I talked with Jeff Davis, he thought my patch would fix another problem so the fix still works for the problem described in the first posting.
Howard Chu: "It looks to me like the OTR plugin isn't actually sending a signoff message to the peer when you end a session." Internally the Plugin realizes the other side closed the session and prints a message that this happened, but does nothing further. I came to the realization that this is not a missing feature but probably intended. Think of this scenario: A chats with B with an active OTR session. They are talking about confidential material. Now A signs off (client crash, connection loss, or he just closed Pidgin). What if B sends a message right after that without realizing A signed off? With my patch B ends the OTR session immediately and sends the message unencrypted (break of confidentiality) , without the patch the OTR session for B would still be active, the message would be sent encrypted (and therefor A probably couldn't read it if he comes back online, but that is no break of confidentiality). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/307964 Title: OTR should close a session, if the other chat partner logs out To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pidgin-otr/+bug/307964/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
