[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Weechat-dev] [task #12724] expected SSL-Certificate

From: Maarten de Vries
Subject: [Weechat-dev] [task #12724] expected SSL-Certificate
Date: Mon, 20 Jan 2014 11:58:39 +0000
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0

Follow-up Comment #2, task #12724 (project weechat):

Uploaded a patch that adds a 'ssl_fingerprint' option for servers. When
non-empty, the normal checks are disabled and the certificate fingerprint must
match the set sha1 fingerprint. It should be given as hexadecimal string
withouth seperators between the bytes. That's also what weechat shows when it
rejects the certificate.

We could still maybe add a message when the certificate is rejected that the
user can accept it by setting this option.

I thought this was easier than the gnutls builtin trusted keystore, since it
can be managed from weechat with simple set/unset commands.

This is my first patch for weechat, so I hope it's good enough :)


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]