41 lines
1.5 KiB
Diff
41 lines
1.5 KiB
Diff
From 1b924708663f457a4f7c25ed35d7dfb3bb5b334d Mon Sep 17 00:00:00 2001
|
|
From: Steffen Ullrich <Steffen_Ullrich@genua.de>
|
|
Date: Sat, 3 May 2014 23:04:36 +0200
|
|
Subject: [PATCH 1/3] Debian #746576 - don't disale verification if only
|
|
hostnames should not be verified
|
|
|
|
---
|
|
lib/LWP/Protocol/https.pm | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
Index: LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
|
|
===================================================================
|
|
--- LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm
|
|
+++ LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
|
|
@@ -21,7 +21,11 @@ sub _extra_sock_opts
|
|
$ssl_opts{SSL_verifycn_scheme} = 'www';
|
|
}
|
|
else {
|
|
- $ssl_opts{SSL_verify_mode} = 0;
|
|
+ if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
|
|
+ $ssl_opts{SSL_verifycn_scheme} = '';
|
|
+ } else {
|
|
+ $ssl_opts{SSL_verifycn_scheme} = 'none';
|
|
+ }
|
|
}
|
|
my $suse_allows_mozilla_ca = 0;
|
|
if ($suse_allows_mozilla_ca && $ssl_opts{SSL_verify_mode}) {
|
|
Index: LWP-Protocol-https-6.06/t/https_proxy.t
|
|
===================================================================
|
|
--- LWP-Protocol-https-6.06.orig/t/https_proxy.t
|
|
+++ LWP-Protocol-https-6.06/t/https_proxy.t
|
|
@@ -66,7 +66,7 @@ my %ua;
|
|
$ua{noproxy} = LWP::UserAgent->new(
|
|
keep_alive => 10, # size of connection cache
|
|
# server does not know the expected name and returns generic certificate
|
|
- ssl_opts => { verify_hostname => 0 }
|
|
+ ssl_opts => { verify_hostname => 0, SSL_ca_file => $cafile, }
|
|
);
|
|
|
|
$ua{proxy} = LWP::UserAgent->new(
|