[arch-commits] Commit in elinks/trunk (2 files)

Alad Wenter alad at archlinux.org
Sun Jan 6 18:34:56 UTC 2019 

    Date: Sunday, January 6, 2019 @ 18:34:56
  Author: alad
Revision: 420729

upgpkg: elinks 0.13-21

fix FS#57747: does not verify the authenticity of SSL certificates

Added:
  elinks/trunk/0001-enable-SSL-verification-by-default.patch
Modified:
  elinks/trunk/PKGBUILD

-----------------------------------------------+
 0001-enable-SSL-verification-by-default.patch |   40 ++++++++++++++++++++++++
 PKGBUILD                                      |   13 ++++++-
 2 files changed, 50 insertions(+), 3 deletions(-)

Added: 0001-enable-SSL-verification-by-default.patch
===================================================================
--- 0001-enable-SSL-verification-by-default.patch	                        (rev 0)
+++ 0001-enable-SSL-verification-by-default.patch	2019-01-06 18:34:56 UTC (rev 420729)
@@ -0,0 +1,40 @@
+From f96265f5141944e559aae2e6df6c9594b335e9e2 Mon Sep 17 00:00:00 2001
+From: Alad Wenter <alad at archlinux.org>
+Date: Sun, 6 Jan 2019 18:52:09 +0100
+Subject: [PATCH] enable SSL verification by default
+
+FS#57747
+---
+ doc/man/man5/elinks.conf.5 | 2 +-
+ src/network/ssl/ssl.c      | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/doc/man/man5/elinks.conf.5 b/doc/man/man5/elinks.conf.5
+index f6c54d44..a708e1c7 100644
+--- a/doc/man/man5/elinks.conf.5
++++ b/doc/man/man5/elinks.conf.5
+@@ -199,7 +199,7 @@ Timeout for non\-restartable connections (in seconds)\&.
+ .SS "connection\&.ssl (SSL)"
+ SSL options\&.
+ .PP
+-connection\&.ssl\&.cert_verify \fB[0|1]\fR (default: 0)
++connection\&.ssl\&.cert_verify \fB[0|1]\fR (default: 1)
+ .RS 4
+ Verify the peer\'s SSL certificate\&. Note that this needs extensive configuration of OpenSSL by the user\&.
+ .RE
+diff --git a/src/network/ssl/ssl.c b/src/network/ssl/ssl.c
+index 5ed57543..c2683e01 100644
+--- a/src/network/ssl/ssl.c
++++ b/src/network/ssl/ssl.c
+@@ -114,7 +114,7 @@ done_openssl(struct module *module)
+ 
+ static union option_info openssl_options[] = {
+ 	INIT_OPT_BOOL("connection.ssl", N_("Verify certificates"),
+-		"cert_verify", 0, 0,
++		"cert_verify", 0, 1,
+ 		N_("Verify the peer's SSL certificate. Note that this "
+ 		"needs extensive configuration of OpenSSL by the user.")),
+ 
+-- 
+2.20.1
+

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2019-01-06 17:20:14 UTC (rev 420728)
+++ PKGBUILD	2019-01-06 18:34:56 UTC (rev 420729)
@@ -8,7 +8,7 @@
 pkgver=0.13
 _commit="25c2850b597ee9a89bda8920e7f3d65ac3ac7e01"
 # 2017-03-06 gcc6
-pkgrel=20
+pkgrel=21
 pkgdesc="An advanced and well-established feature-rich text mode web browser."
 arch=("x86_64")
 url="http://elinks.or.cz"
@@ -16,12 +16,19 @@
 depends=('bzip2' 'expat>=2.0' 'gpm>=1.20.4' 'openssl' 'lua51' 'libidn'
 	 'gc' 'tre' 'zlib')
 makedepends=('git')
-source=("git+http://elinks.cz/elinks.git#commit=$_commit")
-md5sums=('SKIP')
+source=("git+https://repo.or.cz/elinks.git#commit=$_commit"
+	"0001-enable-SSL-verification-by-default.patch")
+md5sums=('SKIP'
+         '0bdeaeed54d24415db9b59d9fdcf03f9')
 
 # todo: make it work with a modern 'js' package
 # (upstream has no interest in writing that)
 
+prepare() {
+  cd elinks
+  patch -p1 < "$srcdir"/0001-enable-SSL-verification-by-default.patch
+}
+ 
 build() {
   cd elinks
   sed -i 's/Terminal=1/Terminal=true/' "contrib/debian/$pkgname.desktop"

More information about the arch-commits mailing list