pool/perl-LWP-Protocol-https
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1103525 from devel:languages:perl:autoupdate

Browse Source 
- new version format, see https://github.com/openSUSE/cpanspec/issues/47
- Remove CVE-2014-3230.patch, upstream was fixed. CVE-2014-3230, Debian #746576
- Update LWP-Protocol-https-6.09-systemca.diff
- updated to 6.11
   see /usr/share/doc/packages/perl-LWP-Protocol-https/Changes
  6.11      2023-07-09 15:10:30Z
      - Remove Authority section from dist.ini (GH#64) (Olaf Alders)
      - Add very basic diagnostic information via test (GH#73) (Olaf Alders)
      - CVE-2014-3230 - don't disable verification if only hostnames should not
        (GH#14) (Steffen Ullrich)
      - Make explicit requirement of Mozilla::CA obsolete (GH#72) (Steffen
        Ullrich and Olaf Alders)
      - Remove _in_san and _cn_match. Empty out the _check_sock hook (GH#71)
        (Chase Whitener)
      - Use warnings (GH#69) (Pete Houston)

OBS-URL: https://build.opensuse.org/request/show/1103525
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-LWP-Protocol-https?expand=0&rev=21
This commit is contained in:
Dirk Stoecker 2023-08-14 15:50:24 +00:00 committed by Git OBS Bridge
parent b4fd8f8fda
commit bd51d54ad1
7 changed files with 55 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
CVE-2014-3230.patch
View File

@ -1,40 +0,0 @@
From 1b924708663f457a4f7c25ed35d7dfb3bb5b334d Mon Sep 17 00:00:00 2001
From: Steffen Ullrich <Steffen_Ullrich@genua.de>
Date: Sat, 3 May 2014 23:04:36 +0200
Subject: [PATCH 1/3] Debian #746576 - don't disale verification if only
hostnames should not be verified
---
lib/LWP/Protocol/https.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
===================================================================
--- LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm
+++ LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
@@ -21,7 +21,11 @@ sub _extra_sock_opts
$ssl_opts{SSL_verifycn_scheme} = 'www';
}
else {
- $ssl_opts{SSL_verify_mode} = 0;
+ if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
+ $ssl_opts{SSL_verifycn_scheme} = '';
+ } else {
+ $ssl_opts{SSL_verifycn_scheme} = 'none';
+ }
}
my $suse_allows_mozilla_ca = 0;
if ($suse_allows_mozilla_ca && $ssl_opts{SSL_verify_mode}) {
Index: LWP-Protocol-https-6.06/t/https_proxy.t
===================================================================
--- LWP-Protocol-https-6.06.orig/t/https_proxy.t
+++ LWP-Protocol-https-6.06/t/https_proxy.t
@@ -66,7 +66,7 @@ my %ua;
$ua{noproxy} = LWP::UserAgent->new(
keep_alive => 10, # size of connection cache
# server does not know the expected name and returns generic certificate
- ssl_opts => { verify_hostname => 0 }
+ ssl_opts => { verify_hostname => 0, SSL_ca_file => $cafile, }
);
$ua{proxy} = LWP::UserAgent->new(

