File w3m-ssl-verify.patch of Package w3m.openSUSE_Leap_42.1_Update

verify SSL certificates by default. SSL support really is pointless without doing that.
Also disable use of SSLv2 by default as it's insecure, deprecated, dead since last century.
Index: fm.h
--- fm.h.orig
+++ fm.h
@@ -1136,7 +1136,7 @@ global int view_unseenobject init(TRUE);
 #if defined(USE_SSL) && defined(USE_SSL_VERIFY)
-global int ssl_verify_server init(FALSE);
+global int ssl_verify_server init(TRUE);
 global char *ssl_cert_file init(NULL);
 global char *ssl_key_file init(NULL);
 global char *ssl_ca_path init(NULL);
@@ -1145,7 +1145,7 @@ global int ssl_path_modified init(FALSE)
 #endif				/* defined(USE_SSL) &&
 				 * defined(USE_SSL_VERIFY) */
 #ifdef USE_SSL
-global char *ssl_forbid_method init(NULL);
+global char *ssl_forbid_method init("2");
 global int is_redisplay init(FALSE);
openSUSE Build Service is sponsored by