copyleftie
/
gajim-plural
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

do not warn when tls cert changes for a valid one

This commit is contained in:
Yann Leboulanger 2016-04-02 14:06:20 +02:00
parent 41bd11fdee
commit 759cfc6336
2 changed files with 18 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/common/connection.py
View File

@ -1461,28 +1461,28 @@ class Connection(CommonConnection, ConnectionHandlers):
if saved_fingerprint_sha1: if saved_fingerprint_sha1:
# Check sha1 fingerprint # Check sha1 fingerprint
if fingerprint_sha1 != saved_fingerprint_sha1: if fingerprint_sha1 != saved_fingerprint_sha1:
gajim.nec.push_incoming_event(FingerprintErrorEvent(None, if not check_X509.check_certificate(cert, hostname):
conn=self, certificate=cert, gajim.nec.push_incoming_event(FingerprintErrorEvent(
new_fingerprint_sha1=fingerprint_sha1, None, conn=self, certificate=cert,
new_fingerprint_sha256=fingerprint_sha256)) new_fingerprint_sha1=fingerprint_sha1,
return True new_fingerprint_sha256=fingerprint_sha256))
else: return True
gajim.config.set_per('accounts', self.name, gajim.config.set_per('accounts', self.name, 'ssl_fingerprint_sha1',
'ssl_fingerprint_sha1', fingerprint_sha1) fingerprint_sha1)
saved_fingerprint_sha256 = gajim.config.get_per('accounts', self.name, saved_fingerprint_sha256 = gajim.config.get_per('accounts', self.name,
'ssl_fingerprint_sha256') 'ssl_fingerprint_sha256')
if saved_fingerprint_sha256: if saved_fingerprint_sha256:
# Check sha256 fingerprint # Check sha256 fingerprint
if fingerprint_sha256 != saved_fingerprint_sha256: if fingerprint_sha256 != saved_fingerprint_sha256:
gajim.nec.push_incoming_event(FingerprintErrorEvent(None, if not check_X509.check_certificate(cert, hostname):
conn=self, certificate=con.Connection.ssl_certificate, gajim.nec.push_incoming_event(FingerprintErrorEvent(
new_fingerprint_sha1=fingerprint_sha1, None, conn=self, certificate=cert,
new_fingerprint_sha256=fingerprint_sha256)) new_fingerprint_sha1=fingerprint_sha1,
return True new_fingerprint_sha256=fingerprint_sha256))
else: return True
gajim.config.set_per('accounts', self.name, gajim.config.set_per('accounts', self.name,
'ssl_fingerprint_sha256', fingerprint_sha256) 'ssl_fingerprint_sha256', fingerprint_sha256)
if not check_X509.check_certificate(cert, hostname) and \ if not check_X509.check_certificate(cert, hostname) and \
'100' not in gajim.config.get_per('accounts', self.name, '100' not in gajim.config.get_per('accounts', self.name,

3
src/gui_interface.py
View File

@ -1419,7 +1419,8 @@ class Interface:
pritext = _('SSL certificate error') pritext = _('SSL certificate error')
sectext = _('It seems the SSL certificate of account %(account)s has ' sectext = _('It seems the SSL certificate of account %(account)s has '
'changed or your connection is being hacked.\n\nOld SHA-1 fingerprint: ' 'changed and is not valid or your connection is being hacked.\n\n'
'Old SHA-1 fingerprint: '
'%(old_sha1)s\nOld SHA-256 fingerprint: %(old_sha256)s\n\n' '%(old_sha1)s\nOld SHA-256 fingerprint: %(old_sha256)s\n\n'
'New SHA-1 fingerprint: %(new_sha1)s\nNew SHA-256 fingerprint: ' 'New SHA-1 fingerprint: %(new_sha1)s\nNew SHA-256 fingerprint: '
'%(new_sha256)s\n\nDo you still want to connect ' '%(new_sha256)s\n\nDo you still want to connect '