Hello community, here is the log from the commit of package perl-libwww-perl for openSUSE:Factory checked in at Mon Apr 4 15:21:51 CEST 2011.
-------- --- perl-libwww-perl/perl-libwww-perl.changes 2011-03-28 16:06:10.000000000 +0200 +++ /mounts/work_src_done/STABLE/perl-libwww-perl/perl-libwww-perl.changes 2011-03-31 16:51:02.000000000 +0200 @@ -1,0 +2,21 @@ +Thu Mar 31 14:46:47 UTC 2011 - [email protected] + +- moved system CA patch to package perl-LWP-Protocol-https +- update to 6.02 +This is the release where we try to help the CPAN-toolchain be able to install +the modules required for https-support in LWP. We have done this by unbundling +the LWP::Protocol::https module from the libwww-perl distribution. In order to +have https support you now need to install (or depend on) 'LWP::Protocol::https' +and then this will make sure that all the prerequsite modules comes along. +See [RT#66838]. +This release also removes the old http10 modules that has really been +deprecated since v5.60. These should have been removed at the v6.00 jump, but +I forgot. +Christopher J. Madsen (1): + Ignores env variables when ssl_opts provided [RT#66663] +Gisle Aas (4): + Fix typo; Authen::NTLM [RT#66884] +Yury Zavarin (1): + Support LWP::ConnCache->new(total_capacity => undef) + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- libwww-perl-6.01-systemca.diff libwww-perl-6.01.tar.bz2 New: ---- libwww-perl-6.02.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-libwww-perl.spec ++++++ --- /var/tmp/diff_new_pack.X8aJJT/_old 2011-04-04 15:21:13.000000000 +0200 +++ /var/tmp/diff_new_pack.X8aJJT/_new 2011-04-04 15:21:13.000000000 +0200 @@ -20,8 +20,8 @@ Name: perl-libwww-perl %define cpan_name libwww-perl Summary: The World-Wide-Web library for Perl -Version: 6.01 -Release: 2 +Version: 6.02 +Release: 1 License: GPL+ or Artistic Group: Development/Libraries/Perl Url: http://search.cpan.org/dist/libwww-perl/ @@ -29,7 +29,6 @@ Source: %{cpan_name}-%{version}.tar.bz2 # PATCH-FIX-OPENSUSE -- disable one perl requires that would be created automatically and we're unable to provide Patch0: disable-ghttp.diff -Patch1: libwww-perl-6.01-systemca.diff BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl @@ -100,7 +99,6 @@ %prep %setup -q -n %{cpan_name}-%{version} %patch0 -p1 -%patch1 -p1 %build %{__perl} Makefile.PL INSTALLDIRS=vendor ++++++ libwww-perl-6.01.tar.bz2 -> libwww-perl-6.02.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/Changes new/libwww-perl-6.02/Changes --- old/libwww-perl-6.01/Changes 2011-03-10 00:27:22.000000000 +0100 +++ new/libwww-perl-6.02/Changes 2011-03-27 13:29:52.000000000 +0200 @@ -1,4 +1,30 @@ _______________________________________________________________________________ +2011-03-27 Release 6.02 + +This is the release where we try to help the CPAN-toolchain be able to install +the modules required for https-support in LWP. We have done this by unbundling +the LWP::Protocol::https module from the libwww-perl distribution. In order to +have https support you now need to install (or depend on) 'LWP::Protocol::https' +and then this will make sure that all the prerequsite modules comes along. +See [RT#66838]. + +This release also removes the old http10 modules that has really been +deprecated since v5.60. These should have been removed at the v6.00 jump, but +I forgot. + + +Christopher J. Madsen (1): + Ignores env variables when ssl_opts provided [RT#66663] + +Gisle Aas (4): + Fix typo; Authen::NTLM [RT#66884] + +Yury Zavarin (1): + Support LWP::ConnCache->new(total_capacity => undef) + + + +_______________________________________________________________________________ 2011-03-09 Release 6.01 Add missing HTTP::Daemon dependency for the tests. