[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Lynx-dev] ANN: lynx2.8.9dev.7
|
From: |
Thomas Dickey |
|
Subject: |
Re: [Lynx-dev] ANN: lynx2.8.9dev.7 |
|
Date: |
Sun, 20 Dec 2015 18:25:01 -0500 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Mon, Dec 21, 2015 at 12:18:35AM +0100, Axel Beckert wrote:
> Hi Thomas,
>
> On Sat, Dec 19, 2015 at 01:57:19AM +0000, Thomas Dickey wrote:
> > * set SSL_MODE_AUTO_RETRY in OpenSSL configuration, completing work needed
> > for
> > Debian #707059 -TD
> > * adopt some of the patches from Debian lynx package:
> > + add support for client certificates (patch by Simon Kainz, Debian
> > #797901).
> > * fix for gnutls logic to support rehandshake on negotiation for optional
> > client certificate, e.g., for https://contributors.debian.org (patch by
> > Simon Kainz, Debian #797059).
> > * use gnutls_set_default_priority() to simplify algorithm priorities in the
> > gnutls configuration as well as track occassional changes in that library
> > (patch by Andreas Metzler, Debian #789189, Debian #784430).
>
> I'm not sure which of the SSL-related changes above actually caused
> this, but there seems a regression between lynx2.8.9dev.6 plus all the
> original Debian patches above and lynx lynx2.8.9dev.7 with all Debian
> patches removed which have been applied (and partially modified)
> upstream -- both compiled against GnuTLS as before in Debian:
>
> If I surf any HTTPS site by giving its URL as parameter on the
> commandline, it works fine. But if I press enter on any link which
> doesn't change to another server, I get this error message:
>
> SSL error:The certificate is NOT trusted. The certificate issuer is unknown.
> -Continue? (n)
thanks - I'll investigate that difference.
> I also verified that this message comes immediately if I connect to a
> site with a self-signed SSL certificate. That still works.
>
> It happened at least with "lynx https://www.phys.ethz.ch/"; and then
> selecting "Sitemap" and with "lynx https://duckduckgo.com/lite/"; and
> then searching for anything.
>
> I planned to upload lynx2.8.9dev.7 tonight to Debian Unstable, but I
> don't think it makes sense to do so with this regression. The current
> state of the packaging in Debian can be seen in the master branch of
> https://anonscm.debian.org/cgit/pkg-lynx/lynx-cur.git
>
> P.S.: You seem to have signed Lynx releases with the GPG key
> 5DDF8FB7688E31A6 in the past, but this release is signed with
> 702353E0F7E48EDB. While 5DDF8FB7688E31A6 has a signature from
> 702353E0F7E48EDB, 702353E0F7E48EDB hasn't been signed (publically
> known) by 5DDF8FB7688E31A6. It would be nice if the current key used
> to sign releases is also signed by the key previously used for that.
I'll see how to do this (I haven't lost any keys, but hadn't thought
to connect these).
--
Thomas E. Dickey <address@hidden>
http://invisible-island.net
ftp://invisible-island.net
signature.asc
Description: Digital signature
- [Lynx-dev] ANN: lynx2.8.9dev.7, Thomas Dickey, 2015/12/18
- [Lynx-dev] ANN: lynx2.8.9dev.7, Thomas Dickey, 2015/12/18
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Thomas Dickey, 2015/12/19
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Axel Beckert, 2015/12/20
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7,
Thomas Dickey <=
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Thomas Dickey, 2015/12/20
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Thorsten Glaser, 2015/12/20
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Thomas Dickey, 2015/12/20
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Thorsten Glaser, 2015/12/21
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Axel Beckert, 2015/12/21
- Re: [Lynx-dev] ANN: lynx2.8.9dev.7, Thomas Dickey, 2015/12/21