[Bug 701640] [NEW] SSL certificate checks wrong address when server is set

Steve Nicolai 701640 at bugs.launchpad.net
Tue Jan 11 20:19:04 UTC 2011 

Public bug reported:

Binary package hint: empathy

I am using a Google Apps account.  The server I connect to is
talk.google.com, which uses an SSL certificate that has that name in it.

My login is foo at company.com.  When Empathy logs in I get an error
message:

This connection is untrusted.  Would you like to continue anyway?

The identity provided by the chat server cannot be verified.
The hostname verified by the certificate doesn't match the server name.
Expected hostname: company.com
Certificate hostname: talk.google.com

I believe empathy should not be using a portion of the login name for
certificate checking, but should be using the server name.

In the account settings -> Advanced -> Override server settings ->
server, I have talk.google.com set.  I would expect that this is what
the SSL certificate should be checking against.  I believe this worked
properly in Ubuntu 10.4 and is now broken in 10.10.

$ lsb_release -rd
Description:	Ubuntu 10.10
Release:	10.10

$ apt-cache policy empathy
empathy:
  Installed: 2.32.1-0ubuntu1
  Candidate: 2.32.1-0ubuntu1
  Version table:
 *** 2.32.1-0ubuntu1 0
        500 http://us.archive.ubuntu.com/ubuntu/ maverick-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     2.32.0-0ubuntu2 0
        500 http://us.archive.ubuntu.com/ubuntu/ maverick/main amd64 Packages

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: empathy 2.32.1-0ubuntu1
ProcVersionSignature: Ubuntu 2.6.35-24.42-generic 2.6.35.8
Uname: Linux 2.6.35-24-generic x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
Date: Tue Jan 11 13:31:28 2011
ExecutablePath: /usr/bin/empathy
InstallationMedia: Ubuntu 10.04.1 LTS "Lucid Lynx" - Release amd64 (20100816.1)
ProcEnviron:
 PATH=(custom, no user)
 LANG=en_US.utf8
 SHELL=/bin/bash
SourcePackage: empathy
XsessionErrors:
 (polkit-gnome-authentication-agent-1:1867): GLib-CRITICAL **: g_once_init_leave: assertion `initialization_value != 0' failed
 (nautilus:1859): GConf-CRITICAL **: gconf_value_free: assertion `value != NULL' failed
 (empathy:3601): Gtk-CRITICAL **: gtk_tree_model_filter_real_unref_node: assertion `elt->ref_count > 0' failed

** Affects: empathy (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug maverick

-- 
You received this bug notification because you are a member of
Telepathy, which is subscribed to empathy in ubuntu.
https://bugs.launchpad.net/bugs/701640

Title:
  SSL certificate checks wrong address when server is set

More information about the Ubuntu-telepathy mailing list