[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
lynx-dev SSL patches for lynx2.8.2dev.2
|
From: |
Ismael Cordeiro |
|
Subject: |
lynx-dev SSL patches for lynx2.8.2dev.2 |
|
Date: |
Sat, 14 Nov 1998 00:46:29 -0500 (EST) |
Here are Mark Mentovai's SSL patches modified to work with lynx2.8.2dev.2.
Only the patches for HTNews.c and HTTP.c had to be modified.
*** lynx2-8-1.dist/WWW/Library/Implementation/HTAAUtil.c Thu Aug 6
08:28:22 1998
--- lynx2-8-1/WWW/Library/Implementation/HTAAUtil.c Mon Oct 26 15:06:51 1998
***************
*** 50,55 ****
--- 50,62 ----
#include <HTTCP.h>
#include <HTAlert.h>
+ #ifdef USE_SSL
+ #define free_func free__func
+ #include <ssl.h>
+ #undef free_func
+ PRIVATE SSL * Handle = NULL; /* The SSL Handle */
+ #endif /* USE_SSL */
+
#include <LYStrings.h>
#include <LYLeaks.h>
***************
*** 531,537 ****
--- 538,551 ----
/* Reading from socket */
if (start_pointer >= end_pointer) {/*Read the next block and continue*/
+ #ifdef USE_SSL
+ if (Handle)
+ count = SSL_read(Handle, buffer, BUFFER_SIZE);
+ else
+ count = NETREAD(in_soc, buffer, BUFFER_SIZE);
+ #else
count = NETREAD(in_soc, buffer, BUFFER_SIZE);
+ #endif /* USE_SSL */
if (count <= 0) {
in_soc = -1;
return line;
*** lynx2-8-1.dist/WWW/Library/Implementation/HTFormat.c Wed Sep 30
17:06:48 1998
--- lynx2-8-1/WWW/Library/Implementation/HTFormat.c Mon Oct 26 15:06:51 1998
***************
*** 17,22 ****
--- 17,28 ----
*/
#include <HTFormat.h>
+ #ifdef USE_SSL
+ #define free_func free__func
+ #include <ssl.h>
+ #undef free_func
+ #endif /* USE_SSL */
+
PUBLIC float HTMaxSecs = 1e10; /* No effective limit */
PUBLIC float HTMaxLength = 1e10; /* No effective limit */
PUBLIC long int HTMaxBytes = 0; /* No effective limit */
***************
*** 248,253 ****
--- 254,292 ----
return FROMASCII(ch);
}
+ #ifdef USE_SSL
+ PUBLIC char HTGetSSLCharacter ARGS1(void *, handle)
+ {
+ char ch;
+ interrupted_in_htgetcharacter = 0;
+ if(!handle)
+ return (char)EOF;
+ do {
+ if (input_pointer >= input_limit) {
+ int status = SSL_read((SSL *)handle,
+ input_buffer, INPUT_BUFFER_SIZE);
+ if (status <= 0) {
+ if (status == 0)
+ return (char)EOF;
+ if (status == HT_INTERRUPTED) {
+ CTRACE(tfp, "HTFormat: Interrupted in HTGetSSLCharacter\n");
+ interrupted_in_htgetcharacter = 1;
+ return (char)EOF;
+ }
+ CTRACE(tfp, "HTFormat: SSL_read error %d\n", status);
+ return (char)EOF; /* -1 is returned by UCX
+ at end of HTTP link */
+ }
+ input_pointer = input_buffer;
+ input_limit = input_buffer + status;
+ }
+ ch = *input_pointer++;
+ } while (ch == (char) 13); /* Ignore ASCII carriage return */
+
+ return FROMASCII(ch);
+ }
+ #endif /* USE_SSL */
+
/* Match maintype to any MIME type starting with maintype,
* for example: image/gif should match image
*/
***************
*** 570,576 ****
--- 609,622 ----
goto finished;
}
+ #ifdef USE_SSL
+ if (handle)
+ status = SSL_read((SSL *)handle, input_buffer, INPUT_BUFFER_SIZE);
+ else
