|
Packit |
f574b8 |
SSL support for Lynx 2.8.5pre.1
|
|
Packit |
f574b8 |
-- adapted from http://www.mentovai.com/lynx/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Lynx, in its unmodified form, will not allow you to make secure socket layer
|
|
Packit |
f574b8 |
(SSL) connections. SSL is used for the secure transfer of information over the
|
|
Packit |
f574b8 |
Internet. Many sites are now requiring SSL to ensure security for themselves
|
|
Packit |
f574b8 |
and their users. With a version of Lynx modified to support SSL, Lynx users
|
|
Packit |
f574b8 |
can now visit these sites with ease as well.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
The SSL configure option (--with-ssl) for Lynx provides the ability to make use
|
|
Packit |
f574b8 |
of SSL over HTTP for secure access to web sites (HTTPS) and over NNTP for
|
|
Packit |
f574b8 |
secure access to news servers (SNEWS). SSL is handled transparently, allowing
|
|
Packit |
f574b8 |
users to continue accessing web sites and news services from within Lynx
|
|
Packit |
f574b8 |
through the same interface for both secure and standard transfers.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
This is based on, and requires, the OpenSSL library. OpenSSL's distribution
|
|
Packit |
f574b8 |
and use may be restricted by licenses and laws. For information on obtaining
|
|
Packit |
f574b8 |
OpenSSL, as well as information on its distribution, see
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
http://www.openssl.org/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
The main distribution site is at
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
ftp://ftp.openssl.org/source/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Lynx also has experimental support for GnuTLS (configure option --with-gnutls).
|
|
Packit |
f574b8 |
For information on GnuTLS, see
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
http://www.gnu.org/software/gnutls/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
To test your version of Lynx for SSL support, try it out with an SSL site.
|
|
Packit |
f574b8 |
Below are secure (https) pages which will load if your browser contains SSL
|
|
Packit |
f574b8 |
support and you accept their certificates; they give you some information about
|
|
Packit |
f574b8 |
the connection.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
https://www.gnutls.org:5555/
|
|
Packit |
f574b8 |
https://www2.ggn.net/cgi-bin/ssl
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Lynx will complain about the certificate, since the certificate presented is
|
|
Packit |
f574b8 |
untrusted. You may accept this certificate to test your configuration, since
|
|
Packit |
f574b8 |
it is a test, but it is a bad idea to blindly accept certificates from unknown
|
|
Packit |
f574b8 |
websites if you are transmitting form data or files.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
You should review the document README.sslcerts for a detailed discussion of
|
|
Packit |
f574b8 |
correct certificate handling possibilities and procedures in lynx.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Users are reminded to check the laws and regulations about encryption software
|
|
Packit |
f574b8 |
in their own countries.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Here is the URL for US notification rules:
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
http://www.bxa.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Note that that isn't a typo; it really is "Nofify". The site contains
|
|
Packit |
f574b8 |
links to the full EAR regulations.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Lynx is GPL'd, for our own use it falls under the regulations in EAR section
|
|
Packit |
f574b8 |
740.13(e)(1):
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
(1) Encryption source code controlled under 5D002, which would be
|
|
Packit |
f574b8 |
considered publicly available under section 734.3(b)(3) and
|
|
Packit |
f574b8 |
which is not subject an express agreement for the payment a
|
|
Packit |
f574b8 |
licensing fee or royalty for commercial production or sale of
|
|
Packit |
f574b8 |
any product developed with the source code, is released from
|
|
Packit |
f574b8 |
EI controls and may be exported or reexported without review
|
|
Packit |
f574b8 |
under License Exception TSU, provided you have submitted
|
|
Packit |
f574b8 |
written notification to BXA of the Internet location (e.g.,
|
|
Packit |
f574b8 |
URL or Internet address) or a copy of source code by the time
|
|
Packit |
f574b8 |
of export.
|