Original Author: qulogic@pidgin.im
Date: 2009-07-11T06:46:21
Branch: im.pidgin.pidgin
Modified files:
libpurple/plugins/ssl/ssl-nss.c
ChangeLog:
Enable the weaker MD2 and MD4 with RSA encryption signing algorithms that
are now disabled in NSS 3.12.3. This allows signing in without errors on at
least MSN, and some XMPP servers.
============================================================
--- libpurple/plugins/ssl/ssl-nss.c 54d9228e9319318b825b3aa486075d372e8cc8aa
+++ libpurple/plugins/ssl/ssl-nss.c 5d35e88f8d79d3e07316c324c55c30cec67a1aad
@@ -152,6 +152,10 @@ ssl_nss_init_nss(void)
SSL_CipherPrefSetDefault(SSL_DHE_RSA_WITH_DES_CBC_SHA, 1);
SSL_CipherPrefSetDefault(SSL_DHE_DSS_WITH_DES_CBC_SHA, 1);
+ /* Enable some weaker algorithms for XMPP and MSN */
+ NSS_SetAlgorithmPolicy(SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NSS_USE_ALG_IN_CERT_SIGNATURE, 0);
+ NSS_SetAlgorithmPolicy(SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION, NSS_USE_ALG_IN_CERT_SIGNATURE, 0);
+
_identity = PR_GetUniqueIdentity("Purple");
_nss_methods = PR_GetDefaultIOMethods();
}