+ status = NETREAD(file_number, input_buffer, INPUT_BUFFER_SIZE);
+ #else
status = NETREAD(file_number, input_buffer, INPUT_BUFFER_SIZE);
+ #endif /* USE_SSL */
if (status <= 0) {
if (status == 0) {
*** lynx2-8-1/WWW/Library/Implementation/HTNews.c.orig Tue Nov 10 14:47:38 1998
--- lynx2-8-1/WWW/Library/Implementation/HTNews.c Fri Nov 13 12:31:21 1998
***************
*** 33,41 ****
--- 33,58 ----
#define SERVER_FILE "/usr/local/lib/rn/server"
#endif /* SERVER_FILE */
+ #ifdef USE_SSL
+ #define free_func free__func
+ #include <ssl.h>
+ #undef free_func
+ extern SSL_CTX * ssl_ctx;
+ extern SSL * HTGetSSLHandle NOPARAMS;
+ PRIVATE SSL * Handle = NULL;
+ PRIVATE int channel_s = 1;
+ #define NEWS_NETWRITE(sock, buff, size) \
+ (Handle ? SSL_write(Handle, buff, size) : NETWRITE(sock, buff, size))
+ #define NEWS_NETCLOSE(sock) \
+ { (void)NETCLOSE(sock); if (Handle) SSL_free(Handle); Handle = NULL; }
+ extern char HTGetSSLCharacter PARAMS((void *handle));
+ PRIVATE char HTNewsGetCharacter NOPARAMS;
+ #define NEXT_CHAR HTNewsGetCharacter()
+ #else
#define NEWS_NETWRITE NETWRITE
#define NEWS_NETCLOSE NETCLOSE
#define NEXT_CHAR HTGetCharacter()
+ #endif /* USE_SSL */
#include <HTML.h>
#include <HTParse.h>
***************
*** 2024,2034 ****
--- 2041,2053 ----
group_wanted) &&
strchr(arg, '@') == NULL) && (strchr(arg, '*') != NULL);
+ #ifndef USE_SSL
if (!strncasecomp(arg, "snewspost:", 10) ||
!strncasecomp(arg, "snewsreply:", 11)) {
HTAlert(gettext("This client does not contain support for posting
to news with SSL."));
return HT_NOT_LOADED;
}
+ #endif /* !USE_SSL */
if (post_wanted || reply_wanted || spost_wanted || sreply_wanted) {
/*
** Make sure we have a non-zero path for the newsgroup(s). - FM
***************
*** 2115,2124 ****
--- 2134,2180 ----
sprintf(command, "nntp://%.251s/";, NewsHost);
StrAllocCopy(NewsHREF, command);
}
+ #ifdef USE_SSL
+ else if (!strncasecomp (arg, "snews:";, 6)) {
+ if (((*(arg + 6) == '\0') ||
+ (!strcmp((arg + 6), "/") ||
+ !strcmp((arg + 6), "//") ||
+ !strcmp((arg + 6), "///"))) ||
+ ((!strncmp((arg + 6), "//", 2)) &&
+ (!(cp = strchr((arg + 8), '/')) || *(cp + 1) == '\0'))) {
+ p1 = "*";
+ group_wanted = FALSE;
+ list_wanted = TRUE;
+ } else if (*(arg + 6) != '/') {
+ p1 = (arg + 6);
+ } else if (*(arg + 6) == '/' && *(arg + 7) != '/') {
+ p1 = (arg + 7);
+ } else {
+ p1 = (cp + 1);
+ }
+ if (!(cp = HTParse(arg, "", PARSE_HOST)) || *cp == '\0') {
+ if (s >= 0 && NewsHost && strcasecomp(NewsHost, HTNewsHost)) {
+ NEWS_NETCLOSE(s);
+ s = -1;
+ }
+ StrAllocCopy(NewsHost, HTNewsHost);
+ } else {
+ if (s >= 0 && NewsHost && strcasecomp(NewsHost, cp)) {
+ NEWS_NETCLOSE(s);
+ s = -1;
+ }
+ StrAllocCopy(NewsHost, cp);
+ }
+ FREE(cp);
+ sprintf(command, "snews://%.250s/";, NewsHost);
+ StrAllocCopy(NewsHREF, command);
+ }
+ #else
else if (!strncasecomp(arg, "snews:";, 6)) {
HTAlert(gettext("This client does not contain support for SNEWS
URLs."));
return HT_NOT_LOADED;
