im.pidgin.pidgin: 488f5df4c08083c7398d513d843a0e2812cc7148

nosnilmot at pidgin.im nosnilmot at pidgin.im
Sun Dec 23 13:40:38 EST 2007


-----------------------------------------------------------------
Revision: 488f5df4c08083c7398d513d843a0e2812cc7148
Ancestor: c8cd6cbbf3304318f64cb6b8fac1f53eabf14c7d
Author: nosnilmot at pidgin.im
Date: 2007-12-23T18:36:09
Branch: im.pidgin.pidgin

Modified files:
        libpurple/certificate.c

ChangeLog: 

If a peer certificate does not match our cached cert, do not auto reject it!
- it's quite possible the certificate was renewed! This fixes the problems
caused by jabber.org renewing their SSL certificate yesterday. Workaround
for mortals is to remove the cached peer certificate, either from Tools->Certificates
or by deleting ~/.purple/certificates/x509/tls_peers/jabber.org

-------------- next part --------------
============================================================
--- libpurple/certificate.c	fff47a7bcf9f34b58a2ef430be402cf97a264d2b
+++ libpurple/certificate.c	740fd14fee8dc8fb2761b17a2e81b0a537891234
@@ -1228,6 +1228,9 @@ static void
 }
 
 static void
+x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq);
+
+static void
 x509_tls_cached_cert_in_cache(PurpleCertificateVerificationRequest *vrq)
 {
 	/* TODO: Looking this up by name over and over is expensive.
@@ -1268,8 +1271,8 @@ x509_tls_cached_cert_in_cache(PurpleCert
 	} else {
 		purple_debug_info("certificate/x509/tls_cached",
 				  "Peer cert did NOT match cached\n");
-		/* vrq now becomes the problem of cert_changed */
-		x509_tls_cached_peer_cert_changed(vrq);
+		/* vrq now becomes the problem of the user */
+		x509_tls_cached_unknown_peer(vrq);
 	}
 	
 	purple_certificate_destroy(cached_crt);


More information about the Commits mailing list