Tor IM Bundle - use decentralized system (ex: cabels or TorChat)
I don't see much point in fixing Pidgin. Nothing wrong with Pidgin, but not really made for use with Tor. Jabber is also a fine protocol, but not made for censor resistance.
I suggest switching to something decentralized. Why?
A jabber jid like "julian.a**ange at jabber.us"... How long do you think it would last? That is, why you invented hidden services.
No need to reinvent the wheel...
- There is already cabels  (from Liberte Linux developer) and torchat .
- Both use hidden services.
- Both are independent from a centralized servers.
- Both projects are alive.
- Both developers are friendly, listening for feedback, fixing vulnerabilities.
So here is the idea:
- Contact one or the other developer or both.
- See what you like about their application and what not. What prevents you from using it for the Tor Im Browser Bundle.
- Ask them, whether they are interested to see their application bundled within an official Tor Browser IM Bundle.
- Ask them, if they would fix, what you complain about (any insecure things, if any).