}
+ #endif /* USE_SSL */
else if (!strncasecomp (arg, "news:/";, 6)) {
if (((*(arg + 6) == '\0') ||
!strcmp((arg + 6), "/") ||
***************
*** 2315,2320 ****
--- 2371,2414 ----
** Now, let's get a stream setup up from the NewsHost.
*/
for (retries = 0; retries < 2; retries++) {
+ #ifdef USE_SSL
+ if (Handle && channel_s >= 0) {
+ s = channel_s;
+ channel_s = -1;
+ HTInitInput(s); /* set up buffering */
+ if (((status = response(NULL)) / 100) != 2) {
+ char message[BIG];
+ NEWS_NETCLOSE(s);
+ s = -1;
+ if (status == HT_INTERRUPTED) {
+ _HTProgress(gettext("Connection interrupted."));
+ } else {
+ HTAlert(gettext("Can't read news info."));
+ CTRACE(tfp, "News host %.20s responded: %.200s\n",
+ NewsHost, response_text);
+ if (!(post_wanted || reply_wanted ||
+ spost_wanted || sreply_wanted))
+ (*targetClass._abort)(target, NULL);
+ FREE(NewsHost);
+ FREE(NewsHREF);
+ FREE(ProxyHost);
+ FREE(ProxyHREF);
+ FREE(ListArg);
+ if (postfile) {
+ #ifdef VMS
+ while (remove(postfile) == 0)
+ ; /* loop through all versions */
+ #else
+ remove(postfile);
+ #endif /* VMS */
+ FREE(postfile);
+ }
+ return HT_NOT_LOADED;
+ }
+ }
+ }
+ #endif /* USE_SSL */
+
if (s < 0) {
/* CONNECTING to news host */
char url[260];
***************
*** 2329,2335 ****
--- 2423,2440 ----
_HTProgress(gettext("Connecting to NewsHost ..."));
+ #ifdef USE_SSL
+ if (!using_proxy &&
+ (!strncmp(arg, "snews:";, 6) ||
+ !strncmp(arg, "snewspost:", 10) ||
+ !strncmp(arg, "snewsreply:", 11)))
+ status = HTDoConnect (url, "NNTP", SNEWS_PORT, &s);
+ else
+ status = HTDoConnect (url, "NNTP", NEWS_PORT, &s);
+ #else
status = HTDoConnect (url, "NNTP", NEWS_PORT, &s);
+ #endif /* USE_SSL */
+
if (status == HT_INTERRUPTED) {
/*
** Interrupt cleanly.
***************
*** 2345,2350 ****
--- 2450,2461 ----
FREE(ProxyHost);
FREE(ProxyHREF);
FREE(ListArg);
+ #ifdef USE_SSL
+ if (Handle) {
+ SSL_free(Handle);
+ Handle = NULL;
+ }
+ #endif /* USE_SSL */
if (postfile) {
HTSYS_remove(postfile);
FREE(postfile);
***************
*** 2372,2377 ****
--- 2483,2530 ----
} else {
CTRACE(tfp, "HTNews: Connected to news host %s.\n",
NewsHost);
+ #ifdef USE_SSL
+ /*
+ ** If this is an snews url,
+ ** then do the SSL stuff here
+ */
+ if (!using_proxy &&
+ (!strncmp(url, "snews", 5) ||
+ !strncmp(url, "snewspost:", 10) ||
+ !strncmp(url, "snewsreply:", 11))) {
+ Handle = HTGetSSLHandle();
+ SSL_set_fd(Handle, s);
+ status = SSL_connect(Handle);
+
+ if (status <= 0) {
+ CTRACE(tfp,
+ "HTNews: Unable to complete SSL handshake for remote host '%s' (SSLerror =
%d)\n",
+ url, status);
+ HTAlert(gettext("Unable to make secure connection to
remote host."));
+ NEWS_NETCLOSE(s);
+ s = -1;
+ if (!(post_wanted || reply_wanted ||
+ spost_wanted || sreply_wanted))
+ (*targetClass._abort)(target, NULL);
