pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/55949: The Profanity XMPP/Jabber client has wrong certpath set for default

>Number:         55949
>Category:       pkg
>Synopsis:       The Profanity XMPP/Jabber client has wrong certpath set for default
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jan 23 11:15:00 +0000 2021
>Originator:     Adrian Immanuel Kiess
>Release:        NetBSD 9.1
System: NetBSD 9.1 NetBSD 9.1 (GENERIC) #0: Sun Oct 18 19:24:30 UTC 2020 amd64
Architecture: x86_64
Machine: amd64
  The Profanity XMPP/Jabber clients SSL/TLS ca certpath for the ca certs is set to /etc/ssl as default. It should point to /etc/openssl/certs, as mozilla-rootcerts{-openssl} installs the ca rootcerts to /etc/openssl/certs. One has to set the ca certpath manually with the command /tls certpath set /etc/openssl/certs inside Profinaty, to make TLS secure connections possible. 

	Without this modification, Profanity aborts the TLS connection with: "Cannot get local issuer".

	For a better user experience, please set a reasonable default ca certpath for Profanity for the default installtion. I also tested on FreeBSD where the default installation works without this modification.

	I tested with Profanity profanity-0.9.5nb2 on NetBSD 9.1/amd64 from the pkgsrc-2020Q4 binaries.

	Thank you for your kind attention.

	Adrian Kiess
 Install Profanity from the current pkgsrc quarterly binaries and try to connect with TLS encryption to a XMPP/Jabber server without making modifications to the default configuration. It aborts the connection with: "Cannot get local issuer"
  /tls certpath set /etc/openssl/certs inside the Profanity client


Home | Main Index | Thread Index | Old Index