From 8b826baec4d2a70e0ac282d28cbd219be02ef38edac30aa84f1c44dd0feace56 Mon Sep 17 00:00:00 2001
From: Stephan Kulow <coolo@suse.com>
Date: Thu, 4 Jul 2013 08:34:24 +0000
Subject: [PATCH] Accepting request 182139 from
 home:lnussel:branches:devel:languages:perl

- Version 6.04
  * Fix IO::Socket::SSL warnings when not verifying hostname.
  * Doc spelling fix.
- Remove usage of Mozilla::CA entirely. IO::Socket::SSL will do the
  right thing instead.

OBS-URL: https://build.opensuse.org/request/show/182139
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-LWP-Protocol-https?expand=0&rev=4
---
 LWP-Protocol-https-6.03-systemca.diff | 12 ----
 LWP-Protocol-https-6.04-systemca.diff | 89 +++++++++++++++++++++++++++
 LWP-Protocol-https-6.04.tar.gz        |  3 +
 perl-LWP-Protocol-https.changes       |  9 +++
 perl-LWP-Protocol-https.spec          |  6 +-
 5 files changed, 104 insertions(+), 15 deletions(-)
 delete mode 100644 LWP-Protocol-https-6.03-systemca.diff
 create mode 100644 LWP-Protocol-https-6.04-systemca.diff
 create mode 100644 LWP-Protocol-https-6.04.tar.gz

