From a0502e9f62016bd514945f41878e199dc90a8188 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 3 Nov 2020 07:22:17 -0500 Subject: [PATCH] import perl-LWP-Protocol-https-6.07-4.module+el8.3.0+6498+31ea7642 --- .gitignore | 1 + .perl-LWP-Protocol-https.metadata | 1 + ...n-t-disale-verification-if-only-host.patch | 30 ++++ ...x-test-make-it-workable-for-Crypt-SS.patch | 51 ++++++ SPECS/perl-LWP-Protocol-https.spec | 156 ++++++++++++++++++ 5 files changed, 239 insertions(+) create mode 100644 .gitignore create mode 100644 .perl-LWP-Protocol-https.metadata create mode 100644 SOURCES/LWP-Protocol-https-6.06-Debian-746576-don-t-disale-verification-if-only-host.patch create mode 100644 SOURCES/LWP-Protocol-https-6.06-Debian-746576-fix-test-make-it-workable-for-Crypt-SS.patch create mode 100644 SPECS/perl-LWP-Protocol-https.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9270cf7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/LWP-Protocol-https-6.07.tar.gz diff --git a/.perl-LWP-Protocol-https.metadata b/.perl-LWP-Protocol-https.metadata new file mode 100644 index 0000000..562113c --- /dev/null +++ b/.perl-LWP-Protocol-https.metadata @@ -0,0 +1 @@ +2517535f40d6a5a4a1524f3a7bedf0a1763871de SOURCES/LWP-Protocol-https-6.07.tar.gz diff --git a/SOURCES/LWP-Protocol-https-6.06-Debian-746576-don-t-disale-verification-if-only-host.patch b/SOURCES/LWP-Protocol-https-6.06-Debian-746576-don-t-disale-verification-if-only-host.patch new file mode 100644 index 0000000..31521ff --- /dev/null +++ b/SOURCES/LWP-Protocol-https-6.06-Debian-746576-don-t-disale-verification-if-only-host.patch @@ -0,0 +1,30 @@ +From 1b924708663f457a4f7c25ed35d7dfb3bb5b334d Mon Sep 17 00:00:00 2001 +From: Steffen Ullrich +Date: Sat, 3 May 2014 23:04:36 +0200 +Subject: [PATCH 1/2] Debian #746576 - don't disale verification if only + hostnames should not be verified +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Petr Písař +--- + lib/LWP/Protocol/https.pm | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm +index a707917..8c87e81 100644 +--- a/lib/LWP/Protocol/https.pm ++++ b/lib/LWP/Protocol/https.pm +@@ -21,7 +21,7 @@ sub _extra_sock_opts + $ssl_opts{SSL_verifycn_scheme} = 'www'; + } + else { +- $ssl_opts{SSL_verify_mode} = 0; ++ $ssl_opts{SSL_verifycn_scheme} = 'none'; + } + if ($ssl_opts{SSL_verify_mode}) { + unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { +-- +1.9.0 + diff --git a/SOURCES/LWP-Protocol-https-6.06-Debian-746576-fix-test-make-it-workable-for-Crypt-SS.patch b/SOURCES/LWP-Protocol-https-6.06-Debian-746576-fix-test-make-it-workable-for-Crypt-SS.patch new file mode 100644 index 0000000..1e85dbe --- /dev/null +++ b/SOURCES/LWP-Protocol-https-6.06-Debian-746576-fix-test-make-it-workable-for-Crypt-SS.patch @@ -0,0 +1,51 @@ +From 6b5c876de80451ee54de5d853de37a62e26bf6fe Mon Sep 17 00:00:00 2001 +From: Steffen Ullrich +Date: Sun, 4 May 2014 09:14:13 +0200 +Subject: [PATCH 2/2] Debian #746576 - fix test, make it workable for + Crypt::SSLeay/Net::SSL too +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Petr Písař +--- + lib/LWP/Protocol/https.pm | 6 +++++- + t/https_proxy.t | 5 ++++- + 2 files changed, 9 insertions(+), 2 deletions(-) + +diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm +index 8c87e81..6223ddf 100644 +--- a/lib/LWP/Protocol/https.pm ++++ b/lib/LWP/Protocol/https.pm +@@ -21,7 +21,11 @@ sub _extra_sock_opts + $ssl_opts{SSL_verifycn_scheme} = 'www'; + } + else { +- $ssl_opts{SSL_verifycn_scheme} = 'none'; ++ if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) { ++ $ssl_opts{SSL_verifycn_scheme} = ''; ++ } else { ++ $ssl_opts{SSL_verifycn_scheme} = 'none'; ++ } + } + if ($ssl_opts{SSL_verify_mode}) { + unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { +diff --git a/t/https_proxy.t b/t/https_proxy.t +index 5196960..c78345b 100644 +--- a/t/https_proxy.t ++++ b/t/https_proxy.t +@@ -66,7 +66,10 @@ my %ua; + $ua{noproxy} = LWP::UserAgent->new( + keep_alive => 10, # size of connection cache + # server does not know the expected name and returns generic certificate +- ssl_opts => { verify_hostname => 0 } ++ ssl_opts => { ++ verify_hostname => 0, ++ SSL_ca_file => $cafile, ++ } + ); + + $ua{proxy} = LWP::UserAgent->new( +-- +1.9.0 + diff --git a/SPECS/perl-LWP-Protocol-https.spec b/SPECS/perl-LWP-Protocol-https.spec new file mode 100644 index 0000000..aaf99aa --- /dev/null +++ b/SPECS/perl-LWP-Protocol-https.spec @@ -0,0 +1,156 @@ +Name: perl-LWP-Protocol-https +Version: 6.07 +Release: 4%{?dist} +Summary: Provide HTTPS support for LWP::UserAgent +License: GPL+ or Artistic +Group: Development/Libraries +URL: http://search.cpan.org/dist/LWP-Protocol-https/ +Source0: http://www.cpan.org/authors/id/O/OA/OALDERS/LWP-Protocol-https-%{version}.tar.gz +# Fix CVE-2014-3230, bug #1094442, +# proposed in https://github.com/libwww-perl/lwp-protocol-https/pull/14 +Patch0: LWP-Protocol-https-6.06-Debian-746576-don-t-disale-verification-if-only-host.patch +# Fix CVE-2014-3230, bug #1094442, +# proposed in https://github.com/libwww-perl/lwp-protocol-https/pull/14 +Patch1: LWP-Protocol-https-6.06-Debian-746576-fix-test-make-it-workable-for-Crypt-SS.patch +BuildArch: noarch +BuildRequires: findutils +BuildRequires: make +BuildRequires: perl-interpreter +BuildRequires: perl-generators +BuildRequires: perl(:VERSION) >= 5.8.1 +BuildRequires: perl(ExtUtils::MakeMaker) +BuildRequires: perl(strict) +# Run-time: +BuildRequires: perl(IO::Socket::SSL) >= 1.54 +BuildRequires: perl(LWP::Protocol::http) +BuildRequires: perl(Mozilla::CA) >= 20110101 +BuildRequires: perl(Net::HTTPS) >= 6 +# Tests: +BuildRequires: perl(File::Temp) +BuildRequires: perl(IO::Select) +BuildRequires: perl(IO::Socket::INET) +BuildRequires: perl(LWP::UserAgent) >= 6.06 +BuildRequires: perl(Socket) +BuildRequires: perl(Test::More) +BuildRequires: perl(Test::RequiresInternet) +BuildRequires: perl(warnings) +# Optional tests: +BuildRequires: perl(IO::Socket::SSL) >= 1.953 +BuildRequires: perl(IO::Socket::SSL::Utils) +Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) +Requires: perl(IO::Socket::SSL) >= 1.54 +Requires: perl(Mozilla::CA) >= 20110101 +Requires: perl(Net::HTTPS) >= 6 + +# Remove underspecified dependencies +%global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(Net::HTTPS\\)\\s*$ + +%description +The LWP::Protocol::https module provides support for using HTTPS schemed +URLs with LWP. This module is a plug-in to the LWP protocol handling, so +you don't use it directly. Once the module is installed LWP is able to +access sites using HTTP over SSL/TLS. + +%prep +%setup -q -n LWP-Protocol-https-%{version} +%patch0 -p1 +%patch1 -p1 + +%build +perl Makefile.PL INSTALLDIRS=vendor +make %{?_smp_mflags} + +%install +make pure_install DESTDIR=$RPM_BUILD_ROOT +find $RPM_BUILD_ROOT -type f -name .packlist -delete +%{_fixperms} $RPM_BUILD_ROOT/* + +%check +make test + +%files +%doc Changes README +%{perl_vendorlib}/* +%{_mandir}/man3/* + +%changelog +* Thu Feb 08 2018 Fedora Release Engineering - 6.07-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 6.07-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Jun 05 2017 Jitka Plesnikova - 6.07-2 +- Perl 5.26 rebuild + +* Mon Feb 20 2017 Petr Pisar - 6.07-1 +- 6.07 bump + +* Sat Feb 11 2017 Fedora Release Engineering - 6.06-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon May 16 2016 Jitka Plesnikova - 6.06-8 +- Perl 5.24 rebuild + +* Thu Feb 04 2016 Fedora Release Engineering - 6.06-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jun 18 2015 Fedora Release Engineering - 6.06-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat Jun 06 2015 Jitka Plesnikova - 6.06-5 +- Perl 5.22 rebuild + +* Thu Aug 28 2014 Jitka Plesnikova - 6.06-4 +- Perl 5.20 rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 6.06-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Mon May 12 2014 Petr Pisar - 6.06-2 +- Fix CVE-2014-3230 (incorrect handling of SSL certificate verification if + HTTPS_CA_DIR or HTTPS_CA_FILE environment variables are set) (bug #1094442) + +* Wed Apr 23 2014 Petr Pisar - 6.06-1 +- 6.06 bump + +* Thu Jan 16 2014 Petr Pisar - 6.04-4 +- Modernize spec file + +* Sat Aug 03 2013 Fedora Release Engineering - 6.04-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 23 2013 Petr Pisar - 6.04-2 +- Perl 5.18 rebuild + +* Thu May 02 2013 Petr Pisar - 6.04-1 +- 6.04 bump + +* Thu Feb 14 2013 Fedora Release Engineering - 6.03-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Fri Jul 20 2012 Fedora Release Engineering - 6.03-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jun 15 2012 Petr Pisar - 6.03-2 +- Perl 5.16 rebuild + +* Mon Feb 20 2012 Petr Pisar - 6.03-1 +- 6.03 bump +- Enable tests by default, they detect connectivity now + +* Fri Jan 13 2012 Fedora Release Engineering - 6.02-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Jul 25 2011 Petr Pisar - 6.02-4 +- RPM 4.9 dependency filtering added + +* Fri Jun 17 2011 Marcela Mašláňová - 6.02-3 +- Perl mass rebuild + +* Tue Mar 29 2011 Petr Pisar - 6.02-2 +- Disable tests because they need network access + +* Mon Mar 28 2011 Petr Pisar 6.02-1 +- Specfile autogenerated by cpanspec 1.78. +- Remove BuildRoot stuff