+ FREE(NewsHost);
+ FREE(NewsHREF);
+ FREE(ProxyHost);
+ FREE(ProxyHREF);
+ FREE(ListArg);
+ if (postfile) {
+ #ifdef VMS
+ while (remove(postfile) == 0)
+ ; /* loop through all versions */
+ #else
+ remove(postfile);
+ #endif /* VMS */
+ FREE(postfile);
+ }
+ return HT_NOT_LOADED;
+ }
+ _HTProgress(SSL_get_cipher(Handle));
+ }
+ #endif /* USE_SSL */
HTInitInput(s); /* set up buffering */
if (proxycmd[0]) {
status = NEWS_NETWRITE(s, proxycmd, strlen(proxycmd));
***************
*** 2700,2705 ****
--- 2853,2897 ----
*/
free_NNTP_AuthInfo();
}
+
+ #ifdef USE_SSL
+ PRIVATE char HTNewsGetCharacter NOARGS
+ {
+ if (!Handle)
+ return HTGetCharacter();
+ else
+ return HTGetSSLCharacter((void *)Handle);
+ }
+
+ PUBLIC int HTNewsProxyConnect ARGS5 (int, sock, CONST char *, url,
+ HTParentAnchor *, anAnchor,
+ HTFormat, format_out,
+ HTStream *, sink)
+ {
+ int status;
+ CONST char * arg = url;
+
+ s = channel_s = sock;
+ Handle = HTGetSSLHandle();
+ SSL_set_fd(Handle, s);
+ status = SSL_connect(Handle);
+
+ if (status <= 0) {
+ channel_s = -1;
+ CTRACE(tfp,
+ "HTTP: Unable to complete SSL handshake for remote host '%s' (SSLerror =
%d)\n",
+ url, status);
+ HTAlert(gettext("Unable to make secure connection to remote host."));
+ NEWS_NETCLOSE(s);
+ s = -1;
+ return HT_NOT_LOADED;
+ }
+ _HTProgress(SSL_get_cipher(Handle));
+ status = HTLoadNews(arg, anAnchor, format_out, sink);
+ channel_s = -1;
+ return status;
+ }
+ #endif /* USE_SSL */
#ifdef GLOBALDEF_IS_MACRO
#define _HTNEWS_C_1_INIT { "news", HTLoadNews, NULL }
*** lynx2-8-1/WWW/Library/Implementation/HTTP.c.orig Tue Nov 10 14:47:38 1998
--- lynx2-8-1/WWW/Library/Implementation/HTTP.c Fri Nov 13 12:31:32 1998
***************
*** 10,15 ****
--- 10,22 ----
#include <HTTP.h>
#include <LYUtils.h>
+ #ifdef USE_SSL
+ #define free_func free__func
+ #include <ssl.h>
+ #include <crypto.h>
+ #undef free_func
+ #endif /* USE_SSL */
+
#define HTTP_VERSION "HTTP/1.0"
#define HTTP_PORT 80
***************
*** 64,72 ****
--- 71,121 ----
extern BOOL traversal; /* TRUE if we are doing a traversal */
extern BOOL dump_output_immediately; /* TRUE if no interactive user */
+ #ifdef USE_SSL
+ PUBLIC SSL_CTX * ssl_ctx = NULL; /* SSL ctx */
+
+ PRIVATE void free_ssl_ctx NOARGS
+ {
+ if (ssl_ctx != NULL)
+ SSL_CTX_free(ssl_ctx);
+ }
+
+ PUBLIC SSL * HTGetSSLHandle NOARGS
+ {
+ if (ssl_ctx == NULL) {
+ /*
+ * First time only.
+ */
+ #if SSLEAY_VERSION_NUMBER < 0x0800
+ ssl_ctx = SSL_CTX_new();
+ X509_set_default_verify_paths(ssl_ctx->cert);
+ #else
+ SSLeay_add_ssl_algorithms();
+ ssl_ctx = SSL_CTX_new(SSLv23_client_method());
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
+ SSL_CTX_set_default_verify_paths(ssl_ctx);
+ #endif /* SSLEAY_VERSION_NUMBER < 0x0800 */
+ atexit(free_ssl_ctx);
