r72351 - in /trunk/liblwp-protocol-https-perl/debian: changelog control liblwp-protocol-https-perl.docs patches/cert.patch
periapt-guest at users.alioth.debian.org
periapt-guest at users.alioth.debian.org
Fri Apr 8 11:44:22 UTC 2011
Author: periapt-guest
Date: Fri Apr 8 11:44:13 2011
New Revision: 72351
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=72351
Log:
WAITS-FOR: libwww-perl (>= 6.03-1)
Added:
trunk/liblwp-protocol-https-perl/debian/patches/cert.patch
Removed:
trunk/liblwp-protocol-https-perl/debian/liblwp-protocol-https-perl.docs
Modified:
trunk/liblwp-protocol-https-perl/debian/changelog
trunk/liblwp-protocol-https-perl/debian/control
Modified: trunk/liblwp-protocol-https-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/liblwp-protocol-https-perl/debian/changelog?rev=72351&op=diff
==============================================================================
--- trunk/liblwp-protocol-https-perl/debian/changelog (original)
+++ trunk/liblwp-protocol-https-perl/debian/changelog Fri Apr 8 11:44:13 2011
@@ -1,12 +1,6 @@
liblwp-protocol-https-perl (6.02-1) UNRELEASED; urgency=low
- TODO:
- - easy:
- + remove Mozilla::CA from description
- + rm debian/*.docs
- - hard:
- + make sure we don't mess up the future of this package and lwp
- (timing of uploads, circular dependency, or one package for both)
+ WAITS-FOR: libwww-perl (>= 6.03-1)
* Initial Release (Closes: #620180).
Modified: trunk/liblwp-protocol-https-perl/debian/control
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/liblwp-protocol-https-perl/debian/control?rev=72351&op=diff
==============================================================================
--- trunk/liblwp-protocol-https-perl/debian/control (original)
+++ trunk/liblwp-protocol-https-perl/debian/control Fri Apr 8 11:44:13 2011
@@ -2,8 +2,8 @@
Section: perl
Priority: optional
Build-Depends: debhelper (>= 7)
-Build-Depends-Indep: perl, libwww-perl (>= 5.837),
- libwww-perl (<< 6) | libnet-http-perl, libio-socket-ssl-perl
+Build-Depends-Indep: perl, libwww-perl (>= 6), libnet-http-perl,
+ libio-socket-ssl-perl
Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
Uploaders: Nicholas Bamber <nicholas at periapt.co.uk>
Standards-Version: 3.9.1
@@ -26,9 +26,7 @@
.
If hostname verification is requested by LWP::UserAgent's ssl_opts, and
neither SSL_ca_file nor SSL_ca_path is set, then SSL_ca_file is implied to be
- the one provided by Mozilla::CA. If the Mozilla::CA module isn't available
- SSL requests will fail. Either install this module, set up an alternative
- SSL_ca_file or disable hostname verification.
+ the one provided by ca-certificates.
.
This module used to be bundled with the libwww-perl, but it was unbundled in
v6.02 in order to be able to declare its dependencies properly for the CPAN
Added: trunk/liblwp-protocol-https-perl/debian/patches/cert.patch
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/liblwp-protocol-https-perl/debian/patches/cert.patch?rev=72351&op=file
==============================================================================
--- trunk/liblwp-protocol-https-perl/debian/patches/cert.patch (added)
+++ trunk/liblwp-protocol-https-perl/debian/patches/cert.patch Fri Apr 8 11:44:13 2011
@@ -1,0 +1,50 @@
+Author: Nicholas Bamber <nicholas at periapt.co.uk>
+Forwarded: not-needed
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619059
+Last-Update: 2011-04-01
+Subject: use ca-certifictes rather than Mozilla::CA
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -21,25 +21,7 @@
+ }
+ if ($ssl_opts{SSL_verify_mode}) {
+ unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
+- eval {
+- require Mozilla::CA;
+- };
+- if ($@) {
+- if ($@ =! /^Can't locate Mozilla\/CA\.pm/) {
+- $@ = <<'EOT';
+-Can't verify SSL peers without knowning which Certificate Authorities to trust
+-
+-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
+-envirionment variable or by installing the Mozilla::CA module.
+-
+-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
+-envirionment variable to 0. If you do this you can't be sure that you
+-communicate with the expected peer.
+-EOT
+- }
+- die $@;
+- }
+- $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
++ $ssl_opts{SSL_ca_file} = '/etc/ssl/certs/ca-certificates.crt';
+ }
+ }
+ $self->{ssl_opts} = \%ssl_opts;
+--- a/lib/LWP/UserAgent.pm
++++ b/lib/LWP/UserAgent.pm
+@@ -1386,10 +1386,9 @@
+ in use. See L<IO::Socket::SSL> or L<Net::SSL> for details.
+
+ If hostname verification is requested, and neither C<SSL_ca_file> nor
+-C<SSL_ca_path> is set, then C<SSL_ca_file> is implied to be the one
+-provided by L<Mozilla::CA>. If the Mozilla::CA module isn't available
+-SSL requests will fail. Either install this module, set up an alternative
+-SSL_ca_file or disable hostname verification.
++C<SSL_ca_path> is set, then in Debian C<SSL_ca_file> is implied to be the one
++provided by the C<ca-certificates> package. The upstream code used the
++L<Mozilla::CA> module which will not be packaged for Debian.
+
+ =back
+
More information about the Pkg-perl-cvs-commits
mailing list