Fix a security issue -- links would not verify SSL and TLS certificates, rendering SSL support practically useless. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510417 Lubomir Rintel <lkundrak@v3.sk> diff -up links-2.2/connect.c.ssl-verify links-2.2/connect.c --- links-2.2/connect.c.ssl-verify 2009-04-13 19:28:13.076133802 +0200 +++ links-2.2/connect.c 2009-04-13 19:27:34.467258505 +0200 @@ -319,6 +319,8 @@ void connected(struct connection *c) #ifdef HAVE_SSL if (c->ssl) { c->ssl = getSSL(); + if (!getenv("UNSAFE_SSL")) + SSL_set_verify(c->ssl, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); SSL_set_fd(c->ssl, *b->sock); #ifndef HAVE_NSS_COMPAT if (c->no_tsl) c->ssl->options |= SSL_OP_NO_TLSv1;