+ }
+ return(SSL_new(ssl_ctx));
+ }
+
+ #define HTTP_NETREAD(sock, buff, size, handle) \
+ (handle ? SSL_read(handle, buff, size) : NETREAD(sock, buff, size))
+ #define HTTP_NETWRITE(sock, buff, size, handle) \
+ (handle ? SSL_write(handle, buff, size) : NETWRITE(sock, buff, size))
+ #define HTTP_NETCLOSE(sock, handle) \
+ { (void)NETCLOSE(sock); if (handle) SSL_free(handle); handle = NULL; }
+
+ extern int HTNewsProxyConnect PARAMS (( int sock, CONST char *url,
+ HTParentAnchor *anAnchor,
+ HTFormat format_out,
+ HTStream *sink ));
+ #else
#define HTTP_NETREAD(a, b, c, d) NETREAD(a, b, c)
#define HTTP_NETWRITE(a, b, c, d) NETWRITE(a, b, c)
#define HTTP_NETCLOSE(a, b) (void)NETCLOSE(a)
+ #endif /* USE_SSL */
/* Load Document from HTTP Server HTLoadHTTP()
***************
*** 121,127 ****
--- 170,187 ----
BOOL doing_redirect, already_retrying = FALSE, bad_location = FALSE;
int len = 0;
+ #ifdef USE_SSL
+ BOOL do_connect = FALSE; /* ARE WE going to use a proxy tunnel ? */
+ BOOL did_connect = FALSE; /* ARE WE actually using a proxy tunnel ? */
+ CONST char *connect_url = NULL; /* The URL being proxied */
+ char *connect_host = NULL; /* The host being proxied */
+ SSL * handle = NULL; /* The SSL handle */
+ #if SSLEAY_VERSION_NUMBER >= 0x0900
+ BOOL try_tls = TRUE;
+ #endif /* SSLEAY_VERSION_NUMBER >= 0x0900 */
+ #else
void * handle = NULL;
+ #endif /* USE_SSL */
if (anAnchor->isHEAD)
do_head = TRUE;
***************
*** 139,144 ****
--- 199,228 ----
goto done;
}
+ #ifdef USE_SSL
+ if (using_proxy && !strncmp(url, "http://";, 7)) {
+ if (connect_url = strstr((url+7), "https://";)) {
+ do_connect = TRUE;
+ connect_host = HTParse(connect_url, "https", PARSE_HOST);
+ if (!strchr(connect_host, ':')) {
+ sprintf(temp, ":%d", HTTPS_PORT);
+ StrAllocCat(connect_host, temp);
+ }
+ CTRACE(tfp, "HTTP: connect_url = '%s'\n", connect_url);
+ CTRACE(tfp, "HTTP: connect_host = '%s'\n", connect_host);
+ } else if (connect_url = strstr((url+7), "snews://";)) {
+ do_connect = TRUE;
+ connect_host = HTParse(connect_url, "snews", PARSE_HOST);
+ if (!strchr(connect_host, ':')) {
+ sprintf(temp, ":%d", SNEWS_PORT);
+ StrAllocCat(connect_host, temp);
+ }
+ CTRACE(tfp, "HTTP: connect_url = '%s'\n", connect_url);
+ CTRACE(tfp, "HTTP: connect_host = '%s'\n", connect_host);
+ }
+ }
+ #endif /* USE_SSL */
+
sprintf(crlf, "%c%c", CR, LF);
/*
***************
*** 162,173 ****
--- 246,263 ----
line_kept_clean = NULL;
if (!strncmp(url, "https", 5))
+ #ifdef USE_SSL
+ status = HTDoConnect (url, "HTTPS", HTTPS_PORT, &s);
+ else
+ status = HTDoConnect (url, "HTTP", HTTP_PORT, &s);
+ #else
{
HTAlert(gettext("This client does not contain support for HTTPS
URLs."));
status = HT_NOT_LOADED;
goto done;
}
status = HTDoConnect (arg, "HTTP", HTTP_PORT, &s);
