Trac is being migrated to new services! Issues can be found in our new
YouTrack instance and WIKI pages can be found on our
website.
- Timestamp:
-
Jun 19, 2007, 5:57:21 PM (17 years ago)
- Author:
-
wehlhard
- Comment:
-
issue
Legend:
- Unmodified
- Added
- Removed
- Modified
-
|
v1
|
v2
|
|
| 2 | 2 | * Jabber (and possibly others) use the purple_ssl_connect_fd function to build an SSL connection over a previously existing ProxyConnection. Since all the SSL side sees is the file descriptor in this case, hostname verification is impossible. (29 May) |
| 3 | 3 | * talk.google.com gives back a gmail.com certificate?! (29 May) |
| | 4 | * Design issue: In my design, the Certificate struct has an ptr to a GnuTLS certificate structure to hold its internal data. This has the consequence that the SSL connection system and X.509 handling must both be provided by GnuTLS; if, say, SILC provides the X.509 handling, and GnuTLS the SSL connections, everything grinds to a gruesome segfaulty halt. |
| 4 | 5 | |
| | 6 | Should I address this? The only workaround I can think of is to keep a pointer to the PEM-formatted certificate in the Certificate struct instead, but that will require any consumers of the Certificate to have PEM encoding/decoding and constantly decode it from PEM for every use. (June 19) |
| 5 | 7 | = Resolved Issues = |
| 6 | 8 | * It looks like PKCS12 (the certificate import/export format) is supported by both libNSS and GnuTLS. |
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!
