On 25. 1. 2011 1:17, Daniel Veditz wrote:
Forwarding question to the mozilla.dev.tech.crypto group.
Is this a module you're creating yourself, or one you know works
fine with Firefox for other people?
On 1/21/11 6:21 PM, Lbm wrote:
Hi, first of all I hope I'm posting this question in the right
Forwarding question to the mozilla.dev.tech.crypto group.
Is this a module you're creating yourself, or one you know works
fine with Firefox for other people?
On 1/21/11 6:21 PM, Lbm wrote:
> Hi, first of all I hope I'm posting this question in the right place.
>
> Anyway, I've been trying to ad
On Mon, Jan 24, 2011 at 12:18 PM, Robert Relyea wrote:
>
> (I always thought the
> universal binaries were built by building each arch separately and then
> combining them at the end).
This is correct.
It is also possible to build for two arches in one pass, for example,
gcc -arch i386 -arch x86
On 01/22/2011 04:58 AM, Kaspar Brand wrote:
> On 20.1.11 20:57, Robert Relyea wrote:
>> On 01/19/2011 10:36 PM, Kaspar Brand wrote:
>>> That's certainly doable, but I don't think the NSS build system has
>>> support for building universal binaries (you'd have to fiddle with lipo
>>> yourself).
>> I
On 01/24/2011 01:05 PM, Ben Bucksch wrote:
No, actually, that would be a security bug. XMPP (better known as
"Jabber", "Google Talk" etc.) uses DNS SRV lookups to find the hostname
of a server. For the user, the connection just goes to "foo.com". We
make a DNS SRV lookup of _xmpp-client._tcp.foo
Just to be clear, to avoid confusion: this was a pure programming
question, not a server admin or PKI setup question. I write a client for
an existing standard protocol, and it's supposed to work with the
existing servers, over which I have no control.
Ben
--
dev-tech-crypto mailing list
dev-t
On 24.01.2011 19:36, Marsh Ray wrote:
The correct solution would be to fix the certificate on the server.
No, actually, that would be a security bug. XMPP (better known as
"Jabber", "Google Talk" etc.) uses DNS SRV lookups to find the hostname
of a server. For the user, the connection just go
On 01/24/2011 12:12 PM, Ben Bucksch wrote:
I filed bug 628312 above the original problem that don't have an API to
set the expected host, and have a prototype fix, but can't get it to work.
Can somebody help, please? This is a blocker for me right now, I can't
deploy XMPP without STARTTLS.
The
I filed bug 628312 above the original problem that don't have an API to
set the expected host, and have a prototype fix, but can't get it to work.
In the meantime, I need the workaround. After sinking a full day of
highly concentrated work into it, I am still stuck on this:
On 24.01.2011 16:0
On 24.01.2011 15:10, Ben Bucksch wrote:
In my nsIBadCertListener2::notifyCertProblem(), I try to
getInterface(nsITransportSecurityInfo) from socketInfo, because
nsNSSIOLayer.cpp::nsNSSBadCerthandler() lines 3348 and 3577 suggest
that it should be a nsNSSSocketInfo object, which implements
nsIT
On 24.01.2011 12:38, Ben Bucksch wrote:
Worst comes to worst, I can always override the cert error, and do the
check myself, but that's going to get quite ugly.
I have to say the PSM IDL interfaces are coming right out of the black
hole. I implement nsIBadCertListener2 and nsISSLErrorListener.
On 24.01.2011 06:54, Kaspar Brand wrote:
You're looking for SSL_SetURL
(http://mxr.mozilla.org/mozilla/ident?i=SSL_SetURL)
Thanks!
but note that this
is currently not exposed to JS land... maybe something to add to PSM's
nsNSSSocketInfo?
Meh! It's an extension to be deployed to customers in
12 matches
Mail list logo
