[Pidgin] #14774: Pidgin verifies the wrong component of a SSL-certificate
Pidgin
trac at pidgin.im
Mon Nov 28 20:11:52 EST 2011
#14774: Pidgin verifies the wrong component of a SSL-certificate
--------------------------+-------------------------------------------------
Reporter: klaernie | Owner: rekkanoryo
Type: defect | Status: new
Component: unclassified | Version: 2.10.0
Keywords: |
--------------------------+-------------------------------------------------
Hello alltogether,
I noticed today, that the current version of pidgin fails to verify the
SSL-certificate of my server correctly if no xmpp-servername is given.
I use my personal server with xmpp-server-autodetection for ages, but only
with a test-domain, where the server-name of my xmpp-server and the xmpp-
domain are matching.
Today I tried out to run a vhosting on my xmpp-server, with the same old
cert, and a new domain which got _xmpp-client._tcp.domain.tld pointing to
my server.
Than pidgin asks me, whether I'd like to accept the certificate, as it
clearly doesn't match the domain I configured, but instead pidgin should
verify the CN/SubjectAltName of the certificate against the servername it
found using autodetection.
I'd appreciate any answer.
Regards, Andre
--
Ticket URL: <http://developer.pidgin.im/ticket/14774>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list