Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • P python-nbxmpp
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 11
    • Issues 11
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 2
    • Merge requests 2
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Releases
  • Wiki
    • Wiki
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • gajim
  • python-nbxmpp
  • Issues
  • #15

Closed
Open
Created Jan 20, 2014 by fedor.brunner@fedor.brunner

Fails to verify SSL certificates

bug description

  1. create an account for a XMPP server with self-signed certificate. The has to be a new certificate which was not used for previous connections.
  2. try to connect to this XMPP server
  3. An confirmation window should be displayed "Error verifying SSL certificate". But this window is not displayed and connection proceeds without warning. This is a bug.

bug analysis

The _ssl_verify_callback is called twice for every certificate in certificate chain: First time with ok=0 and non-zero errnum. Second time then with ok=1 and zero errnum. The changeset 2d6e5d6949e854509c9a145cf97ab0fdf1d8ccce caused that self._owner.ssl_errnum was overwritten twice: first time with non-zero value and second time with zero.

The two calls of callback are correct and documented. See preverify_ok in SSL_CTX_set_verify

fix recommendation

Check the value of ok parameter in _ssl_verify_callback

Assignee
Assign to
Time tracking