Pidgin 2.7.3 on Maemo5 - SSL certificates for MSN invalid
Matthias Apitz
guru at unixarea.de
Mon Nov 22 07:31:45 EST 2010
El día Monday, November 22, 2010 a las 10:35:36AM +0100, Matthias Apitz escribió:
> I've right now compiled 2.7.6 on FreeBSD 8.x. It has two issues:
>
> 1)
> the MSN certificate issue; the certificate is not validated after the
> start of pidgin; it takes a while and it seems that if pidgin contacts
> some of the *.contacts server it works, while it does not for others;
> I could run it with --debug to get a list of the IP addrs...
and here is the data from the debug log:
Pidgin resolves via DNS for omega.contacts.msn.com 5 times the IP addr
207.46.113.78 which has the following certificates:
(13:08:31) gnutls/x509: Key print: ac:7e:e4:5f:97:b8:7e:f0:0b:ac:a6:51:9f:ba:51:f0:ad:73:17:8b
(13:08:31) gnutls/x509: Key print: 7e:8a:c2:9c:5a:32:8c:c2:71:a2:d9:4f:75:70:f7:a9:1b:f6:94:05
(13:08:31) gnutls/x509: Key print: 3d:29:1d:b8:ee:22:be:e1:33:70:06:f2:ef:c6:f9:db:dd:03:bb:25
Then it resolves to 207.46.118.183 which has other certificates:
(13:16:03) gnutls/x509: Key print: c8:f3:b1:69:52:36:07:33:b5:02:1b:a2:b2:b4:ce:32:b9:68:37:36
(13:16:03) gnutls/x509: Key print: 3a:dd:0e:7e:a2:b2:84:ff:45:9e:13:73:65:b4:82:d1:88:df:bf:8a
(13:16:03) gnutls/x509: Key print: e5:95:8d:48:fe:10:d7:34:03:11:e8:c0:3b:b2:29:40:da:ba:2d:a3
and it can verify with success:
(13:16:03) certificate: Successfully verified certificate for omega.contacts.msn.com
i.e. it depends of the server in question :-(
HIH
matthias
--
Matthias Apitz
t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211
e <guru at unixarea.de> - w http://www.unixarea.de/
More information about the Support
mailing list