Commit 19284b91 authored by Tanguy Ortolo's avatar Tanguy Ortolo

Debian revision 0.15.1-4

parent 95ad2aff
gajim for Debian
----------------
If you want to use OpenPGP in gajim, you have to install python-gnupginterface.
For video chat support, you have to install python-farstream.
-- Yann Le Boulanger <asterix@lagaule.org>, Mon, 20 Jun 2005 12:02:31 +0200
-- Julien Valroff <julien@debian.org> Sat, 07 May 2011 13:50:27 +0200
gajim (0.13.4-3+squeeze3) stable-security; urgency=high
gajim (0.15.1-4) unstable; urgency=low
* Non-maintainer upload by the Security Team.
* Fix regression introduced by last update if latx conversion
utilities are not installed, check_latex("test") fails.
(Closes: #668710, #669100, #669105, #669106)
* apply patches using dpatch in debian/rules
-- Yann Leboulanger <asterix@lagaule.org> Fri, 15 Feb 2013 23:34:36 +0200
gajim (0.15.1-3) unstable; urgency=low
* Go back to old patch format so that Gajim can go in testing.
-- Yann Leboulanger <asterix@lagaule.org> Sun, 02 Dec 2012 19:42:34 +0200
gajim (0.15.1-2) unstable; urgency=low
* re-add missing 0.15-1.1 changelog entry
* add a patch to prevent a traceback.
* add a patch to fix a crash. Closes: #690937
-- Yann Leboulanger <asterix@lagaule.org> Sun, 14 Oct 2012 18:02:36 +0200
-- Nico Golde <nion@debian.org> Tue, 17 Apr 2012 16:01:14 +0000
gajim (0.15.1-1) unstable; urgency=low
gajim (0.13.4-3+squeeze2) stable-security; urgency=high
* New upstream release.
* change python-farsight to python-farstream in suggests list. Closes: #682598
* Add python-gupnp-igd to suggests list. Closes: #668194
* Fix shortcut behaviour in roster window. Closes: #667870
* Improve GPG status handling. Closes: #670243
-- Yann Leboulanger <asterix@lagaule.org> Tue, 29 Aug 2012 09:51:52 +0200
gajim (0.15-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* This update fixes the following security issues:
- CVE-2012-2086: SQL injections via jids in logging code
- CVE-2012-2085: assisted code execution via crafted messages due
to insecurely processing input with popen.
- CVE-2012-2093: insecure use of temporary files when convering LaTeX
IM messages to png images.
(Closes: #668710, #668038)
* Fix CVE-2012-2093: insecure use of temporary files when convering LaTeX
IM messages to png images. Closes: #668710
-- Luk Claes <luk@debian.org> Sat, 16 Jun 2012 18:22:00 +0200
-- Nico Golde <nion@debian.org> Sun, 15 Apr 2012 20:35:02 +0000
gajim (0.15-1) unstable; urgency=low
gajim (0.13.4-3+squeeze1) stable; urgency=low
* New upstream release.
* remove 00_debian-copying.diff because upstream doesn't install it anymore
* remove 01_configure-ac.diff because upstream changed configure dependencies
* remove python-gnupginterface from recommands list, it's no more used
-- Yann Leboulanger <asterix@lagaule.org> Sat, 18 Mar 2012 10:32:38 +0100
[ Étienne Loks ]
* Fix CPU high load when connecting first. Closes: #634880
gajim (0.14.4-1) unstable; urgency=low
-- Yann Leboulanger <asterix@lagaule.org> Thu, 21 Jul 2011 21:15:34 +0100
* New upstream release. Closes: #637071
* Fixes weird error. Closes: #632226
* Stop suggesting unused python-sexy. Closes: #633301
* Modify 00_debian-copying.diff to also not install ChangeLog file.
dh_changelogs will do it.
gajim (0.13.4-3) unstable; urgency=low
-- Yann Leboulanger <asterix@lagaule.org> Fri, 22 Jul 2011 12:56:30 +0200
* Fix a problem when canceling password keyring creation.
gajim (0.14.3-1) unstable; urgency=low
-- Yann Leboulanger <asterix@lagaule.org> Thu, 04 Nov 2010 20:40:52 +0100
* New upstream release.