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/MANIFEST new/libwww-perl-6.02/MANIFEST --- old/libwww-perl-6.01/MANIFEST 2011-03-10 00:28:26.000000000 +0100 +++ new/libwww-perl-6.02/MANIFEST 2011-03-27 13:30:35.000000000 +0200 @@ -25,9 +25,6 @@ lib/LWP/Protocol/ftp.pm Access with the FTP protocol lib/LWP/Protocol/gopher.pm Access with the Gopher protocol lib/LWP/Protocol/http.pm Access with HTTP/1.1 protocol -lib/LWP/Protocol/http10.pm Access with HTTP/1.0 protocol -lib/LWP/Protocol/https.pm Access with HTTP/1.1 protocol over SSL -lib/LWP/Protocol/https10.pm Access with HTTP/1.0 protocol over SSL lib/LWP/Protocol/loopback.pm Returns request (like HTTP TRACE) lib/LWP/Protocol/mailto.pm Allows you to POST mail using sendmail lib/LWP/Protocol/nntp.pm Handles access to news: and nntp: URLs @@ -41,7 +38,6 @@ t/TEST Run tests t/base/protocols.t Test protocol methods of LWP::UserAgent t/base/ua.t Basic LWP::UserAgent tests -t/live/https.t t/live/jigsaw-auth-b.t t/live/jigsaw-auth-d.t t/live/jigsaw-chunk.t diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/META.yml new/libwww-perl-6.02/META.yml --- old/libwww-perl-6.01/META.yml 2011-03-10 00:28:26.000000000 +0100 +++ new/libwww-perl-6.02/META.yml 2011-03-27 13:30:35.000000000 +0200 @@ -1,6 +1,6 @@ --- #YAML:1.0 name: libwww-perl -version: 6.01 +version: 6.02 abstract: The World-Wide Web library for Perl author: - Gisle Aas <[email protected]> @@ -42,13 +42,11 @@ directory: - t - inc -generated_by: ExtUtils::MakeMaker version 6.56 +generated_by: ExtUtils::MakeMaker version 6.57_05 meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: 1.4 recommends: - Authen::NTML: 2.12 - Data::Dump: 0 - IO::Socket::SSL: 1.38 - Mozilla::CA: 20110101 - Net::HTTPS: 6 + Authen::NTLM: 1.02 + Data::Dump: 0 + LWP::Protocol::https: 6.02 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/Makefile.PL new/libwww-perl-6.02/Makefile.PL --- old/libwww-perl-6.01/Makefile.PL 2011-03-10 00:06:17.000000000 +0100 +++ new/libwww-perl-6.02/Makefile.PL 2011-03-27 13:29:52.000000000 +0200 @@ -66,10 +66,8 @@ }, META_MERGE => { recommends => { - 'Net::HTTPS' => 6, - 'IO::Socket::SSL' => "1.38", - 'Mozilla::CA' => "20110101", - 'Authen::NTML' => "2.12", + 'LWP::Protocol::https' => '6.02', + 'Authen::NTLM' => "1.02", 'Data::Dump' => 0, }, resources => { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/README new/libwww-perl-6.02/README --- old/libwww-perl-6.01/README 2011-03-10 00:05:12.000000000 +0100 +++ new/libwww-perl-6.02/README 2011-03-27 13:29:52.000000000 +0200 @@ -36,8 +36,7 @@ WWW-RobotRules If you want to access sites using the https protocol, then you need to -install the IO::Socket::SSL module or the Crypt::SSLeay module. The -README.SSL file will tell you more about how libwww-perl supports SSL. +install the LWP::Protocol::https module from CPAN. INSTALLATION diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/README.SSL new/libwww-perl-6.02/README.SSL --- old/libwww-perl-6.01/README.SSL 2011-03-09 09:20:02.000000000 +0100 +++ new/libwww-perl-6.02/README.SSL 2011-03-27 