[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Lynx-dev] patch for using GnuTLS (was: Compiling MingW lynx under Cygwi

From: patakuti
Subject: [Lynx-dev] patch for using GnuTLS (was: Compiling MingW lynx under Cygwin)
Date: Sun, 27 Aug 2006 19:28:50 +0900 (JST)

On Sun, 13 Aug 2006, I wrote:

> On Sat, 12 Aug 2006, address@hidden wrote:
> > OpenSSL uses the environment variable SSL_CERT_FILE to indicate where
> > the collection of trusted certificates resides. How does GnuTLS find the
> > file if it isn't in the default location which was compiled in?
> I don't know well but I suspect that Lynx with GnuTLS doesn't refer
> the certificate files because it doesn't show any warnings to the site
> which has self-signed certificate.
> If it's true, the binary with GnuTLS is inferior to the one with OpenSSL
> on this point.

I wrote a patch to improve this point.
After applying this patch, Lynx with GnuTLS verify the server's
certificate.  Note that users must set the environment variable
SSL_CERT_FILE to verify properly.

I also tried the patch which is posted by Thorsten Glaser on 5 Jul
against DN format probrem.  It suppressed the unexpected message for
normal https sites as far as I tested Lynx with GnuTLS.  Unfortunately
I couldn't test abnormal https sites, which doesn't have CN, because I
don't know their URLs.
Takeshi Hataguchi
E-mail: address@hidden

Attachment: lynx.patch_for_286dev18-4
Description: Binary data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]