Once again, I run into trouble when upgrading my LinuxMint.



In last few days, my Linux mint notifies me that lots of packages need to be upgraded. As I'm using an LTS version, I agreed to download and upgrade all packages, which includes pidgin. Pidgin was upgraded to version 2.10.9



Unfortunately, afterward, I cannot use pidgin with Office Communicator plugin to log in my corporation's Lync server. Lync always tells me it cannot validate the certificate from the server.

It's normal, because my lync server uses a self-signed certificate. But in the past, pidgin allow me to connect with a warning only, but now it denies me.



Lots of googling does not help me. Tried to install a newer version 2.10.10 also does not help me to resolve problem. It's terrible for me, because most of communication in my company use Lync, and I dont want to get back to Windows world, just because of pidgin.



Fortunately, pidgin, like most of application in Linux world, is open source. So I tried to download the source code of pidgin, tried to compile it. The self-compile package for 2.10.10 also not help me to resolve the problem, so I perform some review on the
source. IT's not really easy for me, as I never wrote any C++ program on Linux before.  Finally after half days, I found that from pidgin 2.10.9, they re-designed the NSS-SSL plugin which used as the infrastructure for SSL connection , but they forget to add
the code to process unknown CA provider. They processed the untrusted issuer, but not unknown issuer (my case, for the self-signed certificate).



in /libpurple/plugins/ssl/ssl-nss.c

case SEC_ERROR_UNTRUSTED_ISSUER:

if (crt_dat->isRoot) {
*flags |= PURPLE_CERTIFICATE_SELF_SIGNED;
} else {
*flags |= PURPLE_CERTIFICATE_CA_UNKNOWN;
}

So my work is quite easy: Add the unknown issuer processing with the same process with untrusted issuer.

case SEC_ERROR_UNKNOWN_ISSUER:

case SEC_ERROR_UNTRUSTED_ISSUER:

if (crt_dat->isRoot) {

...

After review again the latest source code in pidgin 's SCM, I found that this change is already integrated in to latest source code 3 weeks ago. So it's hopeful that in next verison of pidgin, this problem is gone.





UPDATE 2015/04/11

As with latest version of pidgin, 2.10.11 I still have the same problem.

I just performed a small hack: remove all certifications check.

Of course, it's dangerous with the Man in middle attack. But, for me, it's enough.

I put it into my google site for anybody who doesnt want to build it.



Pidgin Download

Sipe plugin download

鉴于以上的问题。查看了一下12.04和14.04的pidgin的版本号

12.04:Pidgin 2.10.3 (libpurple 2.10.3)

14.04: Pidgin 2.10.9 (libpurple 2.10.9)

果断上sourceforge上(http://sourceforge.net/projects/pidgin/files/Pidgin/2.10.3/pidgin-2.10.3.tar.gz/download?use_mirror=colocrossing&r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fpidgin%2Ffiles%2FPidgin%2F2.10.3%2F&use_mirror=tcpdiag)下载pidgin2.10.3版本号的tar包。然后再编译。貌似在configure的时候依赖挺多。依照每次出错的提示,最后的configure命令例如以下:

./configure --disable-screensaver --disable-gtkspell --disable-gstreamer --disable-vv --disable-idn --disable-meanwhile --disable-avahi --disable-nm --disable-perl --disable-tcl。 make; sudo make install

OK了。

Notice:

这个时候的pidgin都默认安装在/usr/loca/下,而不是在原先的/usr/下

Ubuntu 12.04 升级到14.04之后,pidgin-sipe 出现的问题: Trouble with the pidgin and self-signed SSL certificate的更多相关文章

  1. 制作U盘启动盘将Ubuntu 12.04升级为14.04的方法

    1 介绍 在周六的下午,我决定想高速浏览一下书籍[1].看看这个关于Ubuntu的圣经到底在讲什么东东. 感觉讲的不错,当我看到介绍文件标记语言-TeX和LaTeX的时候,该书作者推荐在Ubuntu上 ...

  2. Ubuntu 14.04 升级到 Ubuntu16.04

    Ubuntu 14.04 升级到 Ubuntu16.04 1). 更改source.list 源 (24条消息) Ubuntu16.04 source.list更改源_dylan的博客-CSDN博客_ ...

