snapshot of project "lynx", label v2-8-8pre_2b

author: Thomas E. Dickey <dickey@invisible-island.net> 2014-01-11 17:34:51 -0500
committer: Thomas E. Dickey <dickey@invisible-island.net> 2014-01-11 17:34:51 -0500
commit: e65840377eb837c22bc8cb57af3e874888e75d25 (patch)
tree: 05811dc32f6eb1c5ff8fecc7a184a8ff7f3f3e6c /WWW/Library/Implementation
parent: 7c7d8c9582cea3ed0ff52f6e7d212fa85b3cd75f (diff)
download: lynx-snapshots-e65840377eb837c22bc8cb57af3e874888e75d25.tar.gz
2 files changed, 12 insertions, 6 deletions
diff --git a/WWW/Library/Implementation/HTTP.c b/WWW/Library/Implementation/HTTP.c
index b0ef1912..1527e5c2 100644
--- a/WWW/Library/Implementation/HTTP.c
+++ b/WWW/Library/Implementation/HTTP.c
@@ -1,5 +1,5 @@
 /*
- * $LynxId: HTTP.c,v 1.133 2013/11/28 11:15:11 tom Exp $
+ * $LynxId: HTTP.c,v 1.135 2014/01/11 16:52:29 tom Exp $
  *
  * HyperText Tranfer Protocol	- Client implementation		HTTP.c
  * ==========================
@@ -119,7 +119,13 @@ SSL *HTGetSSLHandle(void)
 #else
 	SSLeay_add_ssl_algorithms();
 	ssl_ctx = SSL_CTX_new(SSLv23_client_method());
-	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
+	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
+#ifdef SSL_OP_NO_COMPRESSION
+	SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
+#endif
+#ifdef SSL_MODE_RELEASE_BUFFERS
+	SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
 	SSL_CTX_set_default_verify_paths(ssl_ctx);
 	SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, HTSSLCallback);
 #endif /* SSLEAY_VERSION_NUMBER < 0x0800 */
@@ -887,7 +893,7 @@ static int HTLoadHTTP(const char *arg,
 	if (status_sslcertcheck < 2) {
 	    int i;
 	    size_t size;
-	    gnutls_x509_crt cert;
+	    gnutls_x509_crt_t cert;
 	    static char buf[2048];
 
 	    /* import the certificate to the x509_crt format */
diff --git a/WWW/Library/Implementation/tidy_tls.h b/WWW/Library/Implementation/tidy_tls.h
index 25564404..040ed305 100644
--- a/WWW/Library/Implementation/tidy_tls.h
+++ b/WWW/Library/Implementation/tidy_tls.h
@@ -1,6 +1,6 @@
 /*
- * $LynxId: tidy_tls.h,v 1.3 2011/05/11 10:53:36 tom Exp $
- * Copyright 2008,2011 Thomas E. Dickey
+ * $LynxId: tidy_tls.h,v 1.4 2014/01/11 17:09:33 tom Exp $
+ * Copyright 2008-2011,2014 Thomas E. Dickey
  */
 #ifndef TIDY_TLS_H
 #define TIDY_TLS_H
@@ -41,7 +41,7 @@ typedef struct _SSL SSL;
 typedef gnutls_datum_t X509;
 
 typedef struct {
-    gnutls_connection_end_t connend;
+    unsigned connend;
     struct {
 	int protocol[GNUTLS_MAX_ALGORITHM_NUM];
 	int encrypts[GNUTLS_MAX_ALGORITHM_NUM];
author	Thomas E. Dickey <dickey@invisible-island.net>	2014-01-11 17:34:51 -0500
committer	Thomas E. Dickey <dickey@invisible-island.net>	2014-01-11 17:34:51 -0500
commit	e65840377eb837c22bc8cb57af3e874888e75d25 (patch)
tree	05811dc32f6eb1c5ff8fecc7a184a8ff7f3f3e6c /WWW/Library/Implementation
parent	7c7d8c9582cea3ed0ff52f6e7d212fa85b3cd75f (diff)
download	lynx-snapshots-e65840377eb837c22bc8cb57af3e874888e75d25.tar.gz