13:29:52.000000000 +0200 @@ -1,21 +1,7 @@ -SSL SUPPORT ------------ +As of libwww-perl v6.02 you need to install the LWP::Protocol::https module +from its own separate distribution to enable support for https://... URLs for +LWP::UserAgent. -The libwww-perl package has support for using SSL/TLSv1 with its HTTP -client and server classes. This support makes it possible to access -https schemed URLs with LWP. Because of the problematic status of -encryption software in general and certain encryption algorithms in -particular, in several countries, libwww-perl package doesn't include -SSL functionality out-of-the-box. - -Encryption support is obtained through the use of IO::Socket::SSL or -Crypt::SSLeay, which can both be found from CPAN. While libwww-perl -has "plug-and-play" support for both of these modules (as of v5.45), -the recommended module to use is IO::Socket::SSL. - -There is yet another SSL interface for perl called Net::SSLeay. It has -a more complete SSL interface and can be used for web client -programming among other things but doesn't directly support LWP. - -The underlying SSL support in all of these modules is based on OpenSSL -<http://www.openssl.org/> (formerly SSLeay). +This makes it possible for that distribution to state the required dependencies +as non-optional. See <https://rt.cpan.org/Ticket/Display.html?id=66838> for +further discussion why we ended up with this solution. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/lib/LWP/ConnCache.pm new/libwww-perl-6.02/lib/LWP/ConnCache.pm --- old/libwww-perl-6.01/lib/LWP/ConnCache.pm 2011-03-09 09:20:26.000000000 +0100 +++ new/libwww-perl-6.02/lib/LWP/ConnCache.pm 2011-03-27 13:29:52.000000000 +0200 @@ -3,13 +3,16 @@ use strict; use vars qw($VERSION $DEBUG); -$VERSION = "6.00"; +$VERSION = "6.02"; sub new { my($class, %cnf) = @_; - my $total_capacity = delete $cnf{total_capacity}; - $total_capacity = 1 unless defined $total_capacity; + + my $total_capacity = 1; + if (exists $cnf{total_capacity}) { + $total_capacity = delete $cnf{total_capacity}; + } if (%cnf && $^W) { require Carp; Carp::carp("Unrecognised options: @{[sort keys %cnf]}") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/lib/LWP/Protocol/http10.pm new/libwww-perl-6.02/lib/LWP/Protocol/http10.pm --- old/libwww-perl-6.01/lib/LWP/Protocol/http10.pm 2011-03-09 09:20:26.000000000 +0100 +++ new/libwww-perl-6.02/lib/LWP/Protocol/http10.pm 1970-01-01 01:00:00.000000000 +0100 @@ -1,290 +0,0 @@ -package LWP::Protocol::http10; - -use strict; - -require HTTP::Response; -require HTTP::Status; -require IO::Socket; -require IO::Select; - -use vars qw(@ISA @EXTRA_SOCK_OPTS); - -require LWP::Protocol; -@ISA = qw(LWP::Protocol); - -my $CRLF = "\015\012"; # how lines should be terminated; - # "\r\n" is not correct on all systems, for - # instance MacPerl defines it to "\012\015" - -sub _new_socket -{ - my($self, $host, $port, $timeout) = @_; - - local($^W) = 0; # IO::Socket::INET can be noisy - my $sock = IO::Socket::INET->new(PeerAddr => $host, - PeerPort => $port, - LocalAddr => $self->{ua}{local_address}, - Proto => 'tcp', - Timeout => $timeout, - $self->_extra_sock_opts($host, $port), - ); - unless ($sock) { - # IO::Socket::INET leaves additional error messages in $@ - $@ =~ s/^.