After the Ubuntu 12.04 upgrade to 14.04, the pidgin-sipe problem arises: trouble with the pidgin and self-signed SSL certificate

Once again, I run into trouble when upgrading my linuxmint.

In the last few days, my Linux mint notifies me-lots of packages need to be upgraded. As I ' m using a LTS version, I agreed to download and upgrade all packages, which includes pidgin. Pidgin was upgraded to version 2.10.9

Unfortunately, afterward, I cannot use pidgin with the Office Communicator plugin to log in my corporation's Lync server. Lync always tells me it cannot validate the certificate from the server.
It ' s normal, because my Lync Server uses a self-signed certificate. But on the past, pidgin allow me to connect with a warning only, and now it denies me.

Lots of googling does not help me. Tried to install a newer version 2.10.10 also does don't help me to resolve problem. It's terrible for me, because the most of the communication in my company with Lync, and I dont want to get back to Windows world, Just because of pidgin.

Fortunately, pidgin, like the most of the application in Linux World, is open source. So I tried to download the source code of Pidgin, tried to compile it. The Self-compile package for 2.10.10 also does help me to resolve the problem, so I perform some review on the source.  IT's not really easy for me, as I never wrote any C + + program on Linux before. Finally after half days, I found this from pidgin 2.10.9, they re-designed the Nss-ssl plugin which used as the Infrastruc Ture for SSL connection, but they forget to add the code to process unknown CA provider. They processed the untrusted issuer, but not unknown issuer (my case, for the self-signed certificate).

In/libpurple/plugins/ssl/ssl-nss.c

Case

Sec_error_untrusted_issuer:

if (crt_dat->isroot) { *flags |= purple_certificate_self_signed; } else { *flags |= purple_certificate_ca_unknown; }

So my work was quite easy:add the unknown issuer processing with the same process with untrusted issuer.

Case

sec_error_unknown_issuer:
Case Sec_error_untrusted_issuer:
if (crt_dat->isroot) {
... 

After review again the latest source code in Pidgin's SCM, I found that this change is already integrated on to latest so Urce code 3 weeks ago. So it's hopeful that on next verison of pidgin, this problem is gone.


UPDATE 2015/04/11
As with latest version of Pidgin, 2.10.11 I still has the same problem.
I just performed a small hack:remove all certifications check.
Of course, it ' s dangerous with the mans in middle attack. But, for me, it's enough.
I put it into my Google site for anybody who doesnt want to build it.

Pidgin Download

Sipe plugin Download

In view of the above questions, check out the version of Pidgin 12.04 and 14.04

12.04:pidgin 2.10.3 (libpurple 2.10.3)

14.04:pidgin 2.10.9 (libpurple 2.10.9)

Decisively on the SourceForge (http://sourceforge.net/projects/pidgin/files/Pidgin/2.10.3/pidgin-2.10.3.tar.gz/download?use_ mirror=colocrossing&r=http%3a%2f%2fsourceforge.net%2fprojects%2fpidgin%2ffiles%2fpidgin%2f2.10.3%2f& USE_MIRROR=TCPDIAG) Download the pidgin2.10.3 version of the TAR package, and then compile, seemingly in the Configure when the dependency is quite many, according to each error prompt, the final configure command is as follows:

./configure--disable-screensaver--disable-gtkspell--disable-gstreamer--disable-vv--disable-idn-- Disable-meanwhile--disable-avahi--disable-nm--disable-perl--disable-tcl; make; sudo make install

It's OK.

Notice:

This time the pidgin are installed by default under/usr/loca/, not under the original/usr/

After the Ubuntu 12.04 upgrade to 14.04, the pidgin-sipe problem arises: trouble with the pidgin and self-signed SSL certificate