storm/w3m
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add auto-detection of ssl_ca_file by configure

Browse Source 
cf. gnutls-trustfiles in Emacs 27.1
<https://git.savannah.gnu.org/cgit/emacs.git/tree/lisp/net/gnutls.el?h=emacs-27.1#n106>
This commit is contained in:
Tatsuya Kinoshita
2021-02-13 19:36:38 +09:00
parent d88f3ba0c9
commit c7040ae3ad
6 changed files with 59 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
acinclude.m4
View File

@@ -510,6 +510,26 @@ if test x"$with_ssl" != xno; then
AC_MSG_RESULT($enable_sslverify) AC_MSG_RESULT($enable_sslverify)
fi fi
fi fi
AC_SUBST(DEF_CAFILE)
w3m_cafile=""
if test x"$enable_sslverify" = xyes; then
AC_MSG_CHECKING(for CA bundle location)
AC_ARG_WITH(cafile,
[ --with-cafile=CAFILE CA file to verify SSL certificate],
[w3m_cafile="$with_cafile"],[
for f in /etc/ssl/certs/ca-certificates.crt \
/etc/pki/tls/certs/ca-bundle.crt \
/etc/ssl/ca-bundle.pem \
/usr/ssl/certs/ca-bundle.crt \
/usr/local/share/certs/ca-root-nss.crt \
/etc/ssl/cert.pem \
/etc/certs/ca-certificates.crt; do
if test -f "$f" -a -r "$f"; then w3m_cafile="$f"; break; fi
done
])
AC_MSG_RESULT($w3m_cafile)
fi
AC_DEFINE_UNQUOTED(DEF_CAFILE, "$w3m_cafile")
AC_SUBST(USE_DIGEST_AUTH) AC_SUBST(USE_DIGEST_AUTH)
AC_MSG_CHECKING(if digest auth is enabled) AC_MSG_CHECKING(if digest auth is enabled)
AC_ARG_ENABLE(digest_auth, AC_ARG_ENABLE(digest_auth,

3
config.h.dist
View File

@@ -128,7 +128,8 @@ INSTALL_W3MIMGDISPLAY=$(INSTALL_PROGRAM)
#define USE_COOKIE #define USE_COOKIE
#define USE_DIGEST_AUTH #define USE_DIGEST_AUTH
#define USE_SSL #define USE_SSL
#undef USE_SSL_VERIFY #define USE_SSL_VERIFY
#define DEF_CAFILE "/etc/ssl/certs/ca-certificates.crt"
#undef USE_NNTP #undef USE_NNTP
#undef USE_GOPHER #undef USE_GOPHER
#define USE_EXTERNAL_URI_LOADER #define USE_EXTERNAL_URI_LOADER

1
config.h.in
View File

@@ -61,6 +61,7 @@
#undef USE_DIGEST_AUTH #undef USE_DIGEST_AUTH
#undef USE_SSL #undef USE_SSL
#undef USE_SSL_VERIFY #undef USE_SSL_VERIFY
#define DEF_CAFILE "@DEF_CAFILE@"
#undef USE_HELP_CGI #undef USE_HELP_CGI
#undef USE_EXTERNAL_URI_LOADER #undef USE_EXTERNAL_URI_LOADER
#undef USE_W3MMAILER #undef USE_W3MMAILER