*?: //; - die "Can't connect to $host:$port ($@)"; - } - $sock; -} - -sub _extra_sock_opts # to be overridden by subclass -{ - return @EXTRA_SOCK_OPTS; -} - - -sub _check_sock -{ - #my($self, $req, $sock) = @_; -} - -sub _get_sock_info -{ - my($self, $res, $sock) = @_; - if (defined(my $peerhost = $sock->peerhost)) { - $res->header("Client-Peer" => "$peerhost:" . $sock->peerport); - } -} - -sub _fixup_header -{ - my($self, $h, $url, $proxy) = @_; - - $h->remove_header('Connection'); # need support here to be useful - - # HTTP/1.1 will require us to send the 'Host' header, so we might - # as well start now. - my $hhost = $url->authority; - if ($hhost =~ s/^([^\@]*)\@//) { # get rid of potential "user:pass@" - # add authorization header if we need them. HTTP URLs do - # not really support specification of user and password, but - # we allow it. - if (defined($1) && not $h->header('Authorization')) { - require URI::Escape; - $h->authorization_basic(map URI::Escape::uri_unescape($_), - split(":", $1, 2)); - } - } - $h->init_header('Host' => $hhost); - - if ($proxy) { - # Check the proxy URI's userinfo() for proxy credentials - # export http_proxy="http://proxyuser:proxypass@proxyhost:port"; - my $p_auth = $proxy->userinfo(); - if(defined $p_auth) { - require URI::Escape; - $h->proxy_authorization_basic(map URI::Escape::uri_unescape($_), - split(":", $p_auth, 2)) - } - } -} - - -sub request -{ - my($self, $request, $proxy, $arg, $size, $timeout) = @_; - - $size ||= 4096; - - # check method - my $method = $request->method; - unless ($method =~ /^[A-Za-z0-9_!\#\$%&\'*+\-.^\`|~]+$/) { # HTTP token - return HTTP::Response->new( &HTTP::Status::RC_BAD_REQUEST, - 'Library does not allow method ' . - "$method for 'http:' URLs"); - } - - my $url = $request->uri; - my($host, $port, $fullpath); - - # Check if we're proxy'ing - if (defined $proxy) { - # $proxy is an URL to an HTTP server which will proxy this request - $host = $proxy->host; - $port = $proxy->port; - $fullpath = $method eq "CONNECT" ? - ($url->host . ":" . $url->port) : - $url->as_string; - } - else { - $host = $url->host; - $port = $url->port; - $fullpath = $url->path_query; - $fullpath = "/" unless length $fullpath; - } - - # connect to remote site - my $socket = $self->_new_socket($host, $port, $timeout); - $self->_check_sock($request, $socket); - - my $sel = IO::Select->new($socket) if $timeout; - - my $request_line = "$method $fullpath HTTP/1.0$CRLF"; - - my $h = $request->headers->clone; - my $cont_ref = $request->content_ref; - $cont_ref = $$cont_ref if ref($$cont_ref); - my $ctype = ref($cont_ref); - - # If we're sending content we *have* to specify a content length - # otherwise the server won't know a messagebody is coming. - if ($ctype eq 'CODE') { - die 'No Content-Length header for request with dynamic content' - unless defined($h->header('Content-Length')) || - $h->content_type =~ /^multipart\//; - # For HTTP/1.1 we could have used chunked transfer encoding... - } - else { - $h->header('Content-Length' => length $$cont_ref) - if defined($$cont_ref) && length($$cont_ref); - } - - $self->_fixup_header($h, $url, $proxy); - - my $buf = $request_line . $h->as_string($CRLF) . $CRLF; - my $n; # used for return value from syswrite/sysread - my $length; - my $offset; - - # syswrite $buf - $length = length($buf); - $offset = 0; - while ( $offset < $length ) { - die "write timeout" if $timeout && !