After the Ubuntu 12.04 upgrade to 14.04, the pidgin-sipe problem arises: trouble with the pidgin and self-signed SSL certificate

Source: Internet
Author: User
Tags ssl certificate ssl connection linux mint

Once again, I run into trouble when upgrading my linuxmint.

In the last few days, my Linux mint notifies me-lots of packages need to be upgraded. As I ' m using a LTS version, I agreed to download and upgrade all packages, which includes pidgin. Pidgin was upgraded to version 2.10.9

Unfortunately, afterward, I cannot use pidgin with the Office Communicator plugin to log in my corporation's Lync server. Lync always tells me it cannot validate the certificate from the server.
It ' s normal, because my Lync Server uses a self-signed certificate. But on the past, pidgin allow me to connect with a warning only, and now it denies me.

Lots of googling does not help me. Tried to install a newer version 2.10.10 also does don't help me to resolve problem. It's terrible for me, because the most of the communication in my company with Lync, and I dont want to get back to Windows world, Just because of pidgin.

Fortunately, pidgin, like the most of the application in Linux World, is open source. So I tried to download the source code of Pidgin, tried to compile it. The Self-compile package for 2.10.10 also does help me to resolve the problem, so I perform some review on the source.  IT's not really easy for me, as I never wrote any C + + program on Linux before. Finally after half days, I found this from pidgin 2.10.9, they re-designed the Nss-ssl plugin which used as the Infrastruc Ture for SSL connection, but they forget to add the code to process unknown CA provider. They processed the untrusted issuer, but not unknown issuer (my case, for the self-signed certificate).

In/libpurple/plugins/ssl/ssl-nss.c
Case
Sec_error_untrusted_issuer:
if (crt_dat->isroot) { *flags |= purple_certificate_self_signed; } else { *flags |= purple_certificate_ca_unknown; }
So my work was quite easy:add the unknown issuer processing with the same process with untrusted issuer.
Case
sec_error_unknown_issuer:
Case Sec_error_untrusted_issuer:
if (crt_dat->isroot) {
... 
After review again the latest source code in Pidgin's SCM, I found that this change is already integrated on to latest so Urce code 3 weeks ago. So it's hopeful that on next verison of pidgin, this problem is gone.


UPDATE 2015/04/11
As with latest version of Pidgin, 2.10.11 I still has the same problem.
I just performed a small hack:remove all certifications check.
Of course, it ' s dangerous with the mans in middle attack. But, for me, it's enough.
I put it into my Google site for anybody who doesnt want to build it.

Pidgin Download

Sipe plugin Download


In view of the above questions, check out the version of Pidgin 12.04 and 14.04

12.04:pidgin 2.10.3 (libpurple 2.10.3)

14.04:pidgin 2.10.9 (libpurple 2.10.9)

Decisively on the SourceForge (http://sourceforge.net/projects/pidgin/files/Pidgin/2.10.3/pidgin-2.10.3.tar.gz/download?use_ mirror=colocrossing&r=http%3a%2f%2fsourceforge.net%2fprojects%2fpidgin%2ffiles%2fpidgin%2f2.10.3%2f& USE_MIRROR=TCPDIAG) Download the pidgin2.10.3 version of the TAR package, and then compile, seemingly in the Configure when the dependency is quite many, according to each error prompt, the final configure command is as follows:

./configure--disable-screensaver--disable-gtkspell--disable-gstreamer--disable-vv--disable-idn-- Disable-meanwhile--disable-avahi--disable-nm--disable-perl--disable-tcl; make; sudo make install


It's OK.


Notice:

This time the pidgin are installed by default under/usr/loca/, not under the original/usr/

After the Ubuntu 12.04 upgrade to 14.04, the pidgin-sipe problem arises: trouble with the pidgin and self-signed SSL certificate

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.