+ #endif /* USE_SSL */
if (status == HT_INTERRUPTED) {
/*
** Interrupt cleanly.
***************
*** 185,196 ****
--- 275,353 ----
goto done;
}
+ #ifdef USE_SSL
+ use_tunnel:
+ /*
+ ** If this is an https document
+ ** then do the SSL stuff here
+ */
+ if (did_connect || !strncmp(url, "https", 5)) {
+ handle = HTGetSSLHandle();
+ SSL_set_fd(handle, s);
+ #if SSLEAY_VERSION_NUMBER >= 0x0900
+ if (!try_tls)
+ handle->options|=SSL_OP_NO_TLSv1;
+ #endif /* SSLEAY_VERSION_NUMBER >= 0x0900 */
+ status = SSL_connect(handle);
+
+ if (status <= 0) {
+ #if SSLEAY_VERSION_NUMBER >= 0x0900
+ if (try_tls) {
+ CTRACE(tfp, "HTTP: Retrying connection without TLS\n");
+ _HTProgress("Retrying connection.");
+ try_tls = FALSE;
+ if (did_connect)
+ HTTP_NETCLOSE(s, handle);
+ goto try_again;
+ } else {
+ CTRACE(tfp,
+ "HTTP: Unable to complete SSL handshake for remote host '%s' (SSLerror =
%d)\n",
+ url, status);
+ HTAlert(gettext("Unable to make secure connection to
remote host."));
+ if (did_connect)
+ HTTP_NETCLOSE(s, handle);
+ status = HT_NOT_LOADED;
+ goto done;
+ }
+ #else
+ CTRACE(tfp,
+ "HTTP: Unable to complete SSL handshake for remote host '%s' (SSLerror =
%d)\n",
+ url, status);
+ HTAlert(gettext("Unable to make secure connection to remote
host."));
+ if (did_connect)
+ HTTP_NETCLOSE(s, handle);
+ status = HT_NOT_LOADED;
+ goto done;
+ #endif /* SSLEAY_VERSION_NUMBER >= 0x0900 */
+ }
+ _HTProgress (SSL_get_cipher(handle));
+
+ #ifdef NOTDEFINED
+ if (strcmp(HTParse(url, "", PARSE_HOST),
+ strstr(X509_NAME_oneline(
+ X509_get_subject_name(
+ handle->session->peer)),"/CN=")+4)) {
+ HTAlert(gettext("Certificate is for different host name"));
+ HTAlert(strstr(X509_NAME_oneline(
+ X509_get_subject_name(
+ handle->session->peer)),"/CN=")+4);
+ }
+ #endif /* NOTDEFINED */
+ }
+ #endif /* USE_SSL */
+
/* Ask that node for the document,
** omitting the host name & anchor
*/
{
char * p1 = (HTParse(url, "", PARSE_PATH|PARSE_PUNCTUATION));
+ #ifdef USE_SSL
+ if (do_connect) {
+ METHOD = "CONNECT";
+ StrAllocCopy(command, "CONNECT ");
+ } else
+ #endif /* USE_SSL */
if (do_post) {
METHOD = "POST";
StrAllocCopy(command, "POST ");
***************
*** 207,214 ****
--- 364,380 ----
** of say: /gopher://a;lkdjfl;ajdf;lkj/;aldk/adflj
** so that just gopher://.... is sent.
*/
+ #ifdef USE_SSL
+ if (using_proxy && !did_connect) {
+ if (do_connect)
+ StrAllocCat(command, connect_host);
+ else
+ StrAllocCat(command, p1+1);
+ }
+ #else
if (using_proxy)
StrAllocCat(command, p1+1);
+ #endif /* USE_SSL */
else
StrAllocCat(command, p1);
FREE(p1);
***************
*** 437,442 ****
--- 603,612 ----
if (traversal || dump_output_immediately)
HTAlert(
gettext("Can't proceed without a username and
password."));
+ #ifdef USE_SSL
+ if (did_connect)
+ HTTP_NETCLOSE(s, handle);
+ #endif /* USE_SSL */
FREE(command);
FREE(hostname);
FREE(docname);
***************
*** 552,558 ****
--- 722,732 ----
auth_proxy = NO;
}
+ #ifdef USE_SSL
+ if (!do_connect && do_post) {
+ #else
if (do_post) {
+ #endif /* USE_SSL */
CTRACE (tfp, "HTTP: Doing post, content-type '%s'\n",
anAnchor->post_content_type ? anAnchor->post_content_type
: "lose");
***************
*** 578,586 ****
--- 752,766 ----
else
StrAllocCat(command, crlf); /* Blank line means "end" of headers */
+ #ifdef USE_SSL
+ CTRACE (tfp, "Writing:\n%s%s----------------------------------\n",
+ command,
+ (anAnchor->post_data && !do_connect ? crlf : ""));
+ #else
CTRACE (tfp, "Writing:\n%s%s----------------------------------\n",
command,
(anAnchor->post_data ? crlf : ""));
+ #endif /* USE_SSL */
_HTProgress (gettext("Sending HTTP request."));
***************
*** 916,921 ****
--- 1096,1130 ----
* > 206 is unknown.
* All should return something to display.
