diff options
Diffstat (limited to 'network/elinks/patches/0004-ssl_cert_verify.patch')
-rw-r--r-- | network/elinks/patches/0004-ssl_cert_verify.patch | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/network/elinks/patches/0004-ssl_cert_verify.patch b/network/elinks/patches/0004-ssl_cert_verify.patch index 0cb51242f7..3b56e1ae40 100644 --- a/network/elinks/patches/0004-ssl_cert_verify.patch +++ b/network/elinks/patches/0004-ssl_cert_verify.patch @@ -1,9 +1,7 @@ ############################################################################## -# elinks does not verify ssl host names with openssl -# This is a modifed version of the patch here that fixes that issue: +# Verify SSL host names with OpenSSL. +# Turn on verification by default. # http://lists.linuxfromscratch.org/pipermail/elinks-dev/2015-June/002099.html -# This patch turns on verification by default, and differentiates -# between host verification fail and normal SSL errors, but more needs doing. # dave@slackbuilds.org ############################################################################## --- a/configure.in 2017-12-21 15:58:12.470247050 +0000 @@ -75,7 +73,7 @@ diff -Naur a/src/network/ssl/socket.c b/src/network/ssl/socket.c default: socket->no_tls = !socket->no_tls; - socket->ops->retry(socket, connection_state(S_SSL_ERROR)); -+ if (SSL_VERIFY_FAIL_IF_NO_PEER_CERT != NULL) ++ if (SSL_VERIFY_FAIL_IF_NO_PEER_CERT) + socket->ops->retry(socket, connection_state(S_SSL_CERTFAIL)); + else + socket->ops->retry(socket, connection_state(S_SSL_ERROR)); |