From f848e361cd1b5927fc0e97d60cbaafa9a6b21595 Mon Sep 17 00:00:00 2001
From: George Barrett <bob@bob131.so>
Date: Fri, 5 Aug 2016 14:20:13 +1000
Subject: [PATCH] Fix default user information leak

At the moment, if the realname or username parameters aren't specified
then they default to the results of g_get_real_name() and
g_get_username(). This seems an unreasonable default, particularly as
this information can be set by clients if that behaviour is desired.

This patch uses the nickname property as a default instead.
---
 src/idle-connection.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/idle-connection.c b/src/idle-connection.c
index 9ee8840..9484803 100644
--- a/src/idle-connection.c
+++ b/src/idle-connection.c
@@ -762,19 +762,13 @@ static void _start_connecting_continue(IdleConnection *conn) {
 	IdleServerConnection *sconn;
 
 	if (tp_str_empty(priv->realname)) {
-		const gchar *g_realname = g_get_real_name();
-
 		g_free(priv->realname);
-
-		if (tp_strdiff(g_realname, "Unknown"))
-			priv->realname = g_strdup(g_realname);
-		else
-			priv->realname = g_strdup(priv->nickname);
+		priv->realname = g_strdup(priv->nickname);
 	}
 
 	if (tp_str_empty(priv->username)) {
 		g_free(priv->username);
-		priv->username = g_strdup(g_get_user_name());
+		priv->username = g_strdup(priv->nickname);
 	}
 
 	sconn = g_object_new(IDLE_TYPE_SERVER_CONNECTION,
-- 
2.7.4