--- pidgin-otr-3.2.0.orig/otr-plugin.c
+++ pidgin-otr-3.2.0/otr-plugin.c
@@ -155,6 +155,9 @@
 	const char *protocol)
 {
     OtrgDialogWaitHandle waithandle;
+#ifndef WIN32
+    mode_t mask;
+#endif  /* WIN32 */
     FILE *privf;
 
     gchar *privkeyfile = g_build_filename(purple_user_dir(), PRIVKEYFNAME, NULL);
@@ -162,7 +165,13 @@
 	fprintf(stderr, _("Out of memory building filenames!\n"));
 	return;
     }
+#ifndef WIN32
+    mask = umask (0077);
+#endif  /* WIN32 */
     privf = g_fopen(privkeyfile, "w+b");
+#ifndef WIN32
+    umask (mask);
+#endif  /* WIN32 */
     g_free(privkeyfile);
     if (!privf) {
 	fprintf(stderr, _("Could not write private key file\n"));
@@ -619,9 +628,18 @@
 /* Write the fingerprints to disk. */
 void otrg_plugin_write_fingerprints(void)
 {
+#ifndef WIN32
+    mode_t mask;
+#endif  /* WIN32 */
     FILE *storef;
     gchar *storefile = g_build_filename(purple_user_dir(), STOREFNAME, NULL);
+#ifndef WIN32
+    mask = umask (0077);
+#endif  /* WIN32 */
     storef = g_fopen(storefile, "wb");
+#ifndef WIN32
+    umask (mask);
+#endif  /* WIN32 */
     g_free(storefile);
     if (!storef) return;
     otrl_privkey_write_fingerprints_FILEp(otrg_plugin_userstate, storef);
@@ -972,6 +990,11 @@
     otrg_dialog_set_ui_ops(otrg_gtk_dialog_get_ui_ops());
 #endif
 
+#ifndef WIN32
+    /* Make key generation use /dev/urandom instead of /dev/random */
+    gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0);
+#endif
+
     /* Initialize the OTR library */
     OTRL_INIT;
 
