Problem with AIM
Daniel Atallah
daniel.atallah at gmail.com
Mon Jan 27 11:49:28 EST 2014
On Mon, Jan 27, 2014 at 10:32 AM, Duncan Berriman <duncan at berrimans.co.uk>
wrote:
>
> Hi,
>
> I did some more work on my code which may be of use to others as I see
quite
> a number of questions re capturing and responding to requests when using
> libpurple as a robot or headless.
>
> This works as I can see the callback working (the request is closed) and
the
> program manages to logon to AIM without the certificate present but I'm
not
> sure it is totally correct. I can also see it fail to connect (as
expected)
> if I change the code to do 'Reject' instead of 'Accept'.
I think you're going down the wrong path with this.
You almost certainly shouldn't (effectively) disabling certificate
validation - that's a horrible thing to do.
As Mark noted, the issue with AIM is that they have a new cert that's
signed by a CA isn't in the default pidgin CA list - the right way to
resolve that particular issue is to add the CA to the CA list you're using.
If there is a particular server that is outside of your control which is
using an invalid or expired cert (which is not the case with AIM), a very
specific exception (for that server and certificate combination) *might* be
a reasonable thing to implement, but the global thing you've done is just
wrong.
-D
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/pipermail/devel/attachments/20140127/ce2ea1c5/attachment.html>
More information about the Devel
mailing list