[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
pkg/55944: Libloudmouth has problems with wildcard SSL/TLS certificates
>Synopsis: libloudmouth has problems with wildacrd SSL/TLS certifactes using it with mcabber
>Arrival-Date: Fri Jan 22 14:10:00 +0000 2021
>Originator: Adrian Immanuel Kiess
>Release: NetBSD 9.1
mcabber version 1.1.0 on NetBSD 9.1/amd64
System: NetBSD www3.kiess.onl 9.1 NetBSD 9.1 (GENERIC) #0: Sun Oct 18 19:24:30 UTC 2020 mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
using the binaries from the current pkgsrc release pkgsrc-2020Q4, mcabber aborts the connection to a Prosody XMPP server (Version 0.11.7-1 from Debian) using the secure TLS protocol with the following error: "Certificate hostname does not match expected hostname!". One has to set "set ssl_ignore_checks = 1" in mcabberrc, to make mcabber connect successfully to the Prosody XMPP server over secure TLS protocal.
Holger WeiÃ? found the reason for this error I am having in the loudmouth library, on NetBSD linked against OpenSSL.
Holger WeiÃ? (holger at zedat.fu-berlin.de) pointed out a patch, already existing in the loudmouth library:
I also tested mcabber on Debian (Version 1.1.2) and FreeBSD (Version 1.1.1) where mcabber can connect without issues over the TLS secure protocol to the Prosody XMPP server.
Thank you very much for your kind attention.
Connect with mcabber from the current pkgsrc quarterlies binaries on NetBSD 9.1/amd64 to a Prosody XMPP server, which is using a wildcard certificate, over TLS.
Proposed fix for loudmouth: https://github.com/mcabber/loudmouth/commit/792d8bd529f5dc0577dcc28c5f31b6a437d970fa.patch
Main Index |
Thread Index |