On Sun, Mar 20, 2016 at 04:15:02AM -0400, Leo Famulari wrote: > On Sat, Mar 19, 2016 at 06:29:12PM +0100, Tobias Geerinckx-Rice wrote: > > Leo, > > > > On 04/03/2016, Leo Famulari <l...@famulari.name> wrote: > > > On Fri, Mar 04, 2016 at 03:37:46AM +0100, tobias.geerinckx.r...@gmail.com > > > wrote: > > >> From: Tobias Geerinckx-Rice <tobias.geerinckx.r...@gmail.com> > > >> > > >> * gnu/packages/lynx.scm (lynx)[inputs]: Add 'openssl'. > > >> [arguments]: Convert to list; add configure flag for SSL support. > > > > Scratch that. > > > > I assumed that since ‘--with-gnutls’ was already present (and detected > > by ./configure, and listed by ldd...), GnuTLS just wasn't enough to > > provide the full HTTPS experience and OpenSSL was required. I was > > wrong. > > > > > Also, what is role of gnutls once this patch is applied? Does lynx need > > > to refer to both gnutls and openssl? > > > > The actual solution is a bit silly. All that is actually needed to get > > `lynx https://google.com’ working again is: > > With this change, I can access google over https, but not the handful of > other sites I tried. Are you able to access any other sites with https?
Ping! > > > > > --- > > diff --git a/gnu/packages/lynx.scm b/gnu/packages/lynx.scm > > index 3182b3e..080fbb3 100644 > > --- a/gnu/packages/lynx.scm > > +++ b/gnu/packages/lynx.scm > > @@ -57,7 +57,7 @@ > > "--with-screen=ncurses" > > "--with-zlib" > > "--with-bzlib" > > - "--with-gnutls" > > + "--with-gnutls=" > > ;; "--with-socks5" ; XXX TODO > > "--enable-widec" > > "--enable-ascii-ctypes" > > --- > > > > Yep. > > > > Is this unusual? Can't say I feel much enthusiasm to read/debug > > autoconf macros... > > > > > Can you say if you learned anything else... "interesting" about lynx and > > > https support? > > > > > > For example, a couple months ago I was reading our bug reports and saw > > > an old one about https support in w3m (another console browser). I dug a > > > little deeper and realized that https support was completely broken by > > > default. You can see the result in commit 62339e2d493bf87. > > > > > > So, do you know if lynx is still supporting broken ciphers and > > > protocols, or if there are other problems of that nature? > > > > My main motivation was to have access to HTTPS sites while working on > > my X-less GuixSD box, which works with the patch above. However: > > > > ~$ lynx https://www.ssllabs.com/ssltest/viewMyClient.html > > Looking up www.ssllabs.com > > Making HTTPS connection to www.ssllabs.com > > Retrying connection without TLS. > > Looking up www.ssllabs.com > > Making HTTPS connection to www.ssllabs.com > > Alert!: Unable to make secure connection to remote host. > > > > Not sure I want to dive into this mess. > > > > Kind regards, > > > > T G-R >