* Fix closing roster window. Closes: #630315
gajim (0.13.4-2) unstable; urgency=low
-- Yann Leboulanger <asterix@lagaule.org> Sun, 19 Jun 2011 21:46:09 +0200
* don't fail to build with python != 2.5. Closes: #595870
* fix minimum python-openssl version to 0.9. Closes: #594772
gajim (0.14.2-1) unstable; urgency=low
-- Yann Leboulanger <asterix@lagaule.org> Tue, 07 Sep 2010 09:28:03 +0200
* New upstream release.
* Fix CPU usage when testing file transfer proxies. Closes: #626576
-- Yann Leboulanger <asterix@lagaule.org> Tue, 07 Jun 2011 19:30:43 +0200
gajim (0.14.1-1) unstable; urgency=low
[ Yann Leboulanger ]
* New upstream release. Closes: #604966
* Correctly sanitize menuentries in chat window action context menu.
Closes: #574839
* Fix traceback when closing file request dialog. Closes: #587186
* Recommend python-openssl >= 0.9. Closes: #594772
* Improve a string. Closes: #553527
* Fix cancelling file transfer. Closes: #587679
[ Julien Valroff ]
* Switch to dh from CDBS and drop unused (build-)dependencies.
* Switch to dh_python2 from pysupport. Closes: #616819
* Drop useless debian/dirs.
* Switch to 3.0 (quilt) source format.
* Update Standards-Version to 3.9.2.
* Remove useless and unused shlibs:Depends substvar.
* Add a note about python-farsight in README.Debian.
* Add patch and use dh_autoreconf to remove build-dependencies on
python-dev, python-gtk2-dev and libgtk2.0-dev.
-- Yann Leboulanger <asterix@lagaule.org> Sat, 07 May 2011 16:01:37 +0200
gajim (0.13.4-1) unstable; urgency=low
......
......@@ -2,21 +2,18 @@ Source: gajim
Section: net
Priority: optional
Maintainer: Yann Leboulanger <asterix@lagaule.org>
Build-Depends: debhelper (>= 7), cdbs (>= 0.4.43), python-support (>= 0.7.1), python-dev, libgtk2.0-dev, python-gtk2-dev, gettext (>= 0.17-4), intltool (>= 0.40.1), imagemagick, python-central (>= 0.5)
Build-Conflicts: python2.3
XS-Python-Version: >= 2.4
Standards-Version: 3.8.3
Build-Depends: debhelper (>= 7.0.50~), python (>= 2.6.6-3~), gettext (>= 0.17-4), intltool (>= 0.40.1), imagemagick, libglib2.0-dev, dpatch
Standards-Version: 3.9.3
Homepage: http://www.gajim.org
Vcs-Hg: http://hg.gajim.org/gajim/
Vcs-Browser: http://hg.gajim.org/gajim/file
Package: gajim
Architecture: any
XB-Python-Version: ${python:Versions}
Depends: ${misc:Depends}, ${shlibs:Depends}, ${python:Depends}, python-support (>= 0.7.1), python-glade2 (>= 2.12.0), python-gtk2 (>= 2.12.0), dnsutils
Recommends: dbus, python-dbus, notification-daemon, python-gnupginterface, python-openssl (>= 0.9), python-crypto
Suggests: python-gconf, python-gnome2, nautilus-sendto, avahi-daemon, python-avahi, network-manager, libgtkspell0, aspell-en, python-gnomekeyring, gnome-keyring, python-sexy, python-kerberos (>= 1.1), texlive-latex-base, dvipng
Architecture: all
Depends: ${misc:Depends}, ${python:Depends}, python-gtk2 (>= 2.22.0), dnsutils
Recommends: dbus, python-dbus, notification-daemon, python-openssl (>= 0.12), python-crypto, python-pyasn1
Suggests: python-gconf, python-gnome2, nautilus-sendto, avahi-daemon, python-avahi, network-manager, libgtkspell0, aspell-en, python-gnomekeyring, gnome-keyring, python-kerberos (>= 1.1), texlive-latex-base, dvipng, python-farstream, gstreamer0.10-plugins-ugly, python-pycurl, python-gupnp-igd
Description: Jabber client written in PyGTK
Gajim is a Jabber client. It has a tabbed user interface with normal chats,
group chats, and has many features such as, TLS, GPG, SSL, multiple accounts,
avatars, file transfers, D-Bus and Metacontacts.
avatars, file transfers, audio/video call, D-Bus and Metacontacts.
