[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#390071: kopete: doesn't validate some SSL-signed servers

Package: kopete
Version: 4:3.5.4-2
Severity: normal

I noticed this when connecting via jabber with SSL both on jabber.org
and my private server which both happen to have CACert-signed
certificates. At login time kopete announces that the CA is
invalid (without offering details, but that's a separate bug).

I have the ca-certificates package installed (with CACert's root
certificate) and I also imported it into kde (it shows up under control
center/security/crypto/ssl signers and I can navigate
https://www.cacert.org/ without warnings).

http://bugs.kde.org/show_bug.cgi?id=122146 suggests that KDE's chain of
trust should be enough, but apparently it's not. On the other hand older
SSL-related bugs in KDE's bugzilla sugests that it uses libpsi for
jabber. I had to jump to a different set of hoops to fix this issue
under psi ( added an xml under /usr/share/psi/certs ), however I haven't
found anything similar for kopete.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (800, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages kopete depends on:
ii  kdelibs4c2a                4:3.5.4-3     core libraries and binaries for al
ii  libacl1                    2.2.41-1      Access control list shared library
ii  libart-2.0-2               2.3.17-1      Library of functions for 2D graphi
ii  libattr1                   2.4.32-1      Extended attribute shared library
ii  libaudio2                  1.8-2         The Network Audio System (NAS). (s
ii  libc6                      2.3.6.ds1-4   GNU C Library: Shared libraries
ii  libfontconfig1             2.4.1-2       generic font configuration library
ii  libfreetype6               2.2.1-5       FreeType 2 font engine, shared lib
ii  libgadu3                   1:1.7~rc2-1   Gadu-Gadu protocol library - runti
ii  libgamin0 [libfam0]        0.1.7-4       Client library for the gamin file 
ii  libgcc1                    1:4.1.1-14    GCC support library
ii  libglib2.0-0               2.12.3-2      The GLib library of C routines
ii  libice6                    1:1.0.1-2     X11 Inter-Client Exchange library
ii  libidn11                   0.6.5-1       GNU libidn library, implementation
ii  libjpeg62                  6b-13         The Independent JPEG Group's JPEG 
ii  libmeanwhile1              1.0.2-2       open implementation of the Lotus S
ii  libpcre3                   6.7-1         Perl 5 Compatible Regular Expressi
ii  libpng12-0                 1.2.8rel-5.2  PNG library - runtime
ii  libqt3-mt                  3:3.3.6-4     Qt GUI Library (Threaded runtime v
ii  libsm6                     1:1.0.1-3     X11 Session Management library
ii  libstdc++6                 4.1.1-14      The GNU Standard C++ Library v3
ii  libx11-6                   2:1.0.0-9     X11 client-side library
ii  libxcursor1                1.1.7-4       X cursor management library
ii  libxext6                   1:1.0.1-2     X11 miscellaneous extension librar
ii  libxft2               FreeType-based font drawing librar
ii  libxi6                     1:1.0.1-3     X11 Input extension library
ii  libxinerama1               1:1.0.1-4.1   X11 Xinerama extension library
ii  libxml2                    2.6.26.dfsg-3 GNOME XML library
ii  libxrandr2                 2:   X11 RandR extension library
ii  libxrender1                1:0.9.1-3     X Rendering Extension client libra
ii  libxslt1.1                 1.1.17-4      XSLT processing library - runtime 
ii  libxss1                    1:1.0.1-4     X11 Screen Saver extension library
ii  libxt6                     1:1.0.2-2     X11 toolkit intrinsics library
ii  zlib1g                     1:1.2.3-13    compression library - runtime

Versions of packages kopete recommends:
ii  qca-tls                       1.0-3      TLS plugin for the Qt Cryptographi

-- no debconf information

Reply to: