From 8f1edebbe572ac71c2b8dfeda0ff02e915b9f011 Mon Sep 17 00:00:00 2001 From: wiz Date: Sun, 9 Aug 2009 08:20:27 +0000 Subject: [PATCH] Update to 2.8.7: New features (some are compile-time options): * add session save/restore feature o bind ^X to toggle view of page showing session information o add binding for ^U to previous-document (outside of line-editing). o documented command-line options and configuration data for this feature. o document -child_relaxed option in Lynx users's guide. * add -passive-ftp option. * add -child_relaxed option. * add "read_timeout" to lynx.cfg, and -read_timeout option to command-line * add -show_cfg option. * add LYNX_HELPFILE environment variable to allow override of location of the help-file * add NO_PAUSE setting to lynx.cfg, .lynxrc and Options menu * implement a LONG_LIST equivalent for ftp, configurable as FTP_FORMAT * add XWINDOWS / NON_XWINDOWS environment-variable field to DOWNLOAD, etc., in lynx.cfg to specify whether a downloader (printer, etc) is enabled when the X display variable is set * configure script improvements o add --with-mime-libdir option to set MIME_LIBDIR in userdefs.h file o add --with-destdir configure option to set a default value for the DESTDIR variable in makefiles, and modified makefiles to ensure that setting DESTDIR in the top-level makefile propagates to lower levels o add --enable-local-docs option to link doc-directory from help-page o add --enable-ascii-ctypes option to enable EXP_ASCII_CTYPES Other enhancements: * improve SSL support: o improve X.509 certificate validation This is tested for OpenSSL, ifdef'd to not break gnutls. Changes: + peer certificate is cached, no need to call SSL_get_peer_certificate() twice + support foo.domain:port and [ip.add.re.ss] and [ip.add.re.ss]:port and [i:p:v:6:ad:dr:es:s] and [i:p:v:6:ad:dr:es:s]:port + add support for checking X.509v3 SubjectAltName extensions (of type DNS - tested - and IP - untested) when the X.509 commonName check fails. + when displaying a list of failed CNs, change format from foo:bar:baz to CN{foo}:CN{bar}:CN{baz}:SAN{DNS=foo}:SAN{IP=1.2.3.4} so that we know where what comes from (in "Your recent statusline messages") + if the peer certificate can *NOT* be verified, output a message to the log as well + fix a possible use of an uninitialised value ssl_all_cns + output certificate issuer to the logs as well (so that you can, before entering your online banking PIN, see if the certificate has been issued not only _to_ your bank but also _from_ a place you trust, in case /etc/ssl/certs/ contains a lot of Root CA certs) o add support for the X.509 extension subjectAltName using GNUTLS. o log SSL/TLS (HTTPS connection) X.509 certificate issuer information into the "recent statusline messages" (accessible via the backspace key) o add TNS SNI support for the OpenSSL configuration o modify CF_SSL configure macro to check for -ldl needed for recent OpenSSL versions o modify CF_SSL configure macro to build with MSYS for MinGW configuration o extend configure macros CF_SSL and CF_GNUTLS to check for pkg-config, using that for the default if the corresponding openssl or gnutls packages are installed. o add configure --with-nss-compat option, for building with NSS library's OpenSSL-compatible interface o add SSL_CERT_FILE to lynx.cfg o rewrite strcasecomp_asterisk() to support wildcards as in RFC 2818 o add --enable-gnutls-compat configure option and associated files to configure with GNU TLS without its gnutls-openssl library, whose newer versions are available only under a restrictive license. o fix src/tidy_tls.c X509_get_issuer_name to actually take the issuer DN of the present certificate and not hope that it is the same as taking the subject DN of the "next" certificate which may or may not exist. * improve HTML interpretation: o update Lynx's tables of HTML attributes to cover (except for events) the keywords from HTML 4.01 o use RFC-822 encoding for filenames passed via file-upload forms. o provide navigation to script-buttons, to make them more visible, showing their name o add "Bad HTML messages" to Options menu, letting the user disable the warning message, write the detailed messages to the LYNXMESSAGES: status buffer. o remove "Bad HTML" warning for buttons outside a form, since those can be inline, according to the HTML 4 DTD o correct check for default type of HTML BUTTON, which is "submit". The code treated this as "button". o implement "readonly" attribute for TEXTAREA and TEXT fields o accommodate (in)compatibility "feature" in HTML5 draft which replaces ISO-8859-1 with Windows-1252, as indicated here. o add support for HTML5 rel=author in link. o modify SGML_write() to check for UCS-2 BOMs, to provide support for UCS-2 pages. o modify SGML_write() to check for UTF-8 BOM, using that as a hint to set the default document charset to UTF-8. o parse xml processing-instruction to turn on UTF-8 decoding, as well as disable upper/lower case transforming in source view. o parse doctype for xhtml, to tell when empty tags such as "