r72351 - in /trunk/liblwp-protocol-https-perl/debian: changelog control liblwp-protocol-https-perl.docs patches/cert.patch

periapt-guest at users.alioth.debian.org periapt-guest at users.alioth.debian.org
Fri Apr 8 11:44:22 UTC 2011 

Author: periapt-guest
Date: Fri Apr  8 11:44:13 2011
New Revision: 72351

URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=72351
Log:
WAITS-FOR: libwww-perl (>= 6.03-1)

Added:
    trunk/liblwp-protocol-https-perl/debian/patches/cert.patch
Removed:
    trunk/liblwp-protocol-https-perl/debian/liblwp-protocol-https-perl.docs
Modified:
    trunk/liblwp-protocol-https-perl/debian/changelog
    trunk/liblwp-protocol-https-perl/debian/control

Modified: trunk/liblwp-protocol-https-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/liblwp-protocol-https-perl/debian/changelog?rev=72351&op=diff
==============================================================================
--- trunk/liblwp-protocol-https-perl/debian/changelog (original)
+++ trunk/liblwp-protocol-https-perl/debian/changelog Fri Apr  8 11:44:13 2011
@@ -1,12 +1,6 @@
 liblwp-protocol-https-perl (6.02-1) UNRELEASED; urgency=low
 
-  TODO:
-  - easy:
-    + remove Mozilla::CA from description
-    + rm debian/*.docs
-  - hard:
-    + make sure we don't mess up the future of this package and lwp
-      (timing of uploads, circular dependency, or one package for both)
+  WAITS-FOR: libwww-perl (>= 6.03-1)
 
   * Initial Release (Closes: #620180).
 

Modified: trunk/liblwp-protocol-https-perl/debian/control
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/liblwp-protocol-https-perl/debian/control?rev=72351&op=diff
==============================================================================
--- trunk/liblwp-protocol-https-perl/debian/control (original)
+++ trunk/liblwp-protocol-https-perl/debian/control Fri Apr  8 11:44:13 2011
@@ -2,8 +2,8 @@
 Section: perl
 Priority: optional
 Build-Depends: debhelper (>= 7)
-Build-Depends-Indep: perl, libwww-perl (>= 5.837), 
- libwww-perl (<< 6) | libnet-http-perl, libio-socket-ssl-perl
+Build-Depends-Indep: perl, libwww-perl (>= 6), libnet-http-perl,
+ libio-socket-ssl-perl
 Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
 Uploaders: Nicholas Bamber <nicholas at periapt.co.uk>
 Standards-Version: 3.9.1
@@ -26,9 +26,7 @@
  .
  If hostname verification is requested by LWP::UserAgent's ssl_opts, and
  neither SSL_ca_file nor SSL_ca_path is set, then SSL_ca_file is implied to be
- the one provided by Mozilla::CA. If the Mozilla::CA module isn't available
- SSL requests will fail. Either install this module, set up an alternative
- SSL_ca_file or disable hostname verification.
+ the one provided by ca-certificates.
  .
  This module used to be bundled with the libwww-perl, but it was unbundled in
  v6.02 in order to be able to declare its dependencies properly for the CPAN

Added: trunk/liblwp-protocol-https-perl/debian/patches/cert.patch
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/liblwp-protocol-https-perl/debian/patches/cert.patch?rev=72351&op=file
==============================================================================
--- trunk/liblwp-protocol-https-perl/debian/patches/cert.patch (added)
+++ trunk/liblwp-protocol-https-perl/debian/patches/cert.patch Fri Apr  8 11:44:13 2011
@@ -1,0 +1,50 @@
+Author: Nicholas Bamber <nicholas at periapt.co.uk>
+Forwarded: not-needed
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619059
+Last-Update: 2011-04-01
+Subject: use ca-certifictes rather than Mozilla::CA
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -21,25 +21,7 @@
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+ 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
+-	    eval {
+-		require Mozilla::CA;
+-	    };
+-	    if ($@) {
+-		if ($@ =! /^Can't locate Mozilla\/CA\.pm/) {
+-		    $@ = <<'EOT';
+-Can't verify SSL peers without knowning which Certificate Authorities to trust
+-
+-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
+-envirionment variable or by installing the Mozilla::CA module.
+-
+-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
+-envirionment variable to 0.  If you do this you can't be sure that you
+-communicate with the expected peer.
+-EOT
+-		}
+-		die $@;
+-	    }
+-	    $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
++	    $ssl_opts{SSL_ca_file} = '/etc/ssl/certs/ca-certificates.crt';
+ 	}
+     }
+     $self->{ssl_opts} = \%ssl_opts;
+--- a/lib/LWP/UserAgent.pm
++++ b/lib/LWP/UserAgent.pm
+@@ -1386,10 +1386,9 @@
+ in use.  See L<IO::Socket::SSL> or L<Net::SSL> for details.
+ 
+ If hostname verification is requested, and neither C<SSL_ca_file> nor
+-C<SSL_ca_path> is set, then C<SSL_ca_file> is implied to be the one
+-provided by L<Mozilla::CA>.  If the Mozilla::CA module isn't available
+-SSL requests will fail.  Either install this module, set up an alternative
+-SSL_ca_file or disable hostname verification.
++C<SSL_ca_path> is set, then in Debian C<SSL_ca_file> is implied to be the one
++provided by the C<ca-certificates> package. The upstream code used the
++L<Mozilla::CA> module which will not be packaged for Debian.
+ 
+ =back
+

More information about the Pkg-perl-cvs-commits mailing list