This is an automated email from the git hooks/post-receive script. bengen pushed a commit to branch master in repository liblwpx-paranoidagent-perl.
commit 596b05985054d2b536aa3662e71092e729dfcc7b Author: Hilko Bengen <ben...@debian.org> Date: Tue Sep 9 09:30:25 2014 +0200 Use Debian's ca-certificates package instead of relying on Mozilla::CA (Closes: #744404) --- debian/control | 4 +-- debian/patches/0002-Use-ca-certificates.patch | 39 +++++++++++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 42 insertions(+), 2 deletions(-) diff --git a/debian/control b/debian/control index b1886dc..261d297 100644 --- a/debian/control +++ b/debian/control @@ -2,13 +2,13 @@ Source: liblwpx-paranoidagent-perl Section: perl Priority: optional Build-Depends: debhelper (>= 9~) -Build-Depends-Indep: perl (>= 5.8.8-7), libwww-perl, libnet-dns-perl, libcrypt-ssleay-perl, +Build-Depends-Indep: perl (>= 5.8.8-7), ca-certificates, libwww-perl, libnet-dns-perl, libcrypt-ssleay-perl, Maintainer: Hilko Bengen <ben...@debian.org> Standards-Version: 3.9.5 Package: liblwpx-paranoidagent-perl Architecture: all -Depends: ${perl:Depends}, ${misc:Depends}, libwww-perl, libnet-dns-perl, libcrypt-ssleay-perl, +Depends: ${perl:Depends}, ${misc:Depends}, ca-certificates, libwww-perl, libnet-dns-perl, libcrypt-ssleay-perl, Description: a "paranoid" subclass of LWP::UserAgent The LWPx::ParanoidAgent is a class subclassing LWP::UserAgent, but paranoid against attackers. It's to be used when a remote resource is diff --git a/debian/patches/0002-Use-ca-certificates.patch b/debian/patches/0002-Use-ca-certificates.patch new file mode 100644 index 0000000..3ea07c2 --- /dev/null +++ b/debian/patches/0002-Use-ca-certificates.patch @@ -0,0 +1,39 @@ +From: Hilko Bengen <ben...@debian.org> +Date: Tue, 9 Sep 2014 09:33:08 +0200 +Subject: Use ca-certificates + +--- + lib/LWPx/Protocol/https_paranoid.pm | 20 +------------------- + 1 file changed, 1 insertion(+), 19 deletions(-) + +diff --git a/lib/LWPx/Protocol/https_paranoid.pm b/lib/LWPx/Protocol/https_paranoid.pm +index f024e7a..fbd3729 100644 +--- a/lib/LWPx/Protocol/https_paranoid.pm ++++ b/lib/LWPx/Protocol/https_paranoid.pm +@@ -52,25 +52,7 @@ sub _extra_sock_opts + } + if ($ssl_opts{SSL_verify_mode}) { + unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { +- eval { +- require Mozilla::CA; +- }; +- if ($@) { +- if ($@ =! /^Can't locate Mozilla\/CA\.pm/) { +- $@ = <<'EOT'; +-Can't verify SSL peers without knowing which Certificate Authorities to trust +- +-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE +-envirionment variable or by installing the Mozilla::CA module. +- +-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME +-envirionment variable to 0. If you do this you can't be sure that you +-communicate with the expected peer. +-EOT +- } +- die $@; +- } +- $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file(); ++ $ssl_opts{SSL_ca_path} = '/etc/ssl/certs'; + } + } + $self->{ssl_opts} = \%ssl_opts; diff --git a/debian/patches/series b/debian/patches/series index 9b5fd13..079d74f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ 0001-Fix-HTTPS.patch +0002-Use-ca-certificates.patch -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/liblwpx-paranoidagent-perl.git _______________________________________________ Pkg-perl-cvs-commits mailing list Pkg-perl-cvs-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-perl-cvs-commits