Re: [libgadu-devel] How to Report a Security Bug in libgadu

2013-06-13 Thread Radhesh Krishnan K
I think first option is better than the second one as it covers both possibilities. It gives the user an option to specify a CA trust store file to use and if not mentioned we can use the default. On Thu, Jun 13, 2013 at 4:08 AM, Bartosz Brachaczek b.brachac...@gmail.comwrote: 2013/6/12 Wojtek

Re: [libgadu-devel] How to Report a Security Bug in libgadu

2013-06-13 Thread Wojtek Kaniewski
2013/6/13 Bartosz Brachaczek b.brachac...@gmail.com 2013/6/12 Wojtek Kaniewski wojte...@toxygen.net: As Bartosz wrote the code for GnuTLS will be more complicated, so it may take some time. Do you have any plan for it? (...) I plan to copy and paste a part of GnuTLS' configure.ac. Take a

Re: [libgadu-devel] How to Report a Security Bug in libgadu

2013-06-13 Thread Bartosz Brachaczek
2013/6/13 Wojtek Kaniewski wojte...@toxygen.net: I plan to copy and paste a part of GnuTLS' configure.ac. Take a look at https://gitorious.org/gnutls/gnutls/blobs/c59329a089a9ed108692066de95f533f482b5422/configure.ac line 377. And if we detect GnuTLS 3.x we'll use appropriate function. Are you