......@@ -5,12 +5,11 @@ It was downloaded from:
http://www.gajim.org/downloads/
Upstream Authors:
- Yann Le Boulanger <asterix@lagaule.org>
- Jean-Marie Traissard <jim@lapin.org>
- Stephan Erb <steve-e@h3c.de>
- Denis Fomin <fominde@gmail.com>
- Yann Leboulanger <asterix@lagaule.org>
Copyright: (c) 2003-2009 Gajim Team
Copyright: (c) 2003-2012 Gajim Team
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......
usr/bin
usr/share/gajim
usr/share/man/man1
usr/share/pixmaps
usr/share/applications
usr/share/menu
usr/share/lintian/overrides
usr/lib/gajim
.\" 20050901
.TH "Gajim-history-manager" "1" "September 01, 2005" "Gajim dev team" ""
.SH "NAME"
Gajim-history-manager \- Tool to manage gajim logs
.SH "SYNOPSIS"
.B gajim-history-manager [\-c config-path] [\-h]
.SH "DESCRIPTION"
.B Gajim-history-manager
is a tool to manage (do some cleanup) log file of Gajim jabber client.
.PP
.SH "OPTIONS"
.TP
\fB\-c\fR, \fB\-\-config-path\fR path
Path where logs.db is located. ~/.gajim by default.
.TP
\fB\-h\fR, \fB\-\-help\fR
Print this help.
.SH "FEEDBACK"
You can report bugs or feature requests in http://trac.gajim.org or in the mailing list: http://lists.gajim.org/cgi\-bin/listinfo/gajim\-devel. You can also find us in our room gajim@conference.gajim.org
.SH "AUTHORS"
Written by Yann Le Boulanger <asterix@lagaule.org>, Nikos Kouremenos <kourem@gmail.com> and Dimitur Kirov <dkirov@gmail.com>.
data/gajim.1
data/gajim-remote.1
debian/gajim-history-manager.1
data/gajim-history-manager.1
debian/gajim.xpm usr/share/pixmaps
#! /bin/sh /usr/share/dpatch/dpatch-run
## 00_connection_handlers.diff by <asterix@lagaule.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: fix variable name
#
# Description: fix variable name
# Author: Yann Leboulanger <asterix@lagaule.org>
# Last-Update: 2012-10-28
@DPATCH@
Index: src/common/connection_handlers.py
===================================================================
--- a/src/common/connection_handlers.py
+++ b/src/common/connection_handlers.py
@@ -1993,7 +1993,7 @@
def _StreamCB(self, con, iq_obj):
log.debug('StreamCB')
gajim.nec.push_incoming_event(StreamReceivedEvent(None,
- conn=self, stanza=obj))
+ conn=self, stanza=iq_obj))
def _register_handlers(self, con, con_type):
# try to find another way to register handlers in each class
Index: Makefile.am
===================================================================
--- Makefile.am (revision 7202)
+++ Makefile.am (working copy)
@@ -9,7 +9,6 @@
docfiles_DATA = README \
README.html \
ChangeLog \
- COPYING \
THANKS \
AUTHORS
--- Makefile.in
+++ Makefile.in
@@ -273,7 +273,6 @@
docfiles_DATA = README \
README.html \
ChangeLog \
- COPYING \
THANKS \
AUTHORS
Index: src/common/passwords.py
===================================================================
--- src/common/passwords.py Sun Apr 25 21:13:15 2010 +0200
+++ src/common/passwords.py Thu Nov 04 20:33:05 2010 +0100
@@ -197,7 +197,8 @@
if USER_USES_GNOMEKEYRING:
try:
storage = GnomePasswordStorage()
- except (gnomekeyring.NoKeyringDaemonError, gnomekeyring.DeniedError):
