Hi, On Fri, Aug 06, 2021 at 05:14:32PM +0000, Thorsten Glaser wrote: > this affects both OpenSSL and Debian’s nonGNUtls builds: > > lynx https://user:pass@host/ > > … will lead to… […] > SSL error:host(user:pass@host)!=cert(CN<mainhost>)-Continue? (n) > > … for nonGNUtls lynx.
Indeed. https://user@host/ as well, btw. > Obviously, user:pass@ need to be stripped before comparing. I would be happy if there'd be a separate patch for this so we can potentially backport this to already released versions of Lynx. I was able to reproduce this issue in Lynx in all currently (in some way) supported releases of Debian back to Debian 8 Jessie with ELTS support which has Lynx 2.8.9dev1. Kind regards, Axel -- PGP: 2FF9CD59612616B5 /~\ Plain Text Ribbon Campaign, http://arc.pasp.de/ Mail: a...@deuxchevaux.org \ / Say No to HTML in E-Mail and Usenet Mail+Jabber: a...@noone.org X https://axel.beckert.ch/ / \ I love long mails: https://email.is-not-s.ms/ _______________________________________________ Lynx-dev mailing list Lynx-dev@nongnu.org https://lists.nongnu.org/mailman/listinfo/lynx-dev
