[liblwp-protocol-https-perl] 02/03: Add 746579-fix-peer-certificate-verification.patch patch

Salvatore Bonaccorso carnil at debian.org
Sun May 4 05:17:13 UTC 2014 

This is an automated email from the git hooks/post-receive script.

carnil pushed a commit to branch master
in repository liblwp-protocol-https-perl.

commit 52883a3bed1d53924ed86d4551efb1e1510a1594
Author: Salvatore Bonaccorso <carnil at debian.org>
Date:   Sun May 4 07:15:10 2014 +0200

    Add 746579-fix-peer-certificate-verification.patch patch
    
    Fixes "HTTPS_CA_DIR or HTTPS_CA_FILE disables peer certificate
    verification for IO::Socket::SSL". When the intention was to only
    disable hostname verification LWP::Protocol::HTTPS disabled also the
    peer certificate verification completely.
    
    Thanks: Jakub Wilk and Steffen Ullrich
    
    Closes: #746579
---
 .../746579-fix-peer-certificate-verification.patch  | 21 +++++++++++++++++++++
 debian/patches/series                               |  1 +
 2 files changed, 22 insertions(+)

diff --git a/debian/patches/746579-fix-peer-certificate-verification.patch b/debian/patches/746579-fix-peer-certificate-verification.patch
new file mode 100644
index 0000000..6545b2b
--- /dev/null
+++ b/debian/patches/746579-fix-peer-certificate-verification.patch
@@ -0,0 +1,21 @@
+Description: Fix peer certificate verification
+ LWP::Protocol::HTTPS disabled peer certificate verification in case
+ only hostname verification was disabled.
+Origin: vendor
+Bug: https://github.com/libwww-perl/lwp-protocol-https/pull/14
+Bug-Debian: https://bugs.debian.org/746579
+Forwarded: not-needed
+Author: Steffen Ullrich <coyote.frank at gmx.net>
+Last-Update: 2014-05-04
+
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -21,7 +21,7 @@
+ 	$ssl_opts{SSL_verifycn_scheme} = 'www';
+     }
+     else {
+-	$ssl_opts{SSL_verify_mode} = 0;
++    $ssl_opts{SSL_verifycn_scheme} = 'none';
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+ 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
diff --git a/debian/patches/series b/debian/patches/series
index a062ed3..b5cc576 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
 fix-https-proxy
 cert.patch
+746579-fix-peer-certificate-verification.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/liblwp-protocol-https-perl.git

More information about the Pkg-perl-cvs-commits mailing list