summaryrefslogtreecommitdiff
path: root/network/elinks/patches/0004-ssl_cert_verify.patch
diff options
context:
space:
mode:
Diffstat (limited to 'network/elinks/patches/0004-ssl_cert_verify.patch')
-rw-r--r--network/elinks/patches/0004-ssl_cert_verify.patch8
1 files changed, 3 insertions, 5 deletions
diff --git a/network/elinks/patches/0004-ssl_cert_verify.patch b/network/elinks/patches/0004-ssl_cert_verify.patch
index 0cb51242f7..3b56e1ae40 100644
--- a/network/elinks/patches/0004-ssl_cert_verify.patch
+++ b/network/elinks/patches/0004-ssl_cert_verify.patch
@@ -1,9 +1,7 @@
##############################################################################
-# elinks does not verify ssl host names with openssl
-# This is a modifed version of the patch here that fixes that issue:
+# Verify SSL host names with OpenSSL.
+# Turn on verification by default.
# http://lists.linuxfromscratch.org/pipermail/elinks-dev/2015-June/002099.html
-# This patch turns on verification by default, and differentiates
-# between host verification fail and normal SSL errors, but more needs doing.
# dave@slackbuilds.org
##############################################################################
--- a/configure.in 2017-12-21 15:58:12.470247050 +0000
@@ -75,7 +73,7 @@ diff -Naur a/src/network/ssl/socket.c b/src/network/ssl/socket.c
default:
socket->no_tls = !socket->no_tls;
- socket->ops->retry(socket, connection_state(S_SSL_ERROR));
-+ if (SSL_VERIFY_FAIL_IF_NO_PEER_CERT != NULL)
++ if (SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
+ socket->ops->retry(socket, connection_state(S_SSL_CERTFAIL));
+ else
+ socket->ops->retry(socket, connection_state(S_SSL_ERROR));
generated by cgit v1.2.3 (git 2.26.2) at 2024-09-20 05:39:25 +0000