[elinks-users] SSL/TLS
cga2000
cga2000 at optonline.net
Thu Jul 12 05:52:01 MDT 2007
On Thu, Jul 12, 2007 at 04:02:19AM EDT, Kalle Olavi Niemitalo wrote:
> cga2000 <cga2000 at optonline.net> writes:
>
> > When try to access an https:// site, a popup informs me that I am
> > running a version of ELinks that does not support SSL/TLS.
> >
> > I am at version 0.11.1, which I compiled from source.
>
> ELinks 0.11.1 supports SSL and TLS if its configure script finds
> the appropriate library and header files: either OpenSSL, or
> GNUTLS 1.2.0 or later. The script recognizes --with-gnutls and
> --with-openssl options for explicitly choosing one of these. It
> seems likely that you did not have the header files installed when
> you configured ELinks. Debian builds ELinks 0.11.1 with GNUTLS
> and it appears to work mostly OK (apart from bugs 277 and 712).
>
> There is though the contrib/wipe-out-ssl script, which attempts
> to remove all SSL-related code from the source tree. I guess
> this is intended to make ELinks legal for countries that forbid
> encryption hooks. The script also adds "-no-ssl" to version
> number. We don't seem to distribute such crippled versions from
> elinks.cz.
>
> > I searched for solutions and there appears to be a patch to work around
> > this problem.
>
> I don't know which patch you are referring to.
>
> > Should I take the patching path or upgrade to something more current?
>
> Well there have been bugs fixed in ELinks 0.11.3 (and more in
> 0.11.3.GIT), so upgrading is advisable, but I don't think they
> are what causes your build to reject SSL entirely. Please just
> check that you have installed the right header files (especially
> <gnutls/gnutls.h> or <openssl/ssl.h>) and try configuring and
> building ELinks again. With --enable-gnutls, I get:
>
> checking for OpenSSL... not used
> checking for libgnutls-config... /usr/bin/libgnutls-config
> checking for GNU TLS OpenSSL compatibility support... yes
> checking gnutls/openssl.h usability... yes
> checking gnutls/openssl.h presence... yes
> checking for gnutls/openssl.h... yes
> checking for MD5_Init in -lgnutls-openssl... yes
> checking for GNU TLS (1.2 or later)... yes
>
> If the checks fail, config.log usually reveals the reason.
Excellent.
Will look for those headers and rebuild over the weekend.
Thanks,
cga
More information about the elinks-users
mailing list