$sel->can_write($timeout); - $n = $socket->syswrite($buf, $length-$offset, $offset ); - die $! unless defined($n); - $offset += $n; - } - - if ($ctype eq 'CODE') { - while ( ($buf = &$cont_ref()), defined($buf) && length($buf)) { - # syswrite $buf - $length = length($buf); - $offset = 0; - while ( $offset < $length ) { - die "write timeout" if $timeout && !$sel->can_write($timeout); - $n = $socket->syswrite($buf, $length-$offset, $offset ); - die $! unless defined($n); - $offset += $n; - } - } - } - elsif (defined($$cont_ref) && length($$cont_ref)) { - # syswrite $$cont_ref - $length = length($$cont_ref); - $offset = 0; - while ( $offset < $length ) { - die "write timeout" if $timeout && !$sel->can_write($timeout); - $n = $socket->syswrite($$cont_ref, $length-$offset, $offset ); - die $! unless defined($n); - $offset += $n; - } - } - - # read response line from server - my $response; - $buf = ''; - - # Inside this loop we will read the response line and all headers - # found in the response. - while (1) { - die "read timeout" if $timeout && !$sel->can_read($timeout); - $n = $socket->sysread($buf, $size, length($buf)); - die $! unless defined($n); - die "unexpected EOF before status line seen" unless $n; - - if ($buf =~ s/^(HTTP\/\d+\.\d+)[ \t]+(\d+)[ \t]*([^\012]*)\012//) { - # HTTP/1.0 response or better - my($ver,$code,$msg) = ($1, $2, $3); - $msg =~ s/\015$//; - $response = HTTP::Response->new($code, $msg); - $response->protocol($ver); - - # ensure that we have read all headers. The headers will be - # terminated by two blank lines - until ($buf =~ /^\015?\012/ || $buf =~ /\015?\012\015?\012/) { - # must read more if we can... - die "read timeout" if $timeout && !$sel->can_read($timeout); - my $old_len = length($buf); - $n = $socket->sysread($buf, $size, $old_len); - die $! unless defined($n); - die "unexpected EOF before all headers seen" unless $n; - } - - # now we start parsing the headers. The strategy is to - # remove one line at a time from the beginning of the header - # buffer ($res). - my($key, $val); - while ($buf =~ s/([^\012]*)\012//) { - my $line = $1; - - # if we need to restore as content when illegal headers - # are found. - my $save = "$line\012"; - - $line =~ s/\015$//; - last unless length $line; - - if ($line =~ /^([a-zA-Z0-9_\-.]+)\s*:\s*(.*)/) { - $response->push_header($key, $val) if $key; - ($key, $val) = ($1, $2); - } - elsif ($line =~ /^\s+(.*)/ && $key) { - $val .= " $1"; - } - else { - $response->push_header("Client-Bad-Header-Line" => $line); - } - } - $response->push_header($key, $val) if $key; - last; - - } - elsif ((length($buf) >= 5 and $buf !~ /^HTTP\//) or - $buf =~ /\012/ ) { - # HTTP/0.9 or worse - $response = HTTP::Response->new(&HTTP::Status::RC_OK, "OK"); - $response->protocol('HTTP/0.9'); - last; - - } - else { - # need more data - } - }; - $response->request($request); - $self->_get_sock_info($response, $socket); - - if ($method eq "CONNECT") { - $response->{client_socket} = $socket; # so it can be picked up - $response->content($buf); # in case we read more than the headers - return $response; - } - - my $usebuf = length($buf) > 0; - $response = $self->collect($arg, $response, sub { - if ($usebuf) { - $usebuf = 0; - return \$buf; - } - die "read timeout" if $timeout && !