+ except (gnomekeyring.NoKeyringDaemonError, gnomekeyring.DeniedError,
+ gnomekeyring.CancelledError):
storage = None
if storage is None:
if gajim.config.get('use_kwalletcli'):
00_connection_handlers.diff
01_accel_group.diff
#! /bin/sh /usr/share/dpatch/dpatch-run
## 02_connection_handlers.dpatch by <asterix@asterix.lagaule.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: fix using accel group
#
# Description: fix using accel group
# Author: Yann Leboulanger <asterix@lagaule.org>
# Origin: upstream,http://hg.gajim.org/gajim/rev/fdd7c9b81c1b
# Last-Update: 2012-10-28
@DPATCH@
--- a/src/message_window.py
+++ b/src/message_window.py
@@ -352,6 +352,7 @@
if modifier & gtk.gdk.CONTROL_MASK:
if keyval == gtk.keysyms.h: # CTRL + h
control._on_history_menuitem_activate()
+ return True
elif control.type_id == message_control.TYPE_CHAT and \
keyval == gtk.keysyms.f: # CTRL + f
# CTRL + f moves cursor one char forward when user uses Emacs
@@ -359,28 +360,35 @@
if not gtk.settings_get_default().get_property(
'gtk-key-theme-name') == 'Emacs':
control._on_send_file_menuitem_activate(None)
+ return True
elif control.type_id == message_control.TYPE_CHAT and \
keyval == gtk.keysyms.g: # CTRL + g
control._on_convert_to_gc_menuitem_activate(None)
+ return True
elif control.type_id in (message_control.TYPE_CHAT,
message_control.TYPE_PM) and keyval == gtk.keysyms.i: # CTRL + i
control._on_contact_information_menuitem_activate(None)
elif keyval == gtk.keysyms.l or keyval == gtk.keysyms.L: # CTRL + l|L
control.conv_textview.clear()
+ return True
elif keyval == gtk.keysyms.u: # CTRL + u: emacs style clear line
control.clear(control.msg_textview)
+ return True
elif control.type_id == message_control.TYPE_GC and \
keyval == gtk.keysyms.b: # CTRL + b
control._on_bookmark_room_menuitem_activate(None)
+ return True
# Tab switch bindings
elif keyval == gtk.keysyms.F4: # CTRL + F4
self.remove_tab(control, self.CLOSE_CTRL_KEY)
+ return True
elif keyval == gtk.keysyms.w: # CTRL + w
# CTRL + w removes latest word before sursor when User uses emacs
# theme
if not gtk.settings_get_default().get_property(
'gtk-key-theme-name') == 'Emacs':
self.remove_tab(control, self.CLOSE_CTRL_KEY)
+ return True
elif keyval in (gtk.keysyms.Page_Up, gtk.keysyms.Page_Down):
# CTRL + PageUp | PageDown
# Create event and send it to notebook
@@ -390,12 +398,14 @@
event.state = gtk.gdk.CONTROL_MASK
event.keyval = int(keyval)
self.notebook.emit('key_press_event', event)
+ return True
if modifier & gtk.gdk.SHIFT_MASK:
# CTRL + SHIFT
if control.type_id == message_control.TYPE_GC and \
keyval == gtk.keysyms.n: # CTRL + SHIFT + n
control._on_change_nick_menuitem_activate(None)
+ return True
# MOD1 (ALT) mask
elif modifier & gtk.gdk.MOD1_MASK:
# Tab switch bindings
@@ -404,26 +414,34 @@
if new >= self.notebook.get_n_pages():
new = 0
self.notebook.set_current_page(new)
+ return True
elif keyval == gtk.keysyms.Left: # ALT + LEFT
new = self.notebook.get_current_page() - 1
if new < 0:
new = self.notebook.get_n_pages() - 1
self.notebook.set_current_page(new)
+ return True
elif chr(keyval) in st: # ALT + 1,2,3..