30
LWP-Protocol-https-6.09-systemca.diff
View File

@ -1,24 +1,14 @@
diff -ur LWP-Protocol-https-6.09/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.09_fix/lib/LWP/Protocol/https.pm diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm
--- LWP-Protocol-https-6.09/lib/LWP/Protocol/https.pm 2020-07-16 15:33:07.000000000 +0200 index 16fce19..b1a18df 100644
+++ LWP-Protocol-https-6.09_fix/lib/LWP/Protocol/https.pm 2020-10-15 15:56:49.380284037 +0200 --- a/lib/LWP/Protocol/https.pm
@@ -22,7 +22,8 @@ +++ b/lib/LWP/Protocol/https.pm
else { @@ -28,7 +28,8 @@ sub _extra_sock_opts
$ssl_opts{SSL_verify_mode} = 0; $ssl_opts{SSL_verifycn_scheme} = 'none';
}
} }
- if ($ssl_opts{SSL_verify_mode}) { - if ($ssl_opts{SSL_verify_mode}) {
+ my $suse_allows_mozilla_ca = 0; + my $suse_allows_mozilla_ca = 0;
+ if ($suse_allows_mozilla_ca && $ssl_opts{SSL_verify_mode}) { + if ($suse_allows_mozilla_ca && $ssl_opts{SSL_verify_mode}) {
unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
eval { if ($Net::HTTPS::SSL_SOCKET_CLASS eq 'IO::Socket::SSL'
require Mozilla::CA; && defined &IO::Socket::SSL::default_ca
diff -ur LWP-Protocol-https-6.09/Makefile.PL LWP-Protocol-https-6.09_fix/Makefile.PL
--- LWP-Protocol-https-6.09/Makefile.PL 2020-07-16 15:33:07.000000000 +0200
+++ LWP-Protocol-https-6.09_fix/Makefile.PL 2020-10-15 15:56:08.235630479 +0200
@@ -22,7 +22,6 @@
"IO::Socket::SSL" => "1.54",
"LWP::Protocol::http" => 0,
"LWP::UserAgent" => "6.06",
- "Mozilla::CA" => 20180117,
"Net::HTTPS" => 6,
"base" => 0,
"strict" => 0

BIN
LWP-Protocol-https-6.10.tar.gz (Stored with Git LFS)
View File

Binary file not shown.

3
LWP-Protocol-https-6.11.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0132ddbf03661565ca85050f2a5094fb9263cbbc3ccb1a4d9c41ac9bb083b917
size 32599

1
cpanspec.yml
View File

@ -8,7 +8,6 @@ patches:
# patch for using system certificates # patch for using system certificates
"%{cpan_name}-6.09-systemca.diff": -p1 "%{cpan_name}-6.09-systemca.diff": -p1
# see https://github.com/libwww-perl/lwp-protocol-https/pull/14 # see https://github.com/libwww-perl/lwp-protocol-https/pull/14
CVE-2014-3230.patch: -p1
#preamble: |- #preamble: |-
# BuildRequires: gcc-c++ # BuildRequires: gcc-c++
#post_prep: |- #post_prep: |-

27
perl-LWP-Protocol-https.changes
View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Fri Aug 11 16:36:32 UTC 2023 - Tina Müller <tina.mueller@suse.com>
- Remove CVE-2014-3230.patch, upstream was fixed. CVE-2014-3230, Debian #746576
-------------------------------------------------------------------
Fri Aug 11 16:30:24 UTC 2023 - Tina Müller <tina.mueller@suse.com>
- Update LWP-Protocol-https-6.09-systemca.diff
-------------------------------------------------------------------
Mon Jul 10 03:06:48 UTC 2023 - Tina Müller <timueller+perl@suse.de>
- updated to 6.11
see /usr/share/doc/packages/perl-LWP-Protocol-https/Changes
6.11 2023-07-09 15:10:30Z
- Remove Authority section from dist.ini (GH#64) (Olaf Alders)
- Add very basic diagnostic information via test (GH#73) (Olaf Alders)
- CVE-2014-3230 - don't disable verification if only hostnames should not
(GH#14) (Steffen Ullrich)
- Make explicit requirement of Mozilla::CA obsolete (GH#72) (Steffen
Ullrich and Olaf Alders)
- Remove _in_san and _cn_match. Empty out the _check_sock hook (GH#71)
(Chase Whitener)
- Use warnings (GH#69) (Pete Houston)
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Dec 18 03:07:41 UTC 2020 - Tina Müller <timueller+perl@suse.de> Fri Dec 18 03:07:41 UTC 2020 - Tina Müller <timueller+perl@suse.de>