$sel->can_read($timeout); - my $n = $socket->sysread($buf, $size); - die $! unless defined($n); - return \$buf; - } ); - - #$socket->close; - - $response; -} - -1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/lib/LWP/Protocol/https.pm new/libwww-perl-6.02/lib/LWP/Protocol/https.pm --- old/libwww-perl-6.01/lib/LWP/Protocol/https.pm 2011-03-09 09:20:02.000000000 +0100 +++ new/libwww-perl-6.02/lib/LWP/Protocol/https.pm 1970-01-01 01:00:00.000000000 +0100 @@ -1,90 +0,0 @@ -package LWP::Protocol::https; - -use strict; - -use vars qw(@ISA); -require LWP::Protocol::http; -@ISA = qw(LWP::Protocol::http); - -sub socket_type -{ - return "https"; -} - -sub _extra_sock_opts -{ - my $self = shift; - my %ssl_opts = %{$self->{ua}{ssl_opts} || {}}; - if (delete $ssl_opts{verify_hostname}) { - $ssl_opts{SSL_verify_mode} ||= 1; - $ssl_opts{SSL_verifycn_scheme} = 'www'; - } - if ($ssl_opts{SSL_verify_mode}) { - unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { - eval { - require Mozilla::CA; - }; - if ($@) { - if ($@ =! /^Can't locate Mozilla\/CA\.pm/) { - $@ = <<'EOT'; -Can't verify SSL peers without knowning which Certificate Authorities to trust - -This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE -envirionment variable or by installing the Mozilla::CA module. - -To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME -envirionment variable to 0. If you do this you can't be sure that you -communicate with the expected peer. -EOT - } - die $@; - } - $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file(); - } - } - $self->{ssl_opts} = \%ssl_opts; - return (%ssl_opts, $self->SUPER::_extra_sock_opts); -} - -sub _check_sock -{ - my($self, $req, $sock) = @_; - my $check = $req->header("If-SSL-Cert-Subject"); - if (defined $check) { - my $cert = $sock->get_peer_certificate || - die "Missing SSL certificate"; - my $subject = $cert->subject_name; - die "Bad SSL certificate subject: '$subject' !~ /$check/" - unless $subject =~ /$check/; - $req->remove_header("If-SSL-Cert-Subject"); # don't pass it on - } -} - -sub _get_sock_info -{ - my $self = shift; - $self->SUPER::_get_sock_info(@_); - my($res, $sock) = @_; - $res->header("Client-SSL-Cipher" => $sock->get_cipher); - my $cert = $sock->get_peer_certificate; - if ($cert) { - $res->header("Client-SSL-Cert-Subject" => $cert->subject_name); - $res->header("Client-SSL-Cert-Issuer" => $cert->issuer_name); - } - if (!$self->{ssl_opts}{SSL_verify_mode}) { - $res->push_header("Client-SSL-Warning" => "Peer certificate not verified"); - } - elsif (!$self->{ssl_opts}{SSL_verifycn_scheme}) { - $res->push_header("Client-SSL-Warning" => "Peer hostname match with certificate not verified"); - } - $res->header("Client-SSL-Socket-Class" => $Net::HTTPS::SSL_SOCKET_CLASS); -} - -#----------------------------------------------------------- -package LWP::Protocol::https::Socket; - -use vars qw(@ISA); -require Net::HTTPS; -@ISA = qw(Net::HTTPS LWP::Protocol::http::SocketMethods); - -1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/lib/LWP/Protocol/https10.pm new/libwww-perl-6.02/lib/LWP/Protocol/https10.pm --- old/libwww-perl-6.01/lib/LWP/Protocol/https10.pm 2011-03-09 09:20:26.000000000 +0100 +++ new/libwww-perl-6.02/lib/LWP/Protocol/https10.pm 1970-01-01 01:00:00.000000000 +0100 @@ -1,76 +0,0 @@ -package LWP::Protocol::https10; - -use strict; - -# Figure out which SSL implementation to use -use vars qw($SSL_CLASS); -if ($Net::SSL::VERSION) { - $SSL_CLASS = "Net::SSL"; -} -elsif ($IO::Socket::SSL::VERSION) { - $SSL_CLASS = "IO::Socket::SSL"; # it was already loaded -} -else { - eval { require Net::SSL; }; # from Crypt-SSLeay - if ($@) { - require IO::Socket::SSL; - $SSL_CLASS = "IO::Socket::SSL"; - } - else { - $SSL_CLASS = "Net::SSL"; - } -} - - -use vars qw(@ISA); - -require LWP::Protocol::http10; -@ISA=qw(LWP::Protocol::http10); - -sub _new_socket -{ - my($self, $host, $port, $timeout) = @_; - local($^W) = 0; # IO::Socket::INET can be noisy - my $sock = $SSL_CLASS->new(PeerAddr => $host, - PeerPort => $port, - LocalAddr => $self->{ua}{local_address}, - Proto => 'tcp', - Timeout => $timeout, - ); - unless ($sock) { - # IO::Socket::INET leaves additional error messages in $@ - $@ =~ s/^.*?: //; - die "Can't connect to $host:$port ($@)"; - } - $sock; -} - -sub _check_sock -{ - my($self, $req, $sock) = @_; - my $check = $req->header("If-SSL-Cert-Subject"); - if (defined $check) { - my $cert = $sock->get_peer_certificate || - die "Missing SSL certificate"; - my $subject = $cert->subject_name; - die "Bad SSL certificate subject: '$subject' !~ /$check/" - unless $subject =~ /$check/; - $req->remove_header("If-SSL-Cert-Subject"); # don't pass it on - } -} - -sub _get_sock_info -{ - my $self = shift; - $self->SUPER::_get_sock_info(@_); - my($res, $sock) = @_; - $res->header("Client-SSL-Cipher" => $sock->get_cipher); - my $cert = $sock->get_peer_certificate; - if ($cert) { - $res->header("Client-SSL-Cert-Subject" => $cert->subject_name); - $res->header("Client-SSL-Cert-Issuer" => $cert->issuer_name); - } - $res->header("Client-SSL-Warning" => "Peer certificate not verified"); -} - -1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/lib/LWP/UserAgent.pm new/libwww-perl-6.02/lib/LWP/UserAgent.pm --- old/libwww-perl-6.01/lib/LWP/UserAgent.pm 2011-03-09 09:20:26.000000000 +0100 +++ new/libwww-perl-6.02/lib/LWP/UserAgent.pm 2011-03-27 13:29:52.000000000 +0200 @@ -5,7 +5,7 @@ require LWP::MemberMixin; @ISA = qw(LWP::MemberMixin); -$VERSION = "6.00"; +$VERSION = "6.02"; use HTTP::Request (); use HTTP::Response (); @@ -16,16 +16,6 @@ use Carp (); -if ($ENV{PERL_LWP_USE_HTTP_10}) { - require LWP::Protocol::http10; - LWP::Protocol::implementor('http', 'LWP::Protocol::http10'); - eval { - require LWP::Protocol::https10; - LWP::Protocol::implementor('https', 'LWP::Protocol::https10'); - }; -} - - sub new { @@ -56,9 +46,13 @@ else { $ssl_opts->{verify_hostname} = 1; } + } + unless (exists $ssl_opts->{SSL_ca_file}) { if (my $ca_file = $ENV{PERL_LWP_SSL_CA_FILE} || $ENV{HTTPS_CA_FILE}) { $ssl_opts->{SSL_ca_file} = $ca_file; } + } + unless (exists $ssl_opts->{SSL_ca_path}) { if (my $ca_path = $ENV{PERL_LWP_SSL_CA_PATH} || $ENV{HTTPS_CA_DIR}) { $ssl_opts->{SSL_ca_path} = $ca_path; } @@ -183,12 +177,11 @@ $@ =~ s/ at .* line \d+.*//s; # remove file/line number $response = _new_response($request, &HTTP::Status::RC_NOT_IMPLEMENTED, $@); if ($scheme eq "https") { - $response->message($response->message . " (IO::Socket::SSL not installed)"); + $response->message($response->message . " (LWP::Protocol::https not installed)"); $response->content_type("text/plain"); $response->content(<<EOT); -LWP will support https URLs if either IO::Socket::SSL or Crypt::SSLeay -is installed. More information at -<http://search.cpan.org/dist/libwww-perl/README.SSL>. +LWP will support https URLs if the LWP::Protocol::https module +is installed. EOT } } @@ -1361,10 +1354,10 @@ When TRUE LWP will for secure protocol schemes ensure it connects to