self.notebook.set_current_page(st.index(chr(keyval)))
+ return True
elif keyval == gtk.keysyms.c: # ALT + C toggles chat buttons
control.chat_buttons_set_visible(not control.hide_chat_buttons)
+ return True
elif keyval == gtk.keysyms.m: # ALT + M show emoticons menu
control.show_emoticons_menu()
+ return True
elif keyval == gtk.keysyms.d: # ALT + D show actions menu
control.on_actions_button_clicked(control.actions_button)
+ return True
elif control.type_id == message_control.TYPE_GC and \
keyval == gtk.keysyms.t: # ALT + t
control._on_change_subject_menuitem_activate(None)
+ return True
# Close tab bindings
elif keyval == gtk.keysyms.Escape and \
gajim.config.get('escape_key_closes'): # Escape
self.remove_tab(control, self.CLOSE_ESC)
+ return True
def _on_close_button_clicked(self, button, control):
"""
Index: src/common/xmpp/idlequeue.py
===================================================================
--- src/common/xmpp/idlequeue.py Sun Sep 18 12:54:42 2011 +0200
+++ src/common/xmpp/idlequeue.py Sun Sep 18 12:54:42 2011 +0200
@@ -362,20 +362,25 @@
self.unplug_idle(fd)
return False
+ read_write = False
if flags & PENDING_READ:
#print 'waiting read on %d, flags are %d' % (fd, flags)
obj.pollin()
- return True
+ read_write = True
- elif flags & PENDING_WRITE:
+ elif flags & PENDING_WRITE and not flags & IS_CLOSED:
obj.pollout()
- return True
+ read_write = True
- elif flags & IS_CLOSED:
+ if flags & IS_CLOSED:
# io error, don't expect more events
self.remove_timeout(obj.fd)
self.unplug_idle(obj.fd)
obj.pollend()
+ return False
+
+ if read_write:
+ return True
return False
def process(self):
diff -Nurad gajim-0.13.4.orig//src/common/helpers.py gajim-0.13.4/src/common/helpers.py
--- gajim-0.13.4.orig//src/common/helpers.py 2012-04-17 15:59:08.000000000 +0000
+++ gajim-0.13.4/src/common/helpers.py 2012-04-17 15:59:18.000000000 +0000
@@ -39,6 +39,7 @@
import base64
import sys
import hashlib
+import shlex
from encodings.punycode import punycode_encode
@@ -355,8 +356,17 @@
pass
return False
-def exec_command(command):
- subprocess.Popen('%s &' % command, shell=True).wait()
+def exec_command(command, use_shell=False):
+ """
+ execute a command. if use_shell is True, we run the command as is it was
+ typed in a console. So it may be dangerous if you are not sure about what
+ is executed.
+ """
+ if use_shell:
+ subprocess.Popen('%s &' % command, shell=True).wait()
+ else:
+ args = shlex.split(command.encode('utf-8'))
+ p = subprocess.Popen(args)
def build_command(executable, parameter):
# we add to the parameter (can hold path with spaces)
diff -Nurad gajim-0.13.4.orig//src/common/latex.py gajim-0.13.4/src/common/latex.py
--- gajim-0.13.4.orig//src/common/latex.py 2012-04-17 15:59:08.000000000 +0000
+++ gajim-0.13.4/src/common/latex.py 2012-04-17 15:59:54.000000000 +0000
@@ -29,7 +29,7 @@
import os
import random
-from tempfile import gettempdir
+from tempfile import gettempdir,mkstemp,mkdtemp
from subprocess import Popen, PIPE
import logging
@@ -57,10 +57,10 @@
return True
return False
-def get_tmpfile_name():
+def get_tmpfile_name(tmpdir):
random.seed()
int_ = random.randint(0, 100)
- return os.path.join(gettempdir(), 'gajimtex_' + int_.__str__())
+ return os.path.join(tmpdir, 'gajimtex_' + int_.__str__())
def write_latex(filename, str_):
texstr = '\\documentclass[12pt]{article}\\usepackage[dvips]{graphicx}'
@@ -78,12 +78,12 @@
# a wrapper for Popen so that no window gets opened on Windows
# (i think this is the reason we're using Popen rather than just system())
# stdout goes to a pipe so that it can be read
-def popen_nt_friendly(command):
+def popen_nt_friendly(command, directory):
if os.name == 'nt':
# CREATE_NO_WINDOW
- return Popen(command, creationflags=0x08000000, cwd=gettempdir(), stdout=PIPE)
+ return Popen(command, creationflags=0x08000000, cwd=directory, stdout=PIPE)
else:
- return Popen(command, cwd=gettempdir(), stdout=PIPE)
+ return Popen(command, cwd=directory, stdout=PIPE)
def check_for_latex_support():
'''check is latex is available and if it can create a picture.'''
