aniani/elinks
1
0
Fork 0
mirror of https://github.com/rkd77/elinks.git synced 2024-12-04 14:46:47 -05:00
Code

1022: NEWS and option documentation

Browse Source
This commit is contained in:
Kalle Olavi Niemitalo 2008-07-27 18:23:42 +03:00 committed by Kalle Olavi Niemitalo
parent 2e1983ce93
commit abe4927d69
2 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
NEWS
View File

@ -21,10 +21,14 @@ includes the changes listed under "ELinks 0.11.4.GIT now" below.
JS_CallFunction, which can crash if given a closure. JS_CallFunction, which can crash if given a closure.
* critical bug 1031: Use the same JSRuntime for both user SMJS and * critical bug 1031: Use the same JSRuntime for both user SMJS and
scripts on web pages, to work around SpiderMonkey bug 378918. scripts on web pages, to work around SpiderMonkey bug 378918.
* bug 1022: Add connection.ssl.trusted_ca_file setting for GnuTLS.
Before this, ELinks did not trust any certificate authorities when
it used GnuTLS, so certificate verification always failed if you
enabled it at connection.ssl.cert_verify.
* bug 1040: Blacklist servers that don't support TLS. This reduces * bug 1040: Blacklist servers that don't support TLS. This reduces
SSL errors especially in HTTP POST requests using GnuTLS. SSL errors especially in HTTP POST requests using GnuTLS.
* minor bug 951: SpiderMonkey scripting objects used to prevent ELinks * minor bug 951: SpiderMonkey scripting objects used to prevent ELinks
from removing files from the memory cache from removing files from the memory cache.
Bugs that should be removed from NEWS before the 0.12.0 release: Bugs that should be removed from NEWS before the 0.12.0 release:

22
src/network/ssl/ssl.c
View File

@ -160,12 +160,26 @@ done_gnutls(struct module *module)
static struct option_info gnutls_options[] = { static struct option_info gnutls_options[] = {
INIT_OPT_BOOL("connection.ssl", N_("Verify certificates"), INIT_OPT_BOOL("connection.ssl", N_("Verify certificates"),
"cert_verify", 0, 0, "cert_verify", 0, 0,
N_("Verify the peer's SSL certificate. Note that this\n" N_("Verify the peer's SSL certificate. If you enable\n"
"probably doesn't work properly at all with GnuTLS.")), "this, set also \"Trusted CA file\".")),
/* FIXME: Better description. */
/* The default value of the following option points to a file
* generated by the ca-certificates Debian package. Don't use
* CONFDIR here: if someone installs ELinks in $HOME and wants
* to have a user-specific trust list, he or she can just
* change the file name via the option manager. Distributors
* of binary packages should of course change the default to
* suit their systems.
* TODO: If the file name is relative, look in elinks_home? */
INIT_OPT_STRING("connection.ssl", N_("Trusted CA file"), INIT_OPT_STRING("connection.ssl", N_("Trusted CA file"),
"trusted_ca_file", 0, "/etc/ssl/certs/ca-certificates.crt", "trusted_ca_file", 0, "/etc/ssl/certs/ca-certificates.crt",
N_("The location of the trusted CA file.")), N_("The location of a file containing certificates of\n"
"trusted certification authorities in PEM format.\n"
"ELinks then trusts certificates issued by these CAs.\n"
"If you change this option or the file, you must\n"
"restart ELinks for the changes to take effect.\n"
"This option affects GnuTLS but not OpenSSL.")),
NULL_OPTION_INFO, NULL_OPTION_INFO,
}; };