[dev] [surf] Check SSL certificates

From: Nick <suckless-dev_AT_njw.me.uk>
Date: Thu, 17 Feb 2011 00:11:56 +0000

Hi folks,

The lack of any certificate checking in surf has been getting to me
for some time, and I finally got around to fixing it.

The attached patch checks the certificates against a ca file
(specified in config.h). If there's a failure, the progress bar goes
red (I changed the default http progress colour to blue). There's
also an option in config.h to stop connecting on certificate
failure; 'strictssl'.

Hopefully this, or a derivative, can make it into the surf trunk.

So now finally the horrible hierarchical 'trust' model of HTTPS is
available to surf users. At some point in the future I plan to add a
monkeysphere[1] patch to surf, which seems much nicer.


[1] https://web.monkeysphere.info

P.S. The patch is against the latest tip, 7a931a352cf9

Received on Thu Feb 17 2011 - 01:11:56 CET

This archive was generated by hypermail 2.2.0 : Thu Feb 17 2011 - 01:12:02 CET