@@ -98,9 +98,9 @@
except LatexError:
return False
-def try_run(argv):
+def try_run(argv, directory):
try:
- p = popen_nt_friendly(argv)
+ p = popen_nt_friendly(argv, directory)
out = p.communicate()[0]
log.info(out)
return p.wait()
@@ -125,21 +125,28 @@
# we triggered the blacklist, immediately return None
return None
- tmpfile = get_tmpfile_name()
+ tmpdir = ""
+ tmppng = ""
+ try:
+ tmpdir = mkdtemp(prefix="gajim")
+ tmppng = mkstemp(suffix=".png")[1]
+ except Exception:
+ raise LatexError("could not securely create one or more temporary files for LaTeX conversion")
+ tmpfile = get_tmpfile_name(tmpdir)
# build latex string
write_latex(os.path.join(tmpfile + '.tex'), str_)
# convert TeX to dvi
exitcode = try_run(['latex', '--interaction=nonstopmode',
- tmpfile + '.tex'])
+ tmpfile + '.tex'], tmpdir)
if exitcode == 0:
# convert dvi to png
latex_png_dpi = gajim.config.get('latex_png_dpi')
exitcode = try_run(['dvipng', '-bg', bg_str, '-fg', fg_str, '-T',
'tight', '-D', latex_png_dpi, tmpfile + '.dvi', '-o',
- tmpfile + '.png'])
+ tmpfile + '.png'], tmpdir)
# remove temp files created by us and TeX
extensions = ['.tex', '.log', '.aux', '.dvi']
@@ -149,11 +156,17 @@
except Exception:
pass
+ if exitcode == 0:
+ os.rename(tmpfile + '.png', tmppng)
+ else:
+ os.remove(tmppng)
+
+ os.rmdir(tmpdir)
if isinstance(exitcode, (unicode, str)):
raise LatexError(exitcode)
if exitcode == 0:
- result = tmpfile + '.png'
+ result = tmppng
return result
diff -Nurad gajim-0.13.4.orig//src/common/logger.py gajim-0.13.4/src/common/logger.py
--- gajim-0.13.4.orig//src/common/logger.py 2012-04-17 15:59:08.000000000 +0000
+++ gajim-0.13.4/src/common/logger.py 2012-04-17 15:59:18.000000000 +0000
@@ -527,7 +527,7 @@
except exceptions.PysqliteOperationalError, e:
# Error trying to create a new jid_id. This means there is no log
return []
- where_sql = self._build_contact_where(account, jid)
+ where_sql, jid_tuple = self._build_contact_where(account, jid)
now = int(float(time.time()))
timed_out = now - (timeout * 60) # before that they are too old
@@ -539,10 +539,9 @@
WHERE (%s) AND kind IN (%d, %d, %d, %d, %d) AND time > %d
ORDER BY time DESC LIMIT %d OFFSET %d
''' % (where_sql, constants.KIND_SINGLE_MSG_RECV,
- constants.KIND_CHAT_MSG_RECV, constants.KIND_SINGLE_MSG_SENT,
- constants.KIND_CHAT_MSG_SENT, constants.KIND_ERROR,
- timed_out, restore_how_many_rows, pending_how_many)
- )
+ constants.KIND_CHAT_MSG_RECV, constants.KIND_SINGLE_MSG_SENT,
+ constants.KIND_CHAT_MSG_SENT, constants.KIND_ERROR, timed_out,
+ restore_how_many_rows, pending_how_many), jid_tuple)
results = self.cur.fetchall()
except sqlite.DatabaseError:
@@ -569,7 +568,7 @@
except exceptions.PysqliteOperationalError, e:
# Error trying to create a new jid_id. This means there is no log
return []
- where_sql = self._build_contact_where(account, jid)
+ where_sql, jid_tuple = self._build_contact_where(account, jid)
start_of_day = self.get_unix_time_from_date(year, month, day)
seconds_in_a_day = 86400 # 60 * 60 * 24
@@ -580,7 +579,7 @@
WHERE (%s)
AND time BETWEEN %d AND %d
ORDER BY time
- ''' % (where_sql, start_of_day, last_second_of_day))
+ ''' % (where_sql, start_of_day, last_second_of_day), jid_tuple)
results = self.cur.fetchall()
return results
@@ -603,13 +602,13 @@
return results
else: # user just typed something, we search in message column
- where_sql = self._build_contact_where(account, jid)
