lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Lynx-dev] lynx2.8.7dev.13


From: Thomas Dickey
Subject: RE: [Lynx-dev] lynx2.8.7dev.13
Date: Mon, 2 Feb 2009 06:41:00 -0500 (EST)

On Mon, 2 Feb 2009, Thorsten Glaser wrote:

Larson, Timothy E. dixit:

Just curious, and maybe you've mentioned this already and I missed it,
but when do you plan to cut 2.8.7 final?  Are you shooting for a
specific feature set before release, or do you cut one every X months,
or some other system?

I wonder… the dev versions have been more stable than other projects’
releases since at least 2.8.3dev.* so… IMHO lynx doesn’t even really
need releases, except for publicity reasons. There are very few things
which break, such as the UTF-8 stuff in dev.12, even though we’re all
humans and TD has about as much work as I do…


Anyway, the GnuTLS version seems to be a little weird (unless this is
a bug in lynx-cur in Debian):
        $ lynx https://www.mirbsd.org/
works fine with OpenSSL, provided that the CAcert.org Root CA certifi-
cate is located in /etc/ssl/certs/5ed36f99.0 whereas the GnuTLS built
needs to
① # cat /etc/ssl/certs/* >/etc/ssl/certs/ca-certificates.crt
② uncomment that line in /etc/lynx-cur/lynx.cfg
③ it now works with https://eurynome.mirbsd.org/ but not www.mirbsd.org
 so the GnuTLS build doesn’t recognise X.509v3 subjectAltName… I had
 thought Joey ported my code to do that from OpenSSL to GnuTLS?

Perhaps this change from dev.11 is incorrect:

* fix src/tidy_tls.c X509_get_issuer_name to actually take the issuer DN of the
  present certificate and not hope that it is the same as taking the subject DN
  of the "next" certificate which may or may not exist (Debian #499945, patch
  by Thomas Viehmann)


That was with 2.8.7dev.12-2 from sid (grml.org)

--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net

reply via email to

[Prev in Thread] Current Thread [Next in Thread]