[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Lynx-dev] lynx 2.8.9dev3 does not check certificate expiration
From: |
Thomas Dickey |
Subject: |
Re: [Lynx-dev] lynx 2.8.9dev3 does not check certificate expiration |
Date: |
Sun, 25 Jan 2015 15:53:10 -0500 |
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On Sat, Jan 24, 2015 at 04:26:35PM +0100, Andreas Metzler wrote:
> Hello,
>
> lynx 2.8.9dev3 (GnuTLS) invokes gnutls_certificate_verify_peers2() but
> does not use/check all error flags. e.g. certificate expiration is not
> checked. <https://bugs.debian.org/745835>. Find attached a patch
> against 2.8.9dev3 to change the respective code to simply check for
> /any/ error and use gnutls_certificate_verification_status_print() to
> print what exactly failed. This follows the example in upstream's
> documentation
> <http://www.gnutls.org/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support>.
thanks (I applied this)
--
Thomas E. Dickey <address@hidden>
http://invisible-island.net
ftp://invisible-island.net
signature.asc
Description: Digital signature