Mercurial > pidgin.yaz
changeset 27975:b171a80dff25
disapproval of revision '39b90ee2c4d49d80e4f9befbc80cb9684cf05209'
This was a bad recommendation on my part. Let's handle older certificate algorithms a different way.
| author | Paul Aurich <paul@darkrain42.org> |
|---|---|
| date | Wed, 22 Jul 2009 06:10:17 +0000 |
| parents | 0491bd8a2a60 |
| children | 31905a0d1c9d |
| files | configure.ac libpurple/plugins/ssl/ssl-nss.c |
| diffstat | 2 files changed, 0 insertions(+), 23 deletions(-) [+] |
line wrap: on
line diff
--- a/configure.ac Sat Jul 11 06:46:21 2009 +0000 +++ b/configure.ac Wed Jul 22 06:10:17 2009 +0000 @@ -2020,23 +2020,6 @@ AC_SUBST(NSS_CFLAGS) AC_SUBST(NSS_LIBS) fi - -if test "x$enable_nss" = "xyes"; then - AC_MSG_CHECKING(for NSS_SetAlgorithmPolicy) - LIBS_save="$LIBS" - LIBS="$LIBS $NSS_LIBS" - CPPFLAGS_save="$CPPFLAGS" - CPPFLAGS="$CPPFLAGS $NSS_CFLAGS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <nss.h> -#include <secmod.h>], - [NSS_SetAlgorithmPolicy(SEC_OID_MD2, 0, 0);])], - [AC_DEFINE([NEED_NSS_WEAK_ALGORITHMS], 1, - [Define if your NSS needs weak algorithms activated with NSS_SetAlgorithmPolicy]) - AC_MSG_RESULT(yes)], - [AC_MSG_RESULT(no)]) - CPPFLAGS="$CPPFLAGS_save" - LIBS="$LIBS_save" -fi AM_CONDITIONAL(USE_NSS, test "x$enable_nss" = "xyes")
--- a/libpurple/plugins/ssl/ssl-nss.c Sat Jul 11 06:46:21 2009 +0000 +++ b/libpurple/plugins/ssl/ssl-nss.c Wed Jul 22 06:10:17 2009 +0000 @@ -152,12 +152,6 @@ SSL_CipherPrefSetDefault(SSL_DHE_RSA_WITH_DES_CBC_SHA, 1); SSL_CipherPrefSetDefault(SSL_DHE_DSS_WITH_DES_CBC_SHA, 1); -#ifdef NEED_NSS_WEAK_ALGORITHMS - /* Enable some weaker algorithms for XMPP and MSN */ - NSS_SetAlgorithmPolicy(SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NSS_USE_ALG_IN_CERT_SIGNATURE, 0); - NSS_SetAlgorithmPolicy(SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION, NSS_USE_ALG_IN_CERT_SIGNATURE, 0); -#endif - _identity = PR_GetUniqueIdentity("Purple"); _nss_methods = PR_GetDefaultIOMethods(); }