# HG changeset patch
# User Paul Aurich <paul@darkrain42.org>
# Date 1260893214 0
# Node ID 57ee55097ec8f4f2fe7cda98477d9bdf300d8288
# Parent  cb28babdf3fe1670b01a89bb35537b69f7000dac
certs: Cache certs once again (at the end of the verification process).

It looks like I accidentally broke this (libpurple wouldn't replace a cert
already in the cache) when extending the invalidity reasons.

diff -r cb28babdf3fe -r 57ee55097ec8 ChangeLog
--- a/ChangeLog	Tue Dec 15 08:58:09 2009 +0000
+++ b/ChangeLog	Tue Dec 15 16:06:54 2009 +0000
@@ -1,6 +1,10 @@
 Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
 
 version 2.6.5 (??/??/20??):
+	libpurple:
+	* TLS certificates are actually stored to the local cache once again
+	  (accepting a name mismatch on a certificate should now be remembered)
+
 	General:
 	* Build-time fixes for Solaris.  (Paul Townsend)
 
diff -r cb28babdf3fe -r 57ee55097ec8 libpurple/certificate.c
--- a/libpurple/certificate.c	Tue Dec 15 08:58:09 2009 +0000
+++ b/libpurple/certificate.c	Tue Dec 15 16:06:54 2009 +0000
@@ -1431,9 +1431,8 @@
 	tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,
 						 "tls_peers");
 	if (tls_peers) {
-		if (!purple_certificate_pool_contains(tls_peers, vrq->subject_name) &&
-		        !purple_certificate_pool_store(tls_peers,vrq->subject_name,
-		                                       peer_crt)) {
+		if (!purple_certificate_pool_store(tls_peers,vrq->subject_name,
+		                                   peer_crt)) {
 			purple_debug_error("certificate/x509/tls_cached",
 			                   "FAILED to cache peer certificate\n");
 		}