[lfs-patches] r4147 - trunk/LWP-Protocol-https

renodr Sat, 18 Jul 2020 08:49:01 -0700

Author: renodr
Date: Sat Jul 18 08:48:43 2020
New Revision: 4147

Log:
Bump LWP-Protocol-HTTPS patch


Added:
   trunk/LWP-Protocol-https/LWP-Protocol-https-6.09-system_certs-1.patch
      - copied unchanged from r4146, 
trunk/LWP-Protocol-https/LWP-Protocol-https-6.07-system_certs-1.patch

Copied: trunk/LWP-Protocol-https/LWP-Protocol-https-6.09-system_certs-1.patch 
(from r4146, 
trunk/LWP-Protocol-https/LWP-Protocol-https-6.07-system_certs-1.patch)
==============================================================================
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ trunk/LWP-Protocol-https/LWP-Protocol-https-6.09-system_certs-1.patch       
Sat Jul 18 08:48:43 2020        (r4147, copy of r4146, 
trunk/LWP-Protocol-https/LWP-Protocol-https-6.07-system_certs-1.patch)
@@ -0,0 +1,50 @@
+Submitted By: Ken Moffat <ken at linuxfromscratch dot org>
+Date: 2018-11-02
+Initial Package Version: 6.07
+Upstream Status: Unsuitable for CPAN
+Origin: Based on Arch, which is based on Debian, but adapted for BLFS.
+Description: Use system certificates instead of whatever happened to
+be at Mozilla when Mozilla::CA was last updated.  See
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619059
+
+diff -Naur a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm
+--- a/lib/LWP/Protocol/https.pm        2017-02-20 02:41:37.000000000 +0000
++++ b/lib/LWP/Protocol/https.pm        2018-11-02 19:12:49.006187556 +0000
+@@ -25,25 +25,7 @@
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+       unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) 
{
+-          eval {
+-              require Mozilla::CA;
+-          };
+-          if ($@) {
+-              if ($@ =~ /^Can't locate Mozilla\/CA\.pm/) {
+-                  $@ = <<'EOT';
+-Can't verify SSL peers without knowing which Certificate Authorities to trust
+-
+-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
+-environment variable or by installing the Mozilla::CA module.
+-
+-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
+-environment variable to 0.  If you do this you can't be sure that you
+-communicate with the expected peer.
+-EOT
+-              }
+-              die $@;
+-          }
+-          $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
++          $ssl_opts{SSL_ca_file} = '/etc/pki/tls/certs/ca-bundle.crt';
+       }
+     }
+     $self->{ssl_opts} = \%ssl_opts;
+diff -Naur a/Makefile.PL b/Makefile.PL
+--- a/Makefile.PL      2016-06-30 11:43:17.000000000 +0100
++++ b/Makefile.PL      2018-11-02 19:13:25.634958845 +0000
+@@ -26,7 +26,6 @@
+                     'LWP::UserAgent' => '6.06',
+                     'Net::HTTPS' => 6,
+                     'IO::Socket::SSL' => "1.54",
+-                    'Mozilla::CA' => "20110101",
+                     'perl' => '5.008001',
+                 },
+             },
-- 
http://lists.linuxfromscratch.org/listinfo/patches
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

[lfs-patches] r4147 - trunk/LWP-Protocol-https

Reply via email to