diff options
| -rw-r--r-- | CHANGES | 7 | ||||
| -rw-r--r-- | PACKAGE/debian/changelog | 6 | ||||
| -rw-r--r-- | PACKAGE/lynx.spec | 4 | ||||
| -rw-r--r-- | WWW/Library/Implementation/HTTP.c | 11 |
4 files changed, 20 insertions, 8 deletions
diff --git a/CHANGES b/CHANGES index 5c887ba1..27499aa1 100644 --- a/CHANGES +++ b/CHANGES @@ -1,8 +1,13 @@ --- $LynxId: CHANGES,v 1.619 2012/08/22 09:56:16 tom Exp $ +-- $LynxId: CHANGES,v 1.620 2012/11/08 22:33:33 tom Exp $ =============================================================================== Changes since Lynx 2.8 release =============================================================================== +2012-11-08 (2.8.8dev.15) +* improve checking of certificates in the gnutls_certificate_verify_peers2() + by handling special case where self-signed certificates should be reported + (patch by Jamie Strandboge). + 2012-08-22 (2.8.8dev.14) * reset anchor's actual-length calculation at the end of pumpData() to handle scenario where this is used for internal data movement, i.e., for diff --git a/PACKAGE/debian/changelog b/PACKAGE/debian/changelog index 52cec81b..3e937ac5 100644 --- a/PACKAGE/debian/changelog +++ b/PACKAGE/debian/changelog @@ -1,3 +1,9 @@ +lynx-dev (2.8.8dev.15) unstable; urgency=high + + * changes for dev.15 + + -- Thomas E. Dickey <dickey@invisible-island.net> Thu, 08 Nov 2012 17:39:36 -0500 + lynx-dev (2.8.8dev.14) unstable; urgency=high * fix regresion in dev.13 diff --git a/PACKAGE/lynx.spec b/PACKAGE/lynx.spec index 9ed2fb6d..cbb06339 100644 --- a/PACKAGE/lynx.spec +++ b/PACKAGE/lynx.spec @@ -1,8 +1,8 @@ -# $LynxId: lynx.spec,v 1.14 2012/08/22 10:21:56 tom Exp $ +# $LynxId: lynx.spec,v 1.15 2012/11/08 22:39:38 tom Exp $ Summary: A text-based Web browser Name: lynx Version: 2.8.8 -Release: dev.14 +Release: dev.15 License: GPLv2 Group: Applications/Internet Source: lynx%{version}%{release}.tgz diff --git a/WWW/Library/Implementation/HTTP.c b/WWW/Library/Implementation/HTTP.c index f4577886..b265e11e 100644 --- a/WWW/Library/Implementation/HTTP.c +++ b/WWW/Library/Implementation/HTTP.c @@ -1,5 +1,5 @@ /* - * $LynxId: HTTP.c,v 1.124 2012/08/01 11:00:26 tom Exp $ + * $LynxId: HTTP.c,v 1.125 2012/11/08 09:37:42 Jamie.Strandboge Exp $ * * HyperText Tranfer Protocol - Client implementation HTTP.c * ========================== @@ -768,16 +768,17 @@ static int HTLoadHTTP(const char *arg, GNUTLS_VERIFY_DO_NOT_ALLOW_SAME | GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); ret = gnutls_certificate_verify_peers2(handle->gnutls_state, &tls_status); - if (ret < 0) { + if (ret < 0 || (ret == 0 && + tls_status & GNUTLS_CERT_SIGNER_NOT_FOUND)) { int flag_continue = 1; char *msg2; - if (tls_status & GNUTLS_CERT_SIGNER_NOT_FOUND) { + if (ret == 0 && tls_status & GNUTLS_CERT_SIGNER_NOT_FOUND) { + msg2 = gettext("self signed certificate"); + } else if (tls_status & GNUTLS_CERT_SIGNER_NOT_FOUND) { msg2 = gettext("no issuer was found"); } else if (tls_status & GNUTLS_CERT_SIGNER_NOT_CA) { msg2 = gettext("issuer is not a CA"); - } else if (tls_status & GNUTLS_CERT_SIGNER_NOT_FOUND) { - msg2 = gettext("the certificate has no known issuer"); } else if (tls_status & GNUTLS_CERT_REVOKED) { msg2 = gettext("the certificate has been revoked"); } else { |