Mercurial > pidgin
comparison libpurple/plugins/ssl/ssl-gnutls.c @ 28355:13a229a062c6
Check the GnuTLS version before using a recent-ish flag. Fixes #10412.
This was reported by Kev (of the XMPP world), who is using either Debian
Lenny.
author | Paul Aurich <paul@darkrain42.org> |
---|---|
date | Sat, 10 Oct 2009 03:27:31 +0000 |
parents | 0ac5a002dd6d |
children | 401a00227615 |
comparison
equal
deleted
inserted
replaced
28354:b8d68532c188 | 28355:13a229a062c6 |
---|---|
728 purple_debug_error("gnutls/x509", | 728 purple_debug_error("gnutls/x509", |
729 "Attempted certificate verification caused a GnuTLS error code %d. I will just say the signature is bad, but you should look into this.\n", ret); | 729 "Attempted certificate verification caused a GnuTLS error code %d. I will just say the signature is bad, but you should look into this.\n", ret); |
730 return FALSE; | 730 return FALSE; |
731 } | 731 } |
732 | 732 |
733 #ifdef HAVE_GNUTLS_CERT_INSECURE_ALGORITHM | |
733 if (verify & GNUTLS_CERT_INSECURE_ALGORITHM) { | 734 if (verify & GNUTLS_CERT_INSECURE_ALGORITHM) { |
734 /* | 735 /* |
735 * A certificate in the chain is signed with an insecure | 736 * A certificate in the chain is signed with an insecure |
736 * algorithm. Put a warning into the log to make this error | 737 * algorithm. Put a warning into the log to make this error |
737 * perfectly clear as soon as someone looks at the debug log is | 738 * perfectly clear as soon as someone looks at the debug log is |
741 issuer_id = purple_certificate_get_issuer_unique_id(crt); | 742 issuer_id = purple_certificate_get_issuer_unique_id(crt); |
742 purple_debug_warning("gnutls/x509", | 743 purple_debug_warning("gnutls/x509", |
743 "Insecure hash algorithm used by %s to sign %s\n", | 744 "Insecure hash algorithm used by %s to sign %s\n", |
744 issuer_id, crt_id); | 745 issuer_id, crt_id); |
745 } | 746 } |
747 #endif | |
746 | 748 |
747 if (verify & GNUTLS_CERT_INVALID) { | 749 if (verify & GNUTLS_CERT_INVALID) { |
748 /* Signature didn't check out, but at least | 750 /* Signature didn't check out, but at least |
749 there were no errors*/ | 751 there were no errors*/ |
750 if (!crt_id) | 752 if (!crt_id) |