[liblwp-protocol-https-perl] 02/03: Add 746579-fix-peer-certificate-verification.patch patch
Salvatore Bonaccorso
carnil at debian.org
Sun May 4 05:17:13 UTC 2014
This is an automated email from the git hooks/post-receive script.
carnil pushed a commit to branch master
in repository liblwp-protocol-https-perl.
commit 52883a3bed1d53924ed86d4551efb1e1510a1594
Author: Salvatore Bonaccorso <carnil at debian.org>
Date: Sun May 4 07:15:10 2014 +0200
Add 746579-fix-peer-certificate-verification.patch patch
Fixes "HTTPS_CA_DIR or HTTPS_CA_FILE disables peer certificate
verification for IO::Socket::SSL". When the intention was to only
disable hostname verification LWP::Protocol::HTTPS disabled also the
peer certificate verification completely.
Thanks: Jakub Wilk and Steffen Ullrich
Closes: #746579
---
.../746579-fix-peer-certificate-verification.patch | 21 +++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 22 insertions(+)
diff --git a/debian/patches/746579-fix-peer-certificate-verification.patch b/debian/patches/746579-fix-peer-certificate-verification.patch
new file mode 100644
index 0000000..6545b2b
--- /dev/null
+++ b/debian/patches/746579-fix-peer-certificate-verification.patch
@@ -0,0 +1,21 @@
+Description: Fix peer certificate verification
+ LWP::Protocol::HTTPS disabled peer certificate verification in case
+ only hostname verification was disabled.
+Origin: vendor
+Bug: https://github.com/libwww-perl/lwp-protocol-https/pull/14
+Bug-Debian: https://bugs.debian.org/746579
+Forwarded: not-needed
+Author: Steffen Ullrich <coyote.frank at gmx.net>
+Last-Update: 2014-05-04
+
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -21,7 +21,7 @@
+ $ssl_opts{SSL_verifycn_scheme} = 'www';
+ }
+ else {
+- $ssl_opts{SSL_verify_mode} = 0;
++ $ssl_opts{SSL_verifycn_scheme} = 'none';
+ }
+ if ($ssl_opts{SSL_verify_mode}) {
+ unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
diff --git a/debian/patches/series b/debian/patches/series
index a062ed3..b5cc576 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
fix-https-proxy
cert.patch
+746579-fix-peer-certificate-verification.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/liblwp-protocol-https-perl.git
More information about the Pkg-perl-cvs-commits
mailing list