*/
+ #ifdef USE_SSL
+ if (do_connect) {
+ CTRACE(tfp, "HTTP: Proxy tunnel to '%s' established.\n",
+ connect_host);
+ do_connect = FALSE;
+ url = connect_url;
+ FREE(line_buffer);
+ FREE(line_kept_clean);
+ if (!strncmp(connect_url, "snews", 5)) {
+ CTRACE(tfp,
+ " Will attempt handshake and snews connection.\n");
+ status = HTNewsProxyConnect(s, url, anAnchor,
+ format_out, sink);
+ goto done;
+ }
+ did_connect = TRUE;
+ already_retrying = TRUE;
+ eol = 0;
+ bytes_already_read = 0;
+ had_header = NO;
+ length = 0;
+ doing_redirect = FALSE;
+ permanent_redirection = FALSE;
+ target = NULL;
+ CTRACE(tfp,
+ " Will attempt handshake and resubmit headers.\n");
+ goto use_tunnel;
+ }
+ #endif /* USE_SSL */
HTProgress(line_buffer);
} /* case 2 switch */
break;
***************
*** 1466,1471 ****
--- 1675,1687 ----
gettext("Retrying with access authorization
information."));
FREE(line_buffer);
FREE(line_kept_clean);
+ #ifdef USE_SSL
+ if (using_proxy && !strncmp(url, "https://";, 8)) {
+ url = arg;
+ do_connect = TRUE;
+ did_connect = FALSE;
+ }
+ #endif /* USE_SSL */
goto try_again;
} else if (!(traversal || dump_output_immediately) &&
HTConfirm(gettext("Show the 401 message body?"))) {
***************
*** 1755,1760 ****
--- 1971,1985 ----
do_head = FALSE;
do_post = FALSE;
reloading = FALSE;
+ #ifdef USE_SSL
+ do_connect = FALSE;
+ did_connect = FALSE;
+ FREE(connect_host);
+ if (handle) {
+ SSL_free(handle);
+ handle = NULL;
+ }
+ #endif /* USE_SSL */
return status;
}
*** lynx2-8-1/makefile.in.orig Tue Nov 10 14:47:38 1998
--- lynx2-8-1/makefile.in Fri Nov 13 20:22:00 1998
***************
*** 63,68 ****
--- 63,79 ----
address@hidden@
address@hidden@
+ # !!!!!!!!!! SSL Support (HTTPS connections) !!!!!!!!!!!!!!!!!!!!!!!!!!!
+ # To build a Lynx binary which supports the Secure Sockets Layer (SSL),
+ # you must compile in the crypto and SSL implementations from the SSLeay
+ # library, available at ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/. Once you
+ # have installed SSLeay, change the location of the crypto and SSL
+ # libraries in SSL_LIBS and the location of ssl.h and crypto.h in
+ # SSL_DEFINES if necessary. Defining USE_SSL below will create a binary
+ # which supports "https" and "snews" URLs.
+ SSL_LIBS= -L/usr/local/ssl/lib -lssl -lcrypto
+ SSL_DEFINES= -I/usr/local/ssl/include -DUSE_SSL
+
# !!!!!!!!!!! SUN resolv LIBRARY !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# To include resolv in the LIBS="" list for SUN 3, 4 or Solaris OS,
# point RESOLVLIB to that library. You need this if you get the message
***************
*** 97,109 ****
# If you apply patches which require linking to site-specific libraries, set
# SITE_LIBS to those libraries.
! SITE_LIBS= # Your libraries here
# Set SITE_LYDEFS to one or more of the defines for the WWW Library:
! SITE_LYDEFS = # Your defines here
# Set SITE_DEFS to one or more of the defines for lynx below:
! SITE_DEFS = # Your defines here
# defines for which there are no configure options:
# -DHP_TERMINAL For DIM workaround to REVERSE problems on HP terminals.
--- 108,120 ----
# If you apply patches which require linking to site-specific libraries, set
# SITE_LIBS to those libraries.
! SITE_LIBS= $(SSL_LIBS) # Your libraries here
# Set SITE_LYDEFS to one or more of the defines for the WWW Library:
! SITE_LYDEFS = $(SSL_DEFINES) # Your defines here
# Set SITE_DEFS to one or more of the defines for lynx below:
! SITE_DEFS = $(SSL_DEFINES) # Your defines here
# defines for which there are no configure options:
# -DHP_TERMINAL For DIM workaround to REVERSE problems on HP terminals.
Ismael
--
+--------------------------------------------------------------+
| ISMAEL CORDEIRO | mailto:address@hidden |
| Production sound mixer | http://www.ismael.cordeiro.com/ |
| Montréal - Québec - Canada | ftp://ftp.cam.org/users/ismael/ |
+--------------------------------------------------------------+
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- lynx-dev SSL patches for lynx2.8.2dev.2,
Ismael Cordeiro <=