As requested, NSS patch submitted to Pidgin in forwarded bug report, so
there's no need to switch to GNUTLS.
However, the second half of the patch above is still needed to grab CA
certs from /etc/ssl/certs. Attaching just that part.
--- pidgin-2.4.1/libpurple/certificate.c
+++
I believe this bug was introduced with the fix for bug #401567.
At that time, the SSL implementation was changed from GNUTLS to NSS.
Unfortunately, the NSS plugin in pidgin does no certificate checking at
all, meaning that any certificate is accepted (including malformed or
self-signed
2 matches
Mail list logo