diff options
Diffstat (limited to 'dev-perl/LWP-Protocol-https')
4 files changed, 0 insertions, 124 deletions
diff --git a/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.100.0.ebuild b/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.100.0.ebuild deleted file mode 100644 index 30dd1f813159..000000000000 --- a/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.100.0.ebuild +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -DIST_AUTHOR=OALDERS -DIST_VERSION=6.10 -inherit perl-module - -DESCRIPTION="Provide https support for LWP::UserAgent" - -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-solaris" - -RDEPEND=" - app-misc/ca-certificates - >=dev-perl/IO-Socket-SSL-1.540.0 - >=dev-perl/libwww-perl-6.60.0 - >=dev-perl/Net-HTTP-6 -" -DEPEND="${RDEPEND} - virtual/perl-ExtUtils-MakeMaker - test? ( - virtual/perl-Test-Simple - dev-perl/Test-RequiresInternet - ) -" - -PATCHES=( - "${FILESDIR}"/${PN}-6.70.0-etcsslcerts.patch - "${FILESDIR}"/${PN}-6.70.0-CVE-2014-3230.patch # note: breaks a test, still needed? -) - -PERL_RM_FILES=( - "t/https_proxy.t" # see above -) diff --git a/dev-perl/LWP-Protocol-https/Manifest b/dev-perl/LWP-Protocol-https/Manifest index 4d6ffdbad13e..7e9ad3ccc6f9 100644 --- a/dev-perl/LWP-Protocol-https/Manifest +++ b/dev-perl/LWP-Protocol-https/Manifest @@ -1,7 +1,3 @@ -AUX LWP-Protocol-https-6.70.0-CVE-2014-3230.patch 1136 BLAKE2B b6a82d284c8a4bcc6dfc62a253ed887fadc32f0b149e8ff1a04769495c9f1729c0a9e2b775311a574265620b49da98c7e5f0ae43f58c948da7e6b41a2872a723 SHA512 115a0b152722e874e35a6d7207b8e77c19f14a7f1fe7d4dd2e246c3085332ec37b2839e386063e48159d9194a6dce19c2dcbe03d5e66360d28cc5d0547f9e63d -AUX LWP-Protocol-https-6.70.0-etcsslcerts.patch 1595 BLAKE2B 1a0d41704506f988405a776d96292e12be53487b3d2ab71259f82282ba95741e647925444d4c4090b242ebeeee49c7e2dc83f93d5aca6480bb4731970c410f98 SHA512 977ae51ffaa8d931e55b1aac278980f0a13fc06f0cbed99b81d983cd98068f5f8e65b388ed97befa6c850d92e9cae785ae3b4f84d5115cf730271bc