--- pidgin-otr-3.2.0.orig/debian/dirs
+++ pidgin-otr-3.2.0/debian/dirs
@@ -0,0 +1 @@
+/usr/lib/pidgin
--- pidgin-otr-3.2.0.orig/debian/rules
+++ pidgin-otr-3.2.0/debian/rules
@@ -0,0 +1,104 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+
+
+
+CFLAGS = -Wall -g
+
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+	CFLAGS += -O0
+else
+	CFLAGS += -O2
+endif
+
+configure: configure-stamp
+configure-stamp:
+	dh_testdir
+	# Add here commands to configure the package.
+	./configure --host=$(DEB_HOST_GNU_TYPE)\
+		--build=$(DEB_BUILD_GNU_TYPE)\
+		--prefix=/usr\
+		--mandir=\$${prefix}/share/man\
+		--infodir=\$${prefix}/share/info \
+
+	touch configure-stamp
+
+
+build: build-stamp
+
+build-stamp: configure-stamp 
+	dh_testdir
+
+	# Add here commands to compile the package.
+	$(MAKE)
+	#docbook-to-man debian/pidgin-otr.sgml > pidgin-otr.1
+
+	touch build-stamp
+
+clean:
+	dh_testdir
+	dh_testroot
+	rm -f build-stamp configure-stamp
+
+	# Add here commands to clean up after the build process.
+	[ ! -f Makefile ] || $(MAKE) distclean
+
+	dh_clean 
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k 
+	dh_installdirs
+
+	# Add here commands to install the package into debian/pidgin-otr.
+	$(MAKE) install DESTDIR=$(CURDIR)/debian/tmp
+
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+	dh_installchangelogs ChangeLog
+	dh_installdocs
+#	dh_installexamples
+	dh_install
+#	dh_installmenu
+#	dh_installdebconf	
+#	dh_installlogrotate
+#	dh_installemacsen
+#	dh_installpam
+#	dh_installmime
+#	dh_installinit
+#	dh_installcron
+#	dh_installinfo
+#	dh_installman
+#	dh_link
+	dh_strip
+	dh_compress
+	dh_fixperms
+#	dh_perl
+#	dh_python
+#	dh_makeshlibs
+	dh_installdeb
+	dh_shlibdeps
+	dh_pidgin
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install configure
--- pidgin-otr-3.2.0.orig/debian/control
+++ pidgin-otr-3.2.0/debian/control
@@ -0,0 +1,30 @@
+Source: pidgin-otr
+Section: net
+Priority: optional
+Maintainer: Thibaut VARENE <varenet@debian.org>
+Build-Depends: debhelper (>= 4.0.0), libgpg-error-dev (>= 1.0), libgcrypt11-dev (>= 1.2.0), libglib2.0-dev (>= 2.4), libgtk2.0-dev (>= 2.4), pidgin-dev, libotr2-dev (>= 3.1.0), libxml-parser-perl
+Standards-Version: 3.8.0
+
+Package: pidgin-otr
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: Off-the-Record Messaging plugin for pidgin
+ Off-the-Record (OTR) Messaging plugin for pidgin
+ .
+ OTR allows you to have private conversations over IM by providing:
+  - Encryption
+    - No one else can read your instant messages.
+  - Authentication
+    - You are assured the correspondent is who you think it is.
+  - Deniability
+    - The messages you send do _not_ have digital signatures that are
+      checkable by a third party.  Anyone can forge messages after a
+      conversation to make them look like they came from you.  However,
+      _during_ a conversation, your correspondent is assured the messages
+      he sees are authentic and unmodified.
+  - Perfect forward secrecy
+    - If you lose control of your private keys, no previous conversation
+      is compromised.
+ .
+ This is a pidgin plugin which implements Off-the-Record (OTR) Messaging.
+
--- pidgin-otr-3.2.0.orig/debian/install
+++ pidgin-otr-3.2.0/debian/install
@@ -0,0 +1,2 @@
+debian/tmp/usr/lib/pidgin/pidgin-otr.so /usr/lib/pidgin
+debian/tmp/usr/share/locale/*/LC_MESSAGES/pidgin-otr.mo
--- pidgin-otr-3.2.0.orig/debian/compat
+++ pidgin-otr-3.2.0/debian/compat
@@ -0,0 +1 @@
+4
--- pidgin-otr-3.2.0.orig/debian/docs
+++ pidgin-otr-3.2.0/debian/docs
@@ -0,0 +1 @@
+README
--- pidgin-otr-3.2.0.orig/debian/copyright
+++ pidgin-otr-3.2.0/debian/copyright
@@ -0,0 +1,27 @@
+This package was debianized by OTR Dev Team <otr@cypherpunks.ca> on
+Wed,  1 Dec 2004 17:02:12 -0500.
+
+It was downloaded from http://www.cypherpunks.ca/otr/
+
+Copyright (C) 2004-2007 by Nikita Borisov and Ian Goldberg
+
+Upstream Authors: OTR Dev Team <otr@cypherpunks.ca>
+
+License:
+
+   This package is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991.
+
+   This package is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this package; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+   02110-1301, USA.
+
+On Debian systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL-2'.
--- pidgin-otr-3.2.0.orig/debian/watch
+++ pidgin-otr-3.2.0/debian/watch
@@ -0,0 +1,6 @@
+# Example watch control file for uscan
+# Rename this file to "watch" and then you can run the "uscan" command
+# to check for upstream updates and more.
+# Site		Directory		Pattern			Version	Script
+version=2
+http://www.cypherpunks.ca/otr/	pidgin-otr-(.*)\.t(?:ar\.)?gz	debian	uupdate
--- pidgin-otr-3.2.0.orig/debian/changelog
+++ pidgin-otr-3.2.0/debian/changelog
@@ -0,0 +1,42 @@
+pidgin-otr (3.2.0-2+lenny0) stable; urgency=low
+
+  * Bump source version number to be higher than the binNMU of 3.2.0-2
+    in stable.
+
+ -- Philipp Kern <pkern@debian.org>  Sun, 07 Jun 2009 15:57:08 +0200
+
+pidgin-otr (3.2.0-2lenny0) stable-proposed-updates; urgency=low
+
+  * Ship translation files with the package (Closes: #516763)
+
+ -- Thibaut VARENE <varenet@debian.org>  Mon, 23 Feb 2009 16:56:58 +0100
+
+pidgin-otr (3.2.0-2) unstable; urgency=high
+
+  * Make key generation use /dev/urandom (Closes: #489523)
+
+ -- Thibaut VARENE <varenet@debian.org>  Thu, 10 Jul 2008 17:34:32 +0200
+
+pidgin-otr (3.2.0-1) unstable; urgency=low
+
+  * New upstream release (Closes: #486639)
+  * Use gender neutral pronouns in strings (Closes: #425315)
+  * Move icon to the menu bar (Closes: #425318)
+  * Security patch from Caspar Clemens Mierau
+    (http://otr.cvs.sourceforge.net/otr/gaim-otr/otr-plugin.c?revision=1.19&view=markup)
+
+ -- Thibaut VARENE <varenet@debian.org>  Sun, 22 Jun 2008 23:24:49 +0200
+
+pidgin-otr (3.1.0-1) unstable; urgency=low
+
+  * New upstream release (closes: #435055, #435836)
+  * Build depend on newer libotr (closes: #430349)
+
+ -- Thibaut VARENE <varenet@debian.org>  Mon, 20 Aug 2007 21:49:14 +0200
+
+pidgin-otr (3.0.0+cvs20070508-1) unstable; urgency=low
+
+  * Initial release of the newly renamed gaim-otr plugin (closes: #422834)
+
+ -- Thibaut VARENE <varenet@debian.org>  Tue, 08 May 2007 17:21:54 +0200
+