  3. Thinkpad W520 + Ubuntu 12.04LTS, 13.10, 14.04LTS安装Nvidia显卡驱动设置

    Thinkpad W520 + Ubuntu 12.04LTS, 13.10, 14.04LTS安装Nvidia显卡驱动设置 http://henzhai.com/tech/2012/07/w520- ...

  4. Ubuntu14.04升级到Ubuntu16.04

    Ubuntu14.04升级到Ubuntu16.04 1.查看目前版本 lsb_release -a 2.执行更新命令 apt-get update && apt-get dist-up ...

  5. ubuntu 14.04 升级到 16.04 问题总结

    1. 需要的依赖关系未安装 The required dependency 'apt (>= 1.0.1ubuntu2.13)' is not installed. http://forum.u ...

  6. Ubuntu升级到14.04

    公司网络实在太翔了,搞了一天最终成功把ubuntu从13.10升级到了14.10,中间也越到了非常多问题,记录下来,以备參考. 13.10的时候想体验一把搜狗输入法,结果因为fcitx版本号太低,用了 ...

  7. ubuntu升级到14.04后终端显示重叠

    系统升级后,发现这个问题非常不爽,问题不大,但有时候找不到解决方法,让人纠结好久.解决方法例如以下: 编辑->配置文件首选项->常规-> monospace 改为ubuntu mon ...

  8. ubuntu 14.04 升级到18.04

    http://www.360doc.com/content/18/0929/09/35082563_790606785.shtml

  9. Linux包系列的知识(附:Ubuntu16.04升级到18.04的案例)

    Linux基础:https://www.cnblogs.com/dunitian/p/4822808.html#linux 之前看到朋友还动不动 apt-get update upgrade,就很纳闷 ...

随机推荐

  1. Codeforces Round #230 (Div. 2) C Blocked Points

    题目链接 题意 : 给你一个半径为n的圆,圆里边还有圆上都有很多整点,让你找出与圆外的任意一个整点距离等于1的点. 思路 :这个题可以用枚举,画个图就发现了,比如说先数第一象限的,往下往右找,还可以找 ...

  2. HTTP Header 入门详解

    什么是HTTP Headers HTTP是"Hypertext Transfer Protocol"的所写,整个www都在使用这种协定,几乎你在流览器里看到的大部分内容都是通过ht ...

  3. SQLite入门与分析(八)---存储模型(1)

    写在前面:SQLite作为嵌入式数据库,通常针对的应用的数据量相对于通常DBMS的数据量是较小的.所以它的存储模型设计得非常简单,总的来说,SQLite把一个数据文件分成若干大小相等的页面,然后以B树 ...

  4. SPRING IN ACTION 第4版笔记-第三章ADVANCING WIRING-009-用SPEL给bean运行时注入依赖值

    1.When injecting properties and constructor arguments on beans that are created via component-scanni ...

  5. !!对python列表学习整理列表及数组详细介绍

    1.Python的数组分三种类型:(详细见 http://blog.sina.com.cn/s/blog_6b783cbd0100q2ba.html) (1) list 普通的链表,初始化后可以通过特 ...

  6. 【HDOJ】1230 火星A+B

    个人觉得这道题没那么水,wa了几次,才发现自己居然没有给srcb数组reset,打错了.搞死啊. #include <stdio.h> #include <string.h> ...

  7. BZOJ_1821_[JSOI2010]_部落划分_(贪心,并查集)

    描述 http://www.lydsy.com/JudgeOnline/problem.php?id=1821 给出n个点的坐标,将n个点划分成k个部分,使得每个部分之间最小的距离最大. 分析 每两个 ...

  8. 【转】Ubuntu安装基础教程

    原文网址:http://teliute.org/linux/Ubsetup/lesson23/lesson23.html 二十三.安装Ubuntu14.04 返回目录 下一课 14.04 版安装与前面 ...

  9. C# GC.Collect()

    用C#写了一个运用ICE组件进行接口通信的服务程序,程序运行很正常,可是在客户端调用ICE接口时出现了大量的数据丢失,而且偶尔还通信不上,服务端最明显的现象就是telnet服务的通信端口时不通(cmd ...

  10. Android开发视频学习(1)

    S01E02_搭建Android开发环境 设置ANDROID_SDK_HOME环境变量,用于指定Android模拟器的目录,官方文档没有说要设置. S01E03_Android创世纪 Android根 ...