+ where_sql, jid_tuple = self._build_contact_where(account, jid)
like_sql = '%' + query.replace("'", "''") + '%'
self.cur.execute('''
SELECT contact_name, time, kind, show, message, subject FROM logs
WHERE (%s) AND message LIKE '%s'
ORDER BY time
- ''' % (where_sql, like_sql))
+ ''' % (where_sql, like_sql), jid_tuple)
results = self.cur.fetchall()
return results
@@ -622,7 +621,7 @@
# Error trying to create a new jid_id. This means there is no log
return []
days_with_logs = []
- where_sql = self._build_contact_where(account, jid)
+ where_sql, jid_tuple = self._build_contact_where(account, jid)
# First select all date of month whith logs we want
start_of_month = self.get_unix_time_from_date(year, month, 1)
@@ -640,7 +639,7 @@
AND kind NOT IN (%d, %d)
ORDER BY time
''' % (where_sql, start_of_month, last_second_of_month,
- constants.KIND_STATUS, constants.KIND_GCSTATUS))
+ constants.KIND_STATUS, constants.KIND_GCSTATUS), jid_tuple)
result = self.cur.fetchall()
# convert timestamps to day of month
@@ -654,19 +653,20 @@
we had logs (excluding statuses)'''
where_sql = ''
if not is_room:
- where_sql = self._build_contact_where(account, jid)
+ where_sql, jid_tuple = self._build_contact_where(account, jid)
else:
try:
jid_id = self.get_jid_id(jid, 'ROOM')
except exceptions.PysqliteOperationalError, e:
# Error trying to create a new jid_id. This means there is no log
return None
- where_sql = 'jid_id = %s' % jid_id
+ where_sql = 'jid_id = ?'
self.cur.execute('''
SELECT MAX(time) FROM logs
WHERE (%s)
AND kind NOT IN (%d, %d)
- ''' % (where_sql, constants.KIND_STATUS, constants.KIND_GCSTATUS))
+ ''' % (where_sql, constants.KIND_STATUS, constants.KIND_GCSTATUS),
+ jid_tuple)
results = self.cur.fetchone()
if results is not None:
@@ -683,11 +683,13 @@
except exceptions.PysqliteOperationalError, e:
# Error trying to create a new jid_id. This means there is no log
return None
- where_sql = 'jid_id = %s' % jid_id
+ where_sql = 'jid_id = ?'
+ jid_tuple = (jid_id,)
+
self.cur.execute('''
SELECT time FROM rooms_last_message_time
WHERE (%s)
- ''' % (where_sql))
+ ''' % (where_sql), jid_tuple)
results = self.cur.fetchone()
if results is not None:
@@ -709,6 +711,7 @@
'''build the where clause for a jid, including metacontacts
jid(s) if any'''
where_sql = ''
+ jid_tuple = ()
# will return empty list if jid is not associated with
# any metacontacts
family = gajim.contacts.get_metacontacts_family(account, jid)
@@ -718,13 +721,15 @@
jid_id = self.get_jid_id(user['jid'])
except exceptions.PysqliteOperationalError, e:
continue
- where_sql += 'jid_id = %s' % jid_id
+ where_sql += 'jid_id = ?'
+ jid_tuple += (jid_id,)
if user != family[-1]:
where_sql += ' OR '
else: # if jid was not associated with metacontacts
jid_id = self.get_jid_id(jid)
- where_sql = 'jid_id = %s' % jid_id
- return where_sql
+ where_sql = 'jid_id = ?'
+ jid_tuple += (jid_id,)
+ return where_sql,jid_tuple
def save_transport_type(self, jid, type_):
'''save the type of the transport in DB'''
diff -Nurad gajim-0.13.4.orig//src/notify.py gajim-0.13.4/src/notify.py
--- gajim-0.13.4.orig//src/notify.py 2012-04-17 15:59:08.000000000 +0000
+++ gajim-0.13.4/src/notify.py 2012-04-17 15:59:18.000000000 +0000
@@ -323,7 +323,7 @@
command = gajim.config.get_per('notifications', str(advanced_notif_num),
'command')
try:
- helpers.exec_command(command)
+ helpers.exec_command(obj.command, use_shell=True)
except Exception:
pass