[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Weechat-dev] [task #12724] expected SSL-Certificate
From: |
Maarten de Vries |
Subject: |
[Weechat-dev] [task #12724] expected SSL-Certificate |
Date: |
Mon, 20 Jan 2014 11:58:39 +0000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0 |
Follow-up Comment #2, task #12724 (project weechat):
Uploaded a patch that adds a 'ssl_fingerprint' option for servers. When
non-empty, the normal checks are disabled and the certificate fingerprint must
match the set sha1 fingerprint. It should be given as hexadecimal string
withouth seperators between the bytes. That's also what weechat shows when it
rejects the certificate.
We could still maybe add a message when the certificate is rejected that the
user can accept it by setting this option.
I thought this was easier than the gnutls builtin trusted keystore, since it
can be managed from weechat with simple set/unset commands.
This is my first patch for weechat, so I hope it's good enough :)
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/task/?12724>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/