576721 – Build --with-system-ssl-certs

Bug 576721 - Build --with-system-ssl-certs

Summary: Build --with-system-ssl-certs

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	pidgin
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Warren Togami
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-03-24 22:24 UTC by Christopher Aillon
Modified:	2010-05-24 19:48 UTC (History)
CC List:	5 users (show)
Fixed In Version:	pidgin-2.7.0-2.fc12
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-05-24 19:39:48 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Christopher Aillon 2010-03-24 22:24:16 UTC

I just noticed that pidgin (well, more specifically, libpurple) is shipping its own certs.  There is some overlap here as some root certs that we ship are duplicated between pidgin and ca-certifaces, and additionally, pidgin is shipping some certs that have been refused into NSS so far (such as CACert).

Also, noticed that there is an option to build --with-system-ssl-certs that we aren't using.  We should consolidate here if possible.

Comment 1 Stu Tomlinson 2010-03-25 13:40:13 UTC

Unfortunately pidgin (libpurple) doesn't support multiple certificates in one file (ala ca-bundle.crt), so we can't use --with-system-ssl-certs (yet).

Comment 2 Christopher Aillon 2010-03-26 21:01:13 UTC

Oh, that kinda throws a damper on this doesn't it?  :-)  Is there an upstream bug to track that?

Comment 3 Stu Tomlinson 2010-03-27 04:06:41 UTC

(In reply to comment #2)
> Oh, that kinda throws a damper on this doesn't it?  :-)  Is there an upstream
> bug to track that?    

No, not that I know of.

But it has been on my personal TODO list for far too long, and your report was enough for me to do something about that.

Assuming I didn't screw it up too bad, Pidgin 2.7.0 will support using Fedora style system CA certs (in a bundle). It required additional API, so can't be backported to 2.6.x without breaking upstream versioning rules.

Comment 4 Fedora Update System 2010-05-13 12:28:14 UTC

pidgin-2.7.0-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/pidgin-2.7.0-1.fc12

Comment 5 Fedora Update System 2010-05-13 12:28:28 UTC

pidgin-2.7.0-1.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/pidgin-2.7.0-1.fc13

Comment 6 Fedora Update System 2010-05-13 12:28:40 UTC

pidgin-2.7.0-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/pidgin-2.7.0-1.fc11

Comment 7 Fedora Update System 2010-05-13 19:29:21 UTC

pidgin-2.7.0-1.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update pidgin'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pidgin-2.7.0-1.fc13

Comment 8 Fedora Update System 2010-05-13 19:32:40 UTC

pidgin-2.7.0-1.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update pidgin'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pidgin-2.7.0-1.fc11

Comment 9 Fedora Update System 2010-05-13 19:32:56 UTC

pidgin-2.7.0-1.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update pidgin'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pidgin-2.7.0-1.fc12

Comment 10 Fedora Update System 2010-05-20 18:42:35 UTC

pidgin-2.7.0-2.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update pidgin'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pidgin-2.7.0-2.fc12

Comment 11 Fedora Update System 2010-05-20 18:45:45 UTC

pidgin-2.7.0-2.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update pidgin'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pidgin-2.7.0-2.fc13

Comment 12 Fedora Update System 2010-05-20 18:49:08 UTC

pidgin-2.7.0-2.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update pidgin'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pidgin-2.7.0-2.fc11

Comment 13 Fedora Update System 2010-05-24 19:39:16 UTC

pidgin-2.7.0-2.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2010-05-24 19:41:26 UTC

pidgin-2.7.0-2.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 15 Fedora Update System 2010-05-24 19:47:59 UTC

pidgin-2.7.0-2.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.