rpms/elinks/devel elinks-nss-inc.patch, 1.1, 1.2 elinks.conf, 1.1, 1.2 elinks.spec, 1.72, 1.73
Kamil Dudka
kdudka at fedoraproject.org
Wed Apr 29 11:32:25 UTC 2009
- Previous message: rpms/parrot/F-11 import.log, NONE, 1.1 parrot-1.0.0-rpath-removal.patch, NONE, 1.1 parrot-install_files.patch, NONE, 1.1 parrot.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/libsqlite3x/F-10 libsqlite3x.spec,1.1,1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kdudka
Update of /cvs/extras/rpms/elinks/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12794
Modified Files:
elinks-nss-inc.patch elinks.conf elinks.spec
Log Message:
try to load default NSS root certificates if the configuration option
connection.ssl.trusted_ca_file is set to an empty string (#497788)
elinks-nss-inc.patch:
Index: elinks-nss-inc.patch
===================================================================
RCS file: /cvs/extras/rpms/elinks/devel/elinks-nss-inc.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- elinks-nss-inc.patch 28 Apr 2009 11:46:48 -0000 1.1
+++ elinks-nss-inc.patch 29 Apr 2009 11:32:23 -0000 1.2
@@ -1,7 +1,7 @@
diff -ruNp elinks-0.12pre3.orig/src/network/ssl/ssl.c elinks-0.12pre3/src/network/ssl/ssl.c
---- elinks-0.12pre3.orig/src/network/ssl/ssl.c 2009-04-28 13:12:19.365660000 +0200
-+++ elinks-0.12pre3/src/network/ssl/ssl.c 2009-04-28 13:26:39.287600358 +0200
-@@ -48,10 +48,16 @@ SSL_CTX *context = NULL;
+--- elinks-0.12pre3.orig/src/network/ssl/ssl.c 2009-04-29 12:48:26.250878000 +0200
++++ elinks-0.12pre3/src/network/ssl/ssl.c 2009-04-29 13:03:51.318746893 +0200
+@@ -48,10 +48,20 @@ SSL_CTX *context = NULL;
static void
init_openssl(struct module *module)
{
@@ -11,14 +11,18 @@ diff -ruNp elinks-0.12pre3.orig/src/netw
SSL_CTX_set_options(context, SSL_OP_ALL);
+#ifdef CONFIG_NSS_COMPAT_OSSL
+ ca_file = get_opt_str("connection.ssl.trusted_ca_file");
-+ SSL_CTX_load_verify_locations(context, ca_file, NULL);
++ if (*ca_file)
++ SSL_CTX_load_verify_locations(context, ca_file, NULL);
++ else
++ SSL_CTX_set_default_verify_paths(context);
+#else
++ (void) ca_file;
SSL_CTX_set_default_verify_paths(context);
+#endif
}
static void
-@@ -61,10 +67,27 @@ done_openssl(struct module *module)
+@@ -61,10 +71,30 @@ done_openssl(struct module *module)
}
static struct option_info openssl_options[] = {
@@ -33,6 +37,9 @@ diff -ruNp elinks-0.12pre3.orig/src/netw
+ "trusted certification authorities in PEM format. "
+ "ELinks then trusts certificates issued by these CAs.\n"
+ "\n"
++ "If you set this option to an empty string, default NSS root"
++ "certificates are loaded.\n"
++ "\n"
+ "If you change this option or the file, you must "
+ "restart ELinks for the changes to take effect. "
+ "This option affects GnuTLS and nss_compat_ossl but not "
@@ -46,7 +53,7 @@ diff -ruNp elinks-0.12pre3.orig/src/netw
INIT_OPT_TREE("connection.ssl", N_("Client Certificates"),
"client_cert", OPT_SORT,
-@@ -187,7 +210,8 @@ static struct option_info gnutls_options
+@@ -187,7 +217,8 @@ static struct option_info gnutls_options
"\n"
"If you change this option or the file, you must "
"restart ELinks for the changes to take effect. "
Index: elinks.conf
===================================================================
RCS file: /cvs/extras/rpms/elinks/devel/elinks.conf,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- elinks.conf 28 Apr 2009 14:10:10 -0000 1.1
+++ elinks.conf 29 Apr 2009 11:32:23 -0000 1.2
@@ -1,16 +1,9 @@
## ELinks 0.12pre3 configuration file
-## This is ELinks configuration file. You can edit it manually,
-## if you wish so; this file is edited by ELinks when you save
-## options through UI, however only option values will be altered
-## and missing options will be added at the end of file; if option
-## is not written in this file, but in some file included from it,
-## it is NOT counted as missing. Note that all your formatting,
-## own comments and so on will be kept as-is.
-##
-## Obviously, if you don't like what ELinks is going to do with
-## this file, you can change it by altering the config.saving_style
-## option. Come on, aren't we friendly guys after all?
+## This is ELinks global configuration file. You can keep global ELinks
+## configuration here. Each user can also save its own ELinks configuration
+## to ~/.elinks/elinks.conf. The per user configuration file can be edited
+## by ELinks when you save options through UI.
## connection
# Connection options.
@@ -27,6 +20,9 @@
# authorities in PEM format. ELinks then trusts certificates issued by
# these CAs.
#
+ # If you set this option to an empty string, default NSS root certificates
+ # are loaded.
+ #
# If you change this option or the file, you must restart ELinks for the
# changes to take effect. This option affects GnuTLS and nss_compat_ossl
# but not OpenSSL.
Index: elinks.spec
===================================================================
RCS file: /cvs/extras/rpms/elinks/devel/elinks.spec,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -p -r1.72 -r1.73
--- elinks.spec 28 Apr 2009 14:10:10 -0000 1.72
+++ elinks.spec 29 Apr 2009 11:32:23 -0000 1.73
@@ -1,7 +1,7 @@
Name: elinks
Summary: A text-mode Web browser
Version: 0.12
-Release: 0.14.pre3%{?dist}
+Release: 0.15.pre3%{?dist}
License: GPLv2
URL: http://elinks.or.cz
Group: Applications/Internet
@@ -126,6 +126,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man5/*
%changelog
+* Wed Apr 29 2009 Kamil Dudka <kdudka at redhat.com> 0.12-0.15.pre3
+- try to load default NSS root certificates if the configuration option
+ connection.ssl.trusted_ca_file is set to an empty string (#497788)
+
* Tue Apr 28 2009 Ondrej Vasik <ovasik at redhat.com> 0.12-0.14.pre3
- enable certificate verification by default via configuration
file(#495532)
- Previous message: rpms/parrot/F-11 import.log, NONE, 1.1 parrot-1.0.0-rpath-removal.patch, NONE, 1.1 parrot-install_files.patch, NONE, 1.1 parrot.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/libsqlite3x/F-10 libsqlite3x.spec,1.1,1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list