Sophie

Sophie

distrib > Fedora > 15 > i386 > by-pkgid > 33957eb7945a976bfddb2083db5d9dd1 > files > 3

links-2.2-13.fc15.src.rpm

Fix a security issue -- links would not verify SSL and TLS
certificates, rendering SSL support practically useless.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510417

Lubomir Rintel <lkundrak@v3.sk>

diff -up links-2.2/connect.c.ssl-verify links-2.2/connect.c
--- links-2.2/connect.c.ssl-verify	2009-04-13 19:28:13.076133802 +0200
+++ links-2.2/connect.c	2009-04-13 19:27:34.467258505 +0200
@@ -319,6 +319,8 @@ void connected(struct connection *c)
 #ifdef HAVE_SSL
 	if (c->ssl) {
 		c->ssl = getSSL();
+		if (!getenv("UNSAFE_SSL"))
+			SSL_set_verify(c->ssl, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
 		SSL_set_fd(c->ssl, *b->sock);
 #ifndef HAVE_NSS_COMPAT
 		if (c->no_tsl) c->ssl->options |= SSL_OP_NO_TLSv1;

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional