8b826baec4
- Version 6.04 * Fix IO::Socket::SSL warnings when not verifying hostname. * Doc spelling fix. - Remove usage of Mozilla::CA entirely. IO::Socket::SSL will do the right thing instead. OBS-URL: https://build.opensuse.org/request/show/182139 OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-LWP-Protocol-https?expand=0&rev=4
90 lines
2.9 KiB
Diff
90 lines
2.9 KiB
Diff
From 39d26115250c9c233018e487ce495e5a16faacc2 Mon Sep 17 00:00:00 2001
|
|
From: Ludwig Nussel <ludwig.nussel@suse.de>
|
|
Date: Wed, 3 Jul 2013 11:25:38 +0200
|
|
Subject: [PATCH] Don't require Mozilla::CA
|
|
|
|
IO::Socket::SSL will fall back to using the system's root
|
|
CA-certificates if no options are passed.
|
|
---
|
|
Makefile.PL | 1 -
|
|
README | 9 +--------
|
|
lib/LWP/Protocol/https.pm | 23 -----------------------
|
|
3 files changed, 1 insertion(+), 32 deletions(-)
|
|
|
|
diff --git a/Makefile.PL b/Makefile.PL
|
|
index 805eac8..3c66fb7 100644
|
|
--- a/Makefile.PL
|
|
+++ b/Makefile.PL
|
|
@@ -15,7 +15,6 @@ WriteMakefile(
|
|
'LWP::UserAgent' => '6.04',
|
|
'Net::HTTPS' => 6,
|
|
'IO::Socket::SSL' => "1.54",
|
|
- 'Mozilla::CA' => "20110101",
|
|
},
|
|
META_MERGE => {
|
|
resources => {
|
|
diff --git a/README b/README
|
|
index 8e67078..7c4b5e2 100644
|
|
--- a/README
|
|
+++ b/README
|
|
@@ -13,13 +13,6 @@ DESCRIPTION
|
|
you don't use it directly. Once the module is installed LWP is able to
|
|
access sites using HTTP over SSL/TLS.
|
|
|
|
- If hostname verification is requested by LWP::UserAgent's `ssl_opts',
|
|
- and neither `SSL_ca_file' nor `SSL_ca_path' is set, then `SSL_ca_file'
|
|
- is implied to be the one provided by Mozilla::CA. If the Mozilla::CA
|
|
- module isn't available SSL requests will fail. Either install this
|
|
- module, set up an alternative `SSL_ca_file' or disable hostname
|
|
- verification.
|
|
-
|
|
This module used to be bundled with the libwww-perl, but it was
|
|
unbundled in v6.02 in order to be able to declare its dependencies
|
|
properly for the CPAN tool-chain. Applications that need https support
|
|
@@ -27,7 +20,7 @@ DESCRIPTION
|
|
longer need to know what underlying modules to install.
|
|
|
|
SEE ALSO
|
|
- IO::Socket::SSL, Crypt::SSLeay, Mozilla::CA
|
|
+ IO::Socket::SSL, Crypt::SSLeay
|
|
|
|
COPYRIGHT
|
|
Copyright 1997-2011 Gisle Aas.
|
|
diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm
|
|
index f7230e2..e210049 100644
|
|
--- a/lib/LWP/Protocol/https.pm
|
|
+++ b/lib/LWP/Protocol/https.pm
|
|
@@ -22,29 +22,6 @@ sub _extra_sock_opts
|
|
else {
|
|
$ssl_opts{SSL_verify_mode} = 0;
|
|
}
|
|
- if ($ssl_opts{SSL_verify_mode}) {
|
|
- unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
|
|
- eval {
|
|
- require Mozilla::CA;
|
|
- };
|
|
- if ($@) {
|
|
- if ($@ =! /^Can't locate Mozilla\/CA\.pm/) {
|
|
- $@ = <<'EOT';
|
|
-Can't verify SSL peers without knowing which Certificate Authorities to trust
|
|
-
|
|
-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
|
|
-envirionment variable or by installing the Mozilla::CA module.
|
|
-
|
|
-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
|
|
-envirionment variable to 0. If you do this you can't be sure that you
|
|
-communicate with the expected peer.
|
|
-EOT
|
|
- }
|
|
- die $@;
|
|
- }
|
|
- $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
|
|
- }
|
|
- }
|
|
$self->{ssl_opts} = \%ssl_opts;
|
|
return (%ssl_opts, $self->SUPER::_extra_sock_opts);
|
|
}
|
|
--
|
|
1.8.1.4
|
|
|