servers that have a valid certificate matching the expected hostname. If FALSE no checks are made and you can't be sure that you communicate with the expected peer. -The no checks behaviour was the default for libwww-perl-5.837 and older. +The no checks behaviour was the default for libwww-perl-5.837 and earlier releases. This option is initialized from the L<PERL_LWP_SSL_VERIFY_HOSTNAME> environment -variable. If the this envirionment variable isn't set; then C<verify_hostname> +variable. If this envirionment variable isn't set; then C<verify_hostname> defaults to 1. =item C<SSL_ca_file> => $path @@ -1385,11 +1378,9 @@ Other options can be set and are processed directly by the SSL Socket implementation in use. See L<IO::Socket::SSL> or L<Net::SSL> for details. -If hostname verification is requested, and neither C<SSL_ca_file> nor -C<SSL_ca_path> is set, then C<SSL_ca_file> is implied to be the one -provided by L<Mozilla::CA>. If the Mozilla::CA module isn't available -SSL requests will fail. Either install this module, set up an alternative -SSL_ca_file or disable hostname verification. +The libwww-perl core no longer bundles protocol plugins for SSL. You will need +to install L<LWP::Protocol::https> separately to enable support for processing +https-URLs. =back diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/lib/LWP.pm new/libwww-perl-6.02/lib/LWP.pm --- old/libwww-perl-6.01/lib/LWP.pm 2011-03-10 00:26:26.000000000 +0100 +++ new/libwww-perl-6.02/lib/LWP.pm 2011-03-27 13:29:52.000000000 +0200 @@ -1,6 +1,6 @@ package LWP; -$VERSION = "6.01"; +$VERSION = "6.02"; sub Version { $VERSION; } require 5.008; @@ -596,13 +596,6 @@ where the trusted Certificate Authority certificates is located. See L<LWP::UserAgent> for details. -=item PERL_LWP_USE_HTTP_10 - -Enable the old HTTP/1.0 protocol driver instead of the new HTTP/1.1 -driver. You might want to set this to a TRUE value if you discover -that your old LWP applications fails after you installed LWP-5.60 or -better. - =item PERL_HTTP_URI_CLASS Used to decide what URI objects to instantiate. The default is C<URI>. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/t/TEST new/libwww-perl-6.02/t/TEST --- old/libwww-perl-6.01/t/TEST 2011-03-09 09:20:02.000000000 +0100 +++ new/libwww-perl-6.02/t/TEST 2011-03-27 13:29:52.000000000 +0200 @@ -39,7 +39,6 @@ @tests = (<base/*.t>, <html/*.t>, <robot/*.t>, <local/*.t>); push(@tests, <live/*.t>) if -f "live/ENABLED"; push(@tests, <net/*.t>) if -f "net/config.pl"; - @tests = grep !/jigsaw/, @tests; # service is not reliable any more } if ($formatter) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libwww-perl-6.01/t/live/https.t new/libwww-perl-6.02/t/live/https.t --- old/libwww-perl-6.01/t/live/https.t 2011-03-09 09:20:02.000000000 +0100 +++ new/libwww-perl-6.02/t/live/https.t 1970-01-01 01:00:00.000000000 +0100 @@ -1,20 +0,0 @@ -#!perl -w - -use strict; -use Test; - -use LWP::UserAgent; - -my $ua = LWP::UserAgent->new(); -my $res = $ua->simple_request(HTTP::Request->new(GET => "https://www.apache.org";)); - -if ($res->code == 501 && $res->message =~ /Protocol scheme 'https' is not supported/) { - print "1..0 # Skipped: " . $res->message . "\n"; - exit; -} - -plan tests => 2; -ok($res->is_success); -ok($res->content =~ /Apache Software Foundation/); - -$res->dump(prefix => "# "); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
