[Pidgin] #15344: Pidgin should optionally remember expired TLS/SSL certificates from servers
Pidgin
trac at pidgin.im
Fri Feb 22 16:26:11 EST 2013
#15344: Pidgin should optionally remember expired TLS/SSL certificates from servers
-----------------------------------------------+---------------------------
Reporter: pazpaz | Owner: rekkanoryo
Type: enhancement | Status: new
Milestone: | Component: unclassified
Version: 2.10.6 | Resolution:
Keywords: certificate tls ssl expire dialog |
-----------------------------------------------+---------------------------
Comment (by cyisfor):
From what I can eyeball, the SSL code does cache the certificate by
fingerprint, and shouldn't reverify it when you reconnect. I think the
problem is that the algorithm for getting the fingerprint doesn't produce
the same fingerprint. There isn't exactly a "SSL_get_fingerprint" function
in NSS, and I think the one pidgin does itself is hashing some mutable
data like connect timestamps or something.
--
Ticket URL: <https://developer.pidgin.im/ticket/15344#comment:3>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list