release
diff --git a/debian/patches/00-jingleinfo.diff b/debian/patches/00-jingleinfo.diff
new file mode 100644
index 0000000..7e39a1f
--- /dev/null
+++ b/debian/patches/00-jingleinfo.diff
@@ -0,0 +1,57 @@
+From c7b14b07cf6a247d4e85337c3137656329ccf574 Mon Sep 17 00:00:00 2001
+From: Will Thompson <will.thompson at collabora.co.uk>
+Date: Tue, 15 Feb 2011 11:29:29 +0000
+Subject: [PATCH] [0.7.6] Ignore google:jingleinfo pushes from contacts.
+
+Previously, Gabble would erroneously process google:jingleinfo updates
+sent by anybody, rather than only paying attention to those sent by the
+user's server. This may theoretically allow an attacker to trick Gabble
+into relaying streamed media through a server of the attacker's
+choosing, enabling them to intercept, obstruct or modify the user's
+audio and video calls.
+
+This patch addresses this flaw, following the same pattern as the
+corresponding check in the roster code.
+
+Note that even without this flaw, no security guarantees on media in
+calls can be provided in the presence of malicious network admins or
+insecure networks: an attacker who can eavesdrop the network traffic
+still has the ability to intercept the content of the call, as the media
+is transmitted unencrypted.
+
+Signed-off-by: Will Thompson <will.thompson at collabora.co.uk>
+Reviewed-by: Sjoerd Simons <sjoerd.simons at collabora.co.uk>
+---
+ src/media-factory.c |   16 ++++++++++++++++
+ 1 files changed, 16 insertions(+), 0 deletions(-)
+
+diff --git a/src/media-factory.c b/src/media-factory.c
+index 2a33d75..bb99ac2 100644
+--- a/src/media-factory.c
++++ b/src/media-factory.c
+@@ -568,6 +568,22 @@ jingle_info_iq_callback (LmMessageHandler *handler,
+   GabbleMediaFactoryPrivate *priv = GABBLE_MEDIA_FACTORY_GET_PRIVATE (fac);
+   LmMessageSubType sub_type;
+   LmMessageNode *query_node, *node;
++  const gchar *from = lm_message_node_get_attribute (message->node, "from");
++
++  if (from != NULL)
++    {
++      TpBaseConnection *base_conn = TP_BASE_CONNECTION (priv->conn);
++      TpHandleRepoIface *contact_repo = tp_base_connection_get_handles (
++          base_conn, TP_HANDLE_TYPE_CONTACT);
++      TpHandle sender = tp_handle_lookup (contact_repo, from, NULL, NULL);
++
++      if (sender != base_conn->self_handle)
++        {
++          DEBUG ("ignoring jingleinfo from '%s', not ourself nor the server",
++              from);
++          return LM_HANDLER_RESULT_ALLOW_MORE_HANDLERS;
++        }
++    }
+ 
+   query_node = lm_message_node_get_child_with_namespace (message->node,
+       "query", NS_GOOGLE_JINGLE_INFO);
+-- 
+1.7.2.3
+

-- 
telepathy-gabble packaging