diff --git a/LWP-Protocol-https-6.03-systemca.diff b/LWP-Protocol-https-6.03-systemca.diff
deleted file mode 100644
index 5685aa4..0000000
--- a/LWP-Protocol-https-6.03-systemca.diff
+++ /dev/null
@@ -1,12 +0,0 @@
-Index: LWP-Protocol-https-6.03/lib/LWP/Protocol/https.pm
-===================================================================
---- LWP-Protocol-https-6.03.orig/lib/LWP/Protocol/https.pm	2012-02-18 23:53:36.000000000 +0100
-+++ LWP-Protocol-https-6.03/lib/LWP/Protocol/https.pm	2012-02-21 12:32:56.614080436 +0100
-@@ -20,6 +20,7 @@ sub _extra_sock_opts
- 	$ssl_opts{SSL_verifycn_scheme} = 'www';
-     }
-     if ($ssl_opts{SSL_verify_mode}) {
-+	$ssl_opts{SSL_ca_path} ||= '/etc/ssl/certs';
- 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
- 	    eval {
- 		require Mozilla::CA;
diff --git a/LWP-Protocol-https-6.04-systemca.diff b/LWP-Protocol-https-6.04-systemca.diff
new file mode 100644
index 0000000..cb7f1b5
--- /dev/null
+++ b/LWP-Protocol-https-6.04-systemca.diff
@@ -0,0 +1,89 @@
+From 39d26115250c9c233018e487ce495e5a16faacc2 Mon Sep 17 00:00:00 2001
+From: Ludwig Nussel <ludwig.nussel@suse.de>
+Date: Wed, 3 Jul 2013 11:25:38 +0200
+Subject: [PATCH] Don't require Mozilla::CA
+
+IO::Socket::SSL will fall back to using the system's root
+CA-certificates if no options are passed.
+---
+ Makefile.PL               |  1 -
+ README                    |  9 +--------
+ lib/LWP/Protocol/https.pm | 23 -----------------------
+ 3 files changed, 1 insertion(+), 32 deletions(-)
+
+diff --git a/Makefile.PL b/Makefile.PL
+index 805eac8..3c66fb7 100644
+--- a/Makefile.PL
++++ b/Makefile.PL
+@@ -15,7 +15,6 @@ WriteMakefile(
+ 	'LWP::UserAgent' => '6.04',
+ 	'Net::HTTPS' => 6,
+ 	'IO::Socket::SSL' => "1.54",
+-	'Mozilla::CA' => "20110101",
+     },
+     META_MERGE => {
+ 	resources => {
+diff --git a/README b/README
+index 8e67078..7c4b5e2 100644
+--- a/README
++++ b/README
+@@ -13,13 +13,6 @@ DESCRIPTION
+     you don't use it directly. Once the module is installed LWP is able to
+     access sites using HTTP over SSL/TLS.
+ 
+-    If hostname verification is requested by LWP::UserAgent's `ssl_opts',
+-    and neither `SSL_ca_file' nor `SSL_ca_path' is set, then `SSL_ca_file'
+-    is implied to be the one provided by Mozilla::CA. If the Mozilla::CA
+-    module isn't available SSL requests will fail. Either install this
+-    module, set up an alternative `SSL_ca_file' or disable hostname
+-    verification.
+-
+     This module used to be bundled with the libwww-perl, but it was
+     unbundled in v6.02 in order to be able to declare its dependencies
+     properly for the CPAN tool-chain. Applications that need https support
+@@ -27,7 +20,7 @@ DESCRIPTION
+     longer need to know what underlying modules to install.
+ 
+ SEE ALSO
+-    IO::Socket::SSL, Crypt::SSLeay, Mozilla::CA
++    IO::Socket::SSL, Crypt::SSLeay
+ 
+ COPYRIGHT
+     Copyright 1997-2011 Gisle Aas.
+diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm
+index f7230e2..e210049 100644
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -22,29 +22,6 @@ sub _extra_sock_opts
+     else {
+ 	$ssl_opts{SSL_verify_mode} = 0;
+     }
+-    if ($ssl_opts{SSL_verify_mode}) {
+-	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
+-	    eval {
+-		require Mozilla::CA;
+-	    };
+-	    if ($@) {
+-		if ($@ =! /^Can't locate Mozilla\/CA\.pm/) {
+-		    $@ = <<'EOT';
+-Can't verify SSL peers without knowing which Certificate Authorities to trust
+-
+-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
+-envirionment variable or by installing the Mozilla::CA module.
+-
+-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
+-envirionment variable to 0.  If you do this you can't be sure that you
+-communicate with the expected peer.
+-EOT
+-		}
+-		die $@;
+-	    }
+-	    $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
+-	}
+-    }
+     $self->{ssl_opts} = \%ssl_opts;
+     return (%ssl_opts, $self->SUPER::_extra_sock_opts);
+ }
+-- 
+1.8.1.4
+
diff --git a/LWP-Protocol-https-6.04.tar.gz b/LWP-Protocol-https-6.04.tar.gz
new file mode 100644
index 0000000..c57c5a8
--- /dev/null
+++ b/LWP-Protocol-https-6.04.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1ef67750ee363525cf729b59afde805ac4dc80eaf8d36ca01082a4d78a7af629
+size 4035
diff --git a/perl-LWP-Protocol-https.changes b/perl-LWP-Protocol-https.changes
index 2ac2739..8b6d04c 100644
--- a/perl-LWP-Protocol-https.changes
+++ b/perl-LWP-Protocol-https.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Wed Jul  3 09:32:03 UTC 2013 - lnussel@suse.de
+
+- Version 6.04
+  * Fix IO::Socket::SSL warnings when not verifying hostname.
+  * Doc spelling fix.
+- Remove usage of Mozilla::CA entirely. IO::Socket::SSL will do the
+  right thing instead.
+
 -------------------------------------------------------------------
 Tue Feb 21 11:26:38 UTC 2012 - coolo@suse.com
 
diff --git a/perl-LWP-Protocol-https.spec b/perl-LWP-Protocol-https.spec
index 229af12..ab14384 100644
--- a/perl-LWP-Protocol-https.spec
+++ b/perl-LWP-Protocol-https.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package perl-LWP-Protocol-https
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           perl-LWP-Protocol-https
-Version:        6.03
+Version:        6.04
 Release:        0
 %define cpan_name LWP-Protocol-https
 Summary:        Provide https support for LWP::UserAgent
@@ -26,7 +26,7 @@ Group:          Development/Libraries/Perl
 Url:            http://search.cpan.org/dist/LWP-Protocol-https/
 Source:         http://www.cpan.org/authors/id/G/GA/GAAS/%{cpan_name}-%{version}.tar.gz
 # patch for using system certificates                                                                                                                       
-Patch0:         %{cpan_name}-6.03-systemca.diff
+Patch0:         %{cpan_name}-6.04-systemca.diff
 BuildArch:      noarch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  perl