[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] gnu: lynx: Support HTTPS (SSL) connections
From: |
Efraim Flashner |
Subject: |
Re: [PATCH] gnu: lynx: Support HTTPS (SSL) connections |
Date: |
Sat, 19 Mar 2016 20:41:56 +0200 |
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Sat, Mar 19, 2016 at 06:29:12PM +0100, Tobias Geerinckx-Rice wrote:
> Leo,
>
> On 04/03/2016, Leo Famulari <address@hidden> wrote:
> > On Fri, Mar 04, 2016 at 03:37:46AM +0100, address@hidden
> > wrote:
> >> From: Tobias Geerinckx-Rice <address@hidden>
> >>
> >> * gnu/packages/lynx.scm (lynx)[inputs]: Add 'openssl'.
> >> [arguments]: Convert to list; add configure flag for SSL support.
>
> Scratch that.
>
> I assumed that since ‘--with-gnutls’ was already present (and detected
> by ./configure, and listed by ldd...), GnuTLS just wasn't enough to
> provide the full HTTPS experience and OpenSSL was required. I was
> wrong.
>
> > Also, what is role of gnutls once this patch is applied? Does lynx need
> > to refer to both gnutls and openssl?
>
> The actual solution is a bit silly. All that is actually needed to get
> `lynx https://google.com’ working again is:
>
> ---
> diff --git a/gnu/packages/lynx.scm b/gnu/packages/lynx.scm
> index 3182b3e..080fbb3 100644
> --- a/gnu/packages/lynx.scm
> +++ b/gnu/packages/lynx.scm
> @@ -57,7 +57,7 @@
> "--with-screen=ncurses"
> "--with-zlib"
> "--with-bzlib"
> - "--with-gnutls"
> + "--with-gnutls="
Is this supposed to be empty at the end? I would assume it would want
something like (string-append "--with-gnutls=" (assoc-ref %build-inputs
"gnutls")).
> ;; "--with-socks5" ; XXX TODO
> "--enable-widec"
> "--enable-ascii-ctypes"
> ---
>
> Yep.
>
> Is this unusual? Can't say I feel much enthusiasm to read/debug
> autoconf macros...
>
> > Can you say if you learned anything else... "interesting" about lynx and
> > https support?
> >
> > For example, a couple months ago I was reading our bug reports and saw
> > an old one about https support in w3m (another console browser). I dug a
> > little deeper and realized that https support was completely broken by
> > default. You can see the result in commit 62339e2d493bf87.
> >
> > So, do you know if lynx is still supporting broken ciphers and
> > protocols, or if there are other problems of that nature?
>
> My main motivation was to have access to HTTPS sites while working on
> my X-less GuixSD box, which works with the patch above. However:
>
> ~$ lynx https://www.ssllabs.com/ssltest/viewMyClient.html
> Looking up www.ssllabs.com
> Making HTTPS connection to www.ssllabs.com
> Retrying connection without TLS.
> Looking up www.ssllabs.com
> Making HTTPS connection to www.ssllabs.com
> Alert!: Unable to make secure connection to remote host.
>
> Not sure I want to dive into this mess.
>
> Kind regards,
>
> T G-R
>
Wouldn't fix lynx, but I can say that links is working fairly well for
me and I haven't been "locked out" of a non-https website.
--
Efraim Flashner <address@hidden> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
signature.asc
Description: PGP signature