SSL security concern

[David Woolley]

On 22/09/13 21:26, skyper wrote:
>
> 1. Which ROOT CA storage does pidgin use to authenticate a server side
> SSL certificate?

See ./configure --help.  At a quick scan, it looks like it uses its own 
set of root certificates by default.  The default will depend on the OS, 
at least to some extent.  On Debian, it looks like the default is 
/usr/share/purple/ca-certs.

If you didn't compile it yourself, the choices made by the packager may 
differ from the build system defaults.

>
> 2. How can I configure pidgin to use one (and just one; exclusive) ROOT
> CA storage (or single certificate) and ignore all other system-wide root
> certs without having to recompile the source?

On that reading.  If it has been compiled to use its own certificates, 
delete the other certificates.  Again, on the above reading, this will 
be a global change for all libpurple clients. If it has been compiled to 
use a system directory, your caveat cannot be met.

>
> 3. How can I harden pidgin to fail connecting to the jabber server if
> SSL trust can not be established? I do not want to see any warning that
> the SSL cert can not be authenticated or the user being asked if he
> trusts the certificate manually.

That goes against the general philosophy of open source clients, that 
the user should be assumed to be responsible.  My guess is that this not 
only requires recompiling, but also requires source code changes.

Please note I'm not an expert on this.  I'm just going on a very quick 
scan of the configure script, and the general design philosophy of open 
source client software.