lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV How do I get https to work?

From: Foteos Macrides
Subject: Re: LYNX-DEV How do I get https to work?
Date: Tue, 08 Apr 1997 13:28:05 -0500 (EST) 
Wayne Buttles <address@hidden> wrote:
>On Tue, 8 Apr 1997, Scott McGee (Personal) wrote:
>
>> Actually, you are correct in both cases. Lynx supports https connections,
>> but the support is not built into the distributed Lynx source due to US
>> Government restrictions.
>
>Someone aluded to the fact that Lynx 2.7.1 could, without modification,
>use an https proxy.  Is this true?  I haven't done any digging yet--it has
>been one of those ~someday~ kind of issues.  

        You don't need any mods of v2.7.1 if you use Tom's daemon to
do the SSL handling on Lynx's behalf.  If you want built-in SSL
support, you need to send me an email massage affirming that you
are a US or Canadian citizen, and will not violate applicable US
Export Laws or RSA patents.  I will then email (to your US or
Canadian address) a uuencoded zip with replacement files that have
hooks for the Cryto library.

        My hooks do not support client-side certificates.  Tom's
daemon does, so that's preferable, unless you have reason to worry
about the Intranet communication between Lynx and the daemon being
unencrypted.  Appended is the SSLeay.announce I include in the
zip.

                                Fote

=========================================================================
 Foteos Macrides            Worcester Foundation for Biomedical Research
 address@hidden         222 Maple Avenue, Shrewsbury, MA 01545
=========================================================================

                        Lynx v2.7.1 SSL Support

        Lynx has HTTPS, SNEWS and CONNECT support via patches or
replacement files for the general distribution.  It currently is based
on the SSLeay crypto and SSL libraries, whose distribution and use
are restricted by licenses and state and US laws and regulations as
described in:

   Linkname: SSLeay: SSLeay and SSLapps FAQ
        URL: http://psych.psy.uq.oz.au/~ftp/Crypto/

        The original implementation of HTTPS support in Lynx was done
by Lou Montulli (address@hidden) for lynx2-3-7, using the RSA
encryptions library and Netscape SSL library.  Fote Macrides adapted
that to lynx2-3-FM, and used it as a model for adding the SNEWS support.
Fote also added CONNECT support (for tunneling HTTPS and SNEWS requests
and documents through proxy servers), based on discussions with Ari
Luotonen (address@hidden) about the procedure and his patch for
implementing CONNECT support in the CERN proxy server.  The hooks for
SSL support subsequently had to be removed from the general Lynx
distribution to avoid problems related to US Export Law restrictions.
 
        Tom Zerucha (address@hidden) subsequently adapted the hooks for
use with the SSLeay libraries.  He had been maintaining them as a patch
set, and had been making them available to qualified recipients for
application to the Lynx general distributions.  He now, instead, offers
code for a daemon which can be used analogously to a proxy by a hookless
Lynx image to handle the SSL protocol on the hookless image's behalf.
Check the "Lynx links" page via the online 'h'elp, or contact Tom, for
more information about that daemon.

        This SSL hook replacement file set is Fote's adaptation of Tom's
earlier patch set for including hooks within the Lynx image, and is for
use with Lynx v2.7.1.  The SSL hook replacement C files are:

         HTAAUtils.c, HTFormat.c, HTNews.c and HTTP.c

in the lynx2-7-1/WWW/Library/Implementation subdirectory.  A replacement
for the top-level Makefile for Unix, and lynx2-7-1/buildssl.com and
lynx2-7-1/WWW/Library/vms/libmakessl.com files for VMS, also are included. 
Read the Makefile or .com files for more information about building an
SSL-capable Lynx.

        Updates of the SSL hooks are needed *only* if one or more of the
above four C modules (or Unix Makefile or VMS .com files) change.

        Note that to avoid patent problems in the US, SSLeay should be
made using RSAREF.  SSLeay has documentation on how to do this.  Also
see the comments on SSL_LIBS in the Makefile.
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]