changeset 29186:57ee55097ec8

certs: Cache certs once again (at the end of the verification process). It looks like I accidentally broke this (libpurple wouldn't replace a cert already in the cache) when extending the invalidity reasons.
author Paul Aurich <paul@darkrain42.org>
date Tue, 15 Dec 2009 16:06:54 +0000
parents cb28babdf3fe
children fc30836fb714
files ChangeLog libpurple/certificate.c
diffstat 2 files changed, 6 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Tue Dec 15 08:58:09 2009 +0000
+++ b/ChangeLog	Tue Dec 15 16:06:54 2009 +0000
@@ -1,6 +1,10 @@
 Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
 
 version 2.6.5 (??/??/20??):
+	libpurple:
+	* TLS certificates are actually stored to the local cache once again
+	  (accepting a name mismatch on a certificate should now be remembered)
+
 	General:
 	* Build-time fixes for Solaris.  (Paul Townsend)
 
--- a/libpurple/certificate.c	Tue Dec 15 08:58:09 2009 +0000
+++ b/libpurple/certificate.c	Tue Dec 15 16:06:54 2009 +0000
@@ -1431,9 +1431,8 @@
 	tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,
 						 "tls_peers");
 	if (tls_peers) {
-		if (!purple_certificate_pool_contains(tls_peers, vrq->subject_name) &&
-		        !purple_certificate_pool_store(tls_peers,vrq->subject_name,
-		                                       peer_crt)) {
+		if (!purple_certificate_pool_store(tls_peers,vrq->subject_name,
+		                                   peer_crt)) {
 			purple_debug_error("certificate/x509/tls_cached",
 			                   "FAILED to cache peer certificate\n");
 		}