[Pidgin] #4570: The XMPP plugin uses the hostname given by the SRV record to perform certificate validation
Pidgin
trac at pidgin.im
Fri Jan 4 19:30:45 EST 2008
#4570: The XMPP plugin uses the hostname given by the SRV record to perform
certificate validation
--------------------+-------------------------------------------------------
Reporter: steffen | Owner: nwalp
Type: defect | Status: new
Priority: minor | Component: XMPP
Version: 2.3.1 | Keywords:
Pending: 0 |
--------------------+-------------------------------------------------------
The XMPP plugin uses the hostname given by the SRV record to perform
certificate validation:
libpurple/protocols/jabber/jabber.c:
{{{
static void tls_init(JabberStream *js)
{
purple_input_remove(js->gc->inpa);
js->gc->inpa = 0;
js->gsc = purple_ssl_connect_with_host_fd(js->gc->account, js->fd,
jabber_login_callback_ssl,
jabber_ssl_connect_failure, js->host, js->gc);
}
}}}
js->host is set by jabber_login_connect() to the hostname in the SRV RR.
This is a bad idea since an attacker could forge the SRV RR to point to a
domain he owns (and therefore has a certificate for). Instead the domain
given in the preferences dialog should be used.
--
Ticket URL: <http://developer.pidgin.im/ticket/4570>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list