From ee57ca105651fb09f5912058e4e98be76ecb4eed Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Tue, 8 May 2012 15:42:14 +0200 Subject: [PATCH] force-ssl-cert-verification added, set ssl-strict to TRUE so connections are not done if the ssl certificate can't be trusted. --- debian/changelog | 2 ++ .../patches/force-ssl-cert-verification.patch | 22 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 25 insertions(+) create mode 100644 debian/patches/force-ssl-cert-verification.patch diff --git a/debian/changelog b/debian/changelog index 8e1ce44f..e49781ec 100644 --- a/debian/changelog +++ b/debian/changelog @@ -10,6 +10,8 @@ midori (0.4.5-1) UNRELEASED; urgency=low closes: #660303 * debian/patches: - fix-libsoup detection added. + - force-ssl-cert-verification added, set ssl-strict to TRUE so connections + are not done if the ssl certificate can't be trusted. -- Yves-Alexis Perez Sat, 14 Apr 2012 14:47:59 +0200 diff --git a/debian/patches/force-ssl-cert-verification.patch b/debian/patches/force-ssl-cert-verification.patch new file mode 100644 index 00000000..7f668242 --- /dev/null +++ b/debian/patches/force-ssl-cert-verification.patch @@ -0,0 +1,22 @@ +diff --git a/midori/main.c b/midori/main.c +index 2ec5599..af3cc71 100644 +--- a/midori/main.c ++++ b/midori/main.c +@@ -1019,7 +1019,7 @@ midori_load_soup_session (gpointer settings) + #if defined (HAVE_LIBSOUP_2_37_1) + g_object_set (session, + "ssl-use-system-ca-file", TRUE, +- "ssl-strict", FALSE, ++ "ssl-strict", TRUE, + NULL); + #elif defined (HAVE_LIBSOUP_2_29_91) + const gchar* certificate_files[] = +@@ -1038,7 +1038,7 @@ midori_load_soup_session (gpointer settings) + { + g_object_set (session, + "ssl-ca-file", certificate_files[i], +- "ssl-strict", FALSE, ++ "ssl-strict", TRUE, + NULL); + break; + } diff --git a/debian/patches/series b/debian/patches/series index 6b5507a5..1a1ae4a8 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,3 @@ add-debian-searches fix-libsoup-detect.patch +force-ssl-cert-verification.patch