33
configure vendored
View File

@@ -634,6 +634,7 @@ AUXBIN_TARGETS
USE_SYSMOUSE USE_SYSMOUSE
USE_W3M USE_W3M
USE_DIGEST_AUTH USE_DIGEST_AUTH
DEF_CAFILE
SSL_LIBS SSL_LIBS
SSL_CFLAGS SSL_CFLAGS
PKG_CONFIG_LIBDIR PKG_CONFIG_LIBDIR
@@ -836,6 +837,7 @@ with_browser
enable_ipv6 enable_ipv6
with_ssl with_ssl
enable_sslverify enable_sslverify
with_cafile
enable_digest_auth enable_digest_auth
with_termlib with_termlib
with_gc with_gc
@@ -1534,6 +1536,7 @@ Optional Packages:
--with-mailer=MAILER default mailer (/usr/bin/mail) --with-mailer=MAILER default mailer (/usr/bin/mail)
--with-browser=BROWSER default browser (/usr/bin/firefox) --with-browser=BROWSER default browser (/usr/bin/firefox)
--with-ssl=PREFIX support https protocol --with-ssl=PREFIX support https protocol
--with-cafile=CAFILE CA file to verify SSL certificate
--with-termlib=LIBS terminal library --with-termlib=LIBS terminal library
LIBS is space separated list of: LIBS is space separated list of:
terminfo mytinfo termcap tinfo ncurses curses terminfo mytinfo termcap tinfo ncurses curses
@@ -8558,6 +8561,36 @@ $as_echo "$enable_sslverify" >&6; }
fi fi
fi fi
w3m_cafile=""
if test x"$enable_sslverify" = xyes; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for CA bundle location" >&5
$as_echo_n "checking for CA bundle location... " >&6; }
# Check whether --with-cafile was given.
if test "${with_cafile+set}" = set; then :
withval=$with_cafile; w3m_cafile="$with_cafile"
else
for f in /etc/ssl/certs/ca-certificates.crt \
/etc/pki/tls/certs/ca-bundle.crt \
/etc/ssl/ca-bundle.pem \
/usr/ssl/certs/ca-bundle.crt \
/usr/local/share/certs/ca-root-nss.crt \
/etc/ssl/cert.pem \
/etc/certs/ca-certificates.crt; do
if test -f "$f" -a -r "$f"; then w3m_cafile="$f"; break; fi
done
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $w3m_cafile" >&5
$as_echo "$w3m_cafile" >&6; }
fi
cat >>confdefs.h <<_ACEOF
#define DEF_CAFILE "$w3m_cafile"
_ACEOF
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if digest auth is enabled" >&5 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if digest auth is enabled" >&5
$as_echo_n "checking if digest auth is enabled... " >&6; } $as_echo_n "checking if digest auth is enabled... " >&6; }
# Check whether --enable-digest_auth was given. # Check whether --enable-digest_auth was given.

3
doc-jp/README.SSL
View File

@@ -43,7 +43,8 @@ SSL サポートについて
SSLの認証局のPEM形式証明書群のあるディレクトリへのパス SSLの認証局のPEM形式証明書群のあるディレクトリへのパス
(デフォルトは<NULL>). (デフォルトは<NULL>).
ssl_ca_file ファイル名 ssl_ca_file ファイル名
SSLの認証局のPEM形式証明書群のファイル(デフォルトは<NULL>). SSLの認証局のPEM形式証明書群のファイル(デフォルトはconfigureで
自動設定).
ただし「SSLEAY_VERSION_NUMBER >= 0x0800」な環境でないと無駄なコードが増 ただし「SSLEAY_VERSION_NUMBER >= 0x0800」な環境でないと無駄なコードが増
えるだけなので, configure時にdisableしておいたほうがよいでしょう. えるだけなので, configure時にdisableしておいたほうがよいでしょう.

2
fm.h
View File

@@ -1185,7 +1185,7 @@ global int ssl_verify_server init(TRUE);
global char *ssl_cert_file init(NULL); global char *ssl_cert_file init(NULL);
global char *ssl_key_file init(NULL); global char *ssl_key_file init(NULL);
global char *ssl_ca_path init(NULL); global char *ssl_ca_path init(NULL);
global char *ssl_ca_file init(NULL); global char *ssl_ca_file init(DEF_CAFILE);
global int ssl_path_modified init(FALSE); global int ssl_path_modified init(FALSE);
#endif /* defined(USE_SSL) && #endif /* defined(USE_SSL) &&
* defined(USE_SSL_VERIFY) */ * defined(USE_SSL_VERIFY) */