[elinks-users] SSL/TLS

cga2000 cga2000 at optonline.net
Thu Jul 12 04:52:01 PDT 2007


On Thu, Jul 12, 2007 at 04:02:19AM EDT, Kalle Olavi Niemitalo wrote:
> cga2000 <cga2000 at optonline.net> writes:
> 
> > When try to access an https:// site, a popup informs me that I am
> > running a version of ELinks that does not support SSL/TLS. 
> >
> > I am at version 0.11.1, which I compiled from source.
> 
> ELinks 0.11.1 supports SSL and TLS if its configure script finds
> the appropriate library and header files: either OpenSSL, or
> GNUTLS 1.2.0 or later.  The script recognizes --with-gnutls and
> --with-openssl options for explicitly choosing one of these.  It
> seems likely that you did not have the header files installed when
> you configured ELinks.  Debian builds ELinks 0.11.1 with GNUTLS
> and it appears to work mostly OK (apart from bugs 277 and 712).
> 
> There is though the contrib/wipe-out-ssl script, which attempts
> to remove all SSL-related code from the source tree.  I guess
> this is intended to make ELinks legal for countries that forbid
> encryption hooks.  The script also adds "-no-ssl" to version
> number.  We don't seem to distribute such crippled versions from
> elinks.cz.
> 
> > I searched for solutions and there appears to be a patch to work around
> > this problem.
> 
> I don't know which patch you are referring to.
> 
> > Should I take the patching path or upgrade to something more current?
> 
> Well there have been bugs fixed in ELinks 0.11.3 (and more in
> 0.11.3.GIT), so upgrading is advisable, but I don't think they
> are what causes your build to reject SSL entirely.  Please just
> check that you have installed the right header files (especially
> <gnutls/gnutls.h> or <openssl/ssl.h>) and try configuring and
> building ELinks again.  With --enable-gnutls, I get:
> 
> checking for OpenSSL... not used
> checking for libgnutls-config... /usr/bin/libgnutls-config
> checking for GNU TLS OpenSSL compatibility support... yes
> checking gnutls/openssl.h usability... yes
> checking gnutls/openssl.h presence... yes
> checking for gnutls/openssl.h... yes
> checking for MD5_Init in -lgnutls-openssl... yes
> checking for GNU TLS (1.2 or later)... yes
> 
> If the checks fail, config.log usually reveals the reason.

Excellent.  

Will look for those headers and rebuild over the weekend.

Thanks,
cga



More information about the elinks-users mailing list