[Pidgin] #15850: The Pidgin certificate store needs some work

Pidgin trac at pidgin.im
Sun Jan 12 17:40:25 EST 2014 

#15850: The Pidgin certificate store needs some work
----------------------------------+------------------------
 Reporter:  xnyhps                |       Owner:
     Type:  defect                |      Status:  new
Milestone:  2.10.8                |   Component:  libpurple
  Version:  2.10.7                |  Resolution:
 Keywords:  tls ssl certificates  |
----------------------------------+------------------------
Changes (by MarkDoliner):

 * milestone:   => 2.10.8


Comment:

 We need to fix the cert for AIM, too:

 {{{
 (13:58:33) util: Defaulting max download from
 https://api.oscar.aol.com/aim/startOSCARSession?a=stuff&distId=1550&f=xml&k=stuff&ts=1389563913&useTLS=1&sig_sha256=stuff
 to 524288
 (13:58:33) dnsquery: Performing DNS lookup for api.oscar.aol.com
 (13:58:33) dns: Successfully sent DNS request to child 9117
 (13:58:33) dns: Got response for 'api.oscar.aol.com'
 (13:58:33) dnsquery: IP resolved for api.oscar.aol.com
 (13:58:33) proxy: Attempting connection to 64.12.235.15
 (13:58:33) proxy: Connecting to api.oscar.aol.com:443 with no proxy
 (13:58:33) proxy: Connection in progress
 (13:58:33) proxy: Connecting to api.oscar.aol.com:443.
 (13:58:33) proxy: Connected to api.oscar.aol.com:443.
 (13:58:33) nss: subject=CN=api.oscar.aol.com,OU=Messaging Operations,O=AOL
 Inc.,L=Dulles,ST=Virginia,C=US issuer=CN=Entrust Certification Authority -
 L1C,OU="(c) 2009 Entrust, Inc.",OU=www.entrust.net/rpa is incorporated by
 reference,O="Entrust, Inc.",C=US
 (13:58:33) nss: subject=CN=Entrust Certification Authority - L1C,OU="(c)
 2009 Entrust, Inc.",OU=www.entrust.net/rpa is incorporated by
 reference,O="Entrust, Inc.",C=US issuer=CN=Entrust.net Certification
 Authority (2048),OU=(c) 1999 Entrust.net
 Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits
 liab.),O=Entrust.net
 (13:58:33) nss: partial certificate chain
 (13:58:33) certificate/x509/tls_cached: Starting verify for
 api.oscar.aol.com
 (13:58:33) certificate/x509/tls_cached: Checking for cached cert...
 (13:58:33) certificate/x509/tls_cached: ...Found cached cert
 (13:58:33) nss/x509: Loading certificate from
 /home/dude/.purple/certificates/x509/tls_peers/api.oscar.aol.com
 (13:58:33) certificate/x509/tls_cached: Peer cert did NOT match cached
 (13:58:33) certificate: Checking signature chain for
 uid=CN=api.oscar.aol.com,OU=Messaging Operations,O=AOL
 Inc.,L=Dulles,ST=Virginia,C=US
 (13:58:33) certificate: ...Good signature by CN=Entrust Certification
 Authority - L1C,OU="(c) 2009 Entrust, Inc.",OU=www.entrust.net/rpa is
 incorporated by reference,O="Entrust, Inc.",C=US
 (13:58:33) certificate: Chain is VALID
 (13:58:33) certificate/x509/tls_cached: Checking for a CA with
 DN=CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net
 Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits
 liab.),O=Entrust.net
 (13:58:33) certificate/x509/tls_cached: Also checking for a CA with
 DN=CN=Entrust Certification Authority - L1C,OU="(c) 2009 Entrust,
 Inc.",OU=www.entrust.net/rpa is incorporated by reference,O="Entrust,
 Inc.",C=US
 (13:58:33) certificate/x509/tls_cached: No Certificate Authorities with
 either DN found found. I'll prompt the user, I guess.
 }}}

-- 
Ticket URL: <https://developer.pidgin.im/ticket/15850#comment:1>
Pidgin <https://pidgin.im>
Pidgin

More information about the Tracker mailing list