From 080bafa3e66c5b494b3d0978d1b662518786dbbe Mon Sep 17 00:00:00 2001 From: Ondrej Vasik Date: Tue, 28 Apr 2009 14:10:10 +0000 Subject: [PATCH] enable certificate verification by default via configuration file(#495532) --- elinks.conf | 33 +++++++++++++++++++++++++++++++++ elinks.spec | 14 +++++++++++--- 2 files changed, 44 insertions(+), 3 deletions(-) create mode 100644 elinks.conf diff --git a/elinks.conf b/elinks.conf new file mode 100644 index 0000000..21da3e6 --- /dev/null +++ b/elinks.conf @@ -0,0 +1,33 @@ +## ELinks 0.12pre3 configuration file + +## This is ELinks configuration file. You can edit it manually, +## if you wish so; this file is edited by ELinks when you save +## options through UI, however only option values will be altered +## and missing options will be added at the end of file; if option +## is not written in this file, but in some file included from it, +## it is NOT counted as missing. Note that all your formatting, +## own comments and so on will be kept as-is. +## +## Obviously, if you don't like what ELinks is going to do with +## this file, you can change it by altering the config.saving_style +## option. Come on, aren't we friendly guys after all? + +## connection +# Connection options. + + ## connection.ssl + # SSL options. + + ## connection.ssl.cert_verify [0|1] + # Verify the peer's SSL certificate. + set connection.ssl.cert_verify = 1 + + ## connection.ssl.trusted_ca_file + # The location of a file containing certificates of trusted certification + # authorities in PEM format. ELinks then trusts certificates issued by + # these CAs. + # + # If you change this option or the file, you must restart ELinks for the + # changes to take effect. This option affects GnuTLS and nss_compat_ossl + # but not OpenSSL. + set connection.ssl.trusted_ca_file = "/etc/pki/tls/certs/ca-bundle.crt" diff --git a/elinks.spec b/elinks.spec index 3b88c8c..06e07b9 100644 --- a/elinks.spec +++ b/elinks.spec @@ -1,11 +1,12 @@ Name: elinks Summary: A text-mode Web browser Version: 0.12 -Release: 0.13.pre3%{?dist} +Release: 0.14.pre3%{?dist} License: GPLv2 URL: http://elinks.or.cz Group: Applications/Internet Source: http://elinks.or.cz/download/elinks-%{version}pre3.tar.bz2 +Source2: elinks.conf Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: automake @@ -80,6 +81,8 @@ make %{?_smp_mflags} rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT rm -f $RPM_BUILD_ROOT%{_datadir}/locale/locale.alias +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir} +install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/elinks.conf touch $RPM_BUILD_ROOT%{_bindir}/links touch $RPM_BUILD_ROOT%{_mandir}/man1/links.1.gz %find_lang elinks @@ -113,20 +116,25 @@ exit 0 rm -rf $RPM_BUILD_ROOT %files -f elinks.lang -%defattr(-,root,root) +%defattr(-,root,root,-) %doc README SITES TODO COPYING %ghost %verify(not md5 size mtime) %{_bindir}/links %{_bindir}/elinks %ghost %verify(not md5 size mtime) %{_mandir}/man1/links.1.gz +%config(noreplace) %{_sysconfdir}/elinks.conf %{_mandir}/man1/elinks.1* %{_mandir}/man5/* %changelog +* Tue Apr 28 2009 Ondrej Vasik 0.12-0.14.pre3 +- enable certificate verification by default via configuration + file(#495532) + * Tue Apr 28 2009 Kamil Dudka 0.12-0.13.pre3 - use appropriate BuildRequires for nss_compat_ossl (#495532) - support for trusted CA certificates loading from file in PEM format -* Fri Apr 03 2009 Ondrej Vasik 0.12.0.12.pre3 +* Fri Apr 03 2009 Ondrej Vasik 0.12-0.12.pre3 - use word Elinks instead of Links in package description * Mon Mar 30 2009 Ondrej Vasik 0.12-0.11.pre3