[arch-commits] Commit in elinks/trunk (2 files)
Alad Wenter
alad at archlinux.org
Sun Jan 6 18:34:56 UTC 2019
Date: Sunday, January 6, 2019 @ 18:34:56
Author: alad
Revision: 420729
upgpkg: elinks 0.13-21
fix FS#57747: does not verify the authenticity of SSL certificates
Added:
elinks/trunk/0001-enable-SSL-verification-by-default.patch
Modified:
elinks/trunk/PKGBUILD
-----------------------------------------------+
0001-enable-SSL-verification-by-default.patch | 40 ++++++++++++++++++++++++
PKGBUILD | 13 ++++++-
2 files changed, 50 insertions(+), 3 deletions(-)
Added: 0001-enable-SSL-verification-by-default.patch
===================================================================
--- 0001-enable-SSL-verification-by-default.patch (rev 0)
+++ 0001-enable-SSL-verification-by-default.patch 2019-01-06 18:34:56 UTC (rev 420729)
@@ -0,0 +1,40 @@
+From f96265f5141944e559aae2e6df6c9594b335e9e2 Mon Sep 17 00:00:00 2001
+From: Alad Wenter <alad at archlinux.org>
+Date: Sun, 6 Jan 2019 18:52:09 +0100
+Subject: [PATCH] enable SSL verification by default
+
+FS#57747
+---
+ doc/man/man5/elinks.conf.5 | 2 +-
+ src/network/ssl/ssl.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/doc/man/man5/elinks.conf.5 b/doc/man/man5/elinks.conf.5
+index f6c54d44..a708e1c7 100644
+--- a/doc/man/man5/elinks.conf.5
++++ b/doc/man/man5/elinks.conf.5
+@@ -199,7 +199,7 @@ Timeout for non\-restartable connections (in seconds)\&.
+ .SS "connection\&.ssl (SSL)"
+ SSL options\&.
+ .PP
+-connection\&.ssl\&.cert_verify \fB[0|1]\fR (default: 0)
++connection\&.ssl\&.cert_verify \fB[0|1]\fR (default: 1)
+ .RS 4
+ Verify the peer\'s SSL certificate\&. Note that this needs extensive configuration of OpenSSL by the user\&.
+ .RE
+diff --git a/src/network/ssl/ssl.c b/src/network/ssl/ssl.c
+index 5ed57543..c2683e01 100644
+--- a/src/network/ssl/ssl.c
++++ b/src/network/ssl/ssl.c
+@@ -114,7 +114,7 @@ done_openssl(struct module *module)
+
+ static union option_info openssl_options[] = {
+ INIT_OPT_BOOL("connection.ssl", N_("Verify certificates"),
+- "cert_verify", 0, 0,
++ "cert_verify", 0, 1,
+ N_("Verify the peer's SSL certificate. Note that this "
+ "needs extensive configuration of OpenSSL by the user.")),
+
+--
+2.20.1
+
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2019-01-06 17:20:14 UTC (rev 420728)
+++ PKGBUILD 2019-01-06 18:34:56 UTC (rev 420729)
@@ -8,7 +8,7 @@
pkgver=0.13
_commit="25c2850b597ee9a89bda8920e7f3d65ac3ac7e01"
# 2017-03-06 gcc6
-pkgrel=20
+pkgrel=21
pkgdesc="An advanced and well-established feature-rich text mode web browser."
arch=("x86_64")
url="http://elinks.or.cz"
@@ -16,12 +16,19 @@
depends=('bzip2' 'expat>=2.0' 'gpm>=1.20.4' 'openssl' 'lua51' 'libidn'
'gc' 'tre' 'zlib')
makedepends=('git')
-source=("git+http://elinks.cz/elinks.git#commit=$_commit")
-md5sums=('SKIP')
+source=("git+https://repo.or.cz/elinks.git#commit=$_commit"
+ "0001-enable-SSL-verification-by-default.patch")
+md5sums=('SKIP'
+ '0bdeaeed54d24415db9b59d9fdcf03f9')
# todo: make it work with a modern 'js' package
# (upstream has no interest in writing that)
+prepare() {
+ cd elinks
+ patch -p1 < "$srcdir"/0001-enable-SSL-verification-by-default.patch
+}
+
build() {
cd elinks
sed -i 's/Terminal=1/Terminal=true/' "contrib/debian/$pkgname.desktop"
More information about the arch-commits
mailing list