guix/gnu/packages/patches/w3m-force-ssl_verify_server-on.patch
Leo Famulari 62339e2d49 gnu: w3m: Enable SSL, disable broken protocols and ciphers.
Fixes <http://bugs.gnu.org/16791>.

* gnu/packages/patches/w3m-force-ssl_verify_server-on.patch: New file.
* gnu/packages/patches/w3m-disable-sslv2-and-sslv3.patch: New file.
* gnu/packages/patches/w3m-disable-weak-ciphers.patch: New file.
* gnu/packages/w3m.scm (w3m)[source]: Add patches.
* gnu-system.am (dist_patch_DATA): Add the new files.
2016-01-07 02:35:38 -05:00

24 lines
597 B
Diff

Subject: Force ssl_verify_server on.
By default, SSL/TLS certificates are not verified. This enables the
verification.
---
fm.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fm.h b/fm.h
index 8378939..320906c 100644
--- a/fm.h
+++ b/fm.h
@@ -1135,7 +1135,7 @@ global int view_unseenobject init(TRUE);
#endif
#if defined(USE_SSL) && defined(USE_SSL_VERIFY)
-global int ssl_verify_server init(FALSE);
+global int ssl_verify_server init(TRUE);
global char *ssl_cert_file init(NULL);
global char *ssl_key_file init(NULL);
global char *ssl_ca_path init(NULL);
--
2.6.4