Hi folks,
The lack of any certificate checking in surf has been getting to me
for some time, and I finally got around to fixing it.
The attached patch checks the certificates against a ca file
(specified in config.h). If there's a failure, the progress bar goes
red (I changed the default http progress colour to blue). There's
also an option in config.h to stop connecting on certificate
failure; 'strictssl'.
Hopefully this, or a derivative, can make it into the surf trunk.
So now finally the horrible hierarchical 'trust' model of HTTPS is
available to surf users. At some point in the future I plan to add a
monkeysphere[1] patch to surf, which seems much nicer.
Nick
[1] https://web.monkeysphere.info
P.S. The patch is against the latest tip, 7a931a352cf9
Received on Thu Feb 17 2011 - 01:11:56 CET
This archive was generated by hypermail 2.2.0 : Thu Feb 17 2011 - 01:12:02 CET