33
perl-LWP-Protocol-https.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package perl-LWP-Protocol-https # spec file for package perl-LWP-Protocol-https
# #
# Copyright (c) 2020 SUSE LLC # Copyright (c) 2023 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -16,35 +16,35 @@
# #
Name: perl-LWP-Protocol-https
Version: 6.10
Release: 0
%define cpan_name LWP-Protocol-https %define cpan_name LWP-Protocol-https
Summary: Provide https support for LWP::UserAgent Name: perl-LWP-Protocol-https
Version: 6.110.0
Release: 0
%define cpan_version 6.11
License: Artistic-1.0 OR GPL-1.0-or-later License: Artistic-1.0 OR GPL-1.0-or-later
Group: Development/Libraries/Perl Summary: Provide https support for LWP::UserAgent
URL: https://metacpan.org/release/%{cpan_name} URL: https://metacpan.org/release/%{cpan_name}
Source0: https://cpan.metacpan.org/authors/id/O/OA/OALDERS/%{cpan_name}-%{version}.tar.gz Source0: https://cpan.metacpan.org/authors/id/O/OA/OALDERS/%{cpan_name}-%{cpan_version}.tar.gz
Source1: cpanspec.yml Source1: cpanspec.yml
Patch0: %{cpan_name}-6.09-systemca.diff Patch0: %{cpan_name}-6.09-systemca.diff
Patch1: CVE-2014-3230.patch
BuildArch: noarch BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: perl BuildRequires: perl
BuildRequires: perl-macros BuildRequires: perl-macros
BuildRequires: perl(IO::Socket::SSL) >= 1.54 BuildRequires: perl(IO::Socket::SSL) >= 1.970
BuildRequires: perl(IO::Socket::SSL::Utils) BuildRequires: perl(IO::Socket::SSL::Utils)
BuildRequires: perl(LWP::Protocol::http) BuildRequires: perl(LWP::Protocol::http)
BuildRequires: perl(LWP::UserAgent) >= 6.06 BuildRequires: perl(LWP::UserAgent) >= 6.06
#BuildRequires: perl(Mozilla::CA) >= 20180117
BuildRequires: perl(Net::HTTPS) >= 6 BuildRequires: perl(Net::HTTPS) >= 6
BuildRequires: perl(Test::More) >= 0.96 BuildRequires: perl(Test::More) >= 0.96
BuildRequires: perl(Test::Needs) >= 0.002010
BuildRequires: perl(Test::RequiresInternet) BuildRequires: perl(Test::RequiresInternet)
Requires: perl(IO::Socket::SSL) >= 1.54 Requires: perl(IO::Socket::SSL) >= 1.970
Requires: perl(LWP::Protocol::http) Requires: perl(LWP::Protocol::http)
Requires: perl(LWP::UserAgent) >= 6.06 Requires: perl(LWP::UserAgent) >= 6.06
#Requires: perl(Mozilla::CA) >= 20180117
Requires: perl(Net::HTTPS) >= 6 Requires: perl(Net::HTTPS) >= 6
Provides: perl(LWP::Protocol::https) = 6.110.0
Provides: perl(LWP::Protocol::https::Socket) = 6.110.0
%define __perllib_provides /bin/true
%{perl_requires} %{perl_requires}
%description %description
@ -66,13 +66,11 @@ their dependency on LWP::Protocol::https and will no longer need to know
what underlying modules to install. what underlying modules to install.
%prep %prep
%setup -q -n %{cpan_name}-%{version} %autosetup -n %{cpan_name}-%{cpan_version} -p1
%patch0 -p1
%patch1 -p1
%build %build
perl Makefile.PL INSTALLDIRS=vendor perl Makefile.PL INSTALLDIRS=vendor
make %{?_smp_mflags} %make_build
%check %check
make test make test
@ -83,7 +81,6 @@ make test
%perl_gen_filelist %perl_gen_filelist
%files -f %{name}.files %files -f %{name}.files
%defattr(-,root,root,755)
%doc Changes CONTRIBUTING.md %doc Changes CONTRIBUTING.md
%license LICENSE %license LICENSE