slackbuilds_ponce/network/w3m/patches/w3m-0.5.2-ssl_verify_server_on.patch

25 lines
920 B
Diff
Raw Normal View History

verify SSL certificates by default. SSL support really is pointless without doing that.
Also disable use of SSLv2 by default as it's insecure, deprecated, dead since last century.
Index: w3m-0.5.2/fm.h
===================================================================
--- w3m-0.5.2.orig/fm.h
+++ w3m-0.5.2/fm.h
@@ -1120,7 +1120,7 @@ global int view_unseenobject init(TRUE);
#endif
#if defined(USE_SSL) && defined(USE_SSL_VERIFY)
-global int ssl_verify_server init(FALSE);
+global int ssl_verify_server init(TRUE);
global char *ssl_cert_file init(NULL);
global char *ssl_key_file init(NULL);
global char *ssl_ca_path init(NULL);
@@ -1129,7 +1129,7 @@ global int ssl_path_modified init(FALSE)
#endif /* defined(USE_SSL) &&
* defined(USE_SSL_VERIFY) */
#ifdef USE_SSL
-global char *ssl_forbid_method init(NULL);
+global char *ssl_forbid_method init("2");
#endif
global int is_redisplay init(FALSE);