diff options
Diffstat (limited to 'network/w3m/patches/w3m-0.5.2-ssl_verify_server_on.patch')
-rw-r--r-- | network/w3m/patches/w3m-0.5.2-ssl_verify_server_on.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/network/w3m/patches/w3m-0.5.2-ssl_verify_server_on.patch b/network/w3m/patches/w3m-0.5.2-ssl_verify_server_on.patch new file mode 100644 index 0000000000..64319517fb --- /dev/null +++ b/network/w3m/patches/w3m-0.5.2-ssl_verify_server_on.patch @@ -0,0 +1,24 @@ +verify SSL certificates by default. SSL support really is pointless without doing that. +Also disable use of SSLv2 by default as it's insecure, deprecated, dead since last century. +Index: w3m-0.5.2/fm.h +=================================================================== +--- w3m-0.5.2.orig/fm.h ++++ w3m-0.5.2/fm.h +@@ -1120,7 +1120,7 @@ global int view_unseenobject init(TRUE); + #endif + + #if defined(USE_SSL) && defined(USE_SSL_VERIFY) +-global int ssl_verify_server init(FALSE); ++global int ssl_verify_server init(TRUE); + global char *ssl_cert_file init(NULL); + global char *ssl_key_file init(NULL); + global char *ssl_ca_path init(NULL); +@@ -1129,7 +1129,7 @@ global int ssl_path_modified init(FALSE) + #endif /* defined(USE_SSL) && + * defined(USE_SSL_VERIFY) */ + #ifdef USE_SSL +-global char *ssl_forbid_method init(NULL); ++global char *ssl_forbid_method init("2"); + #endif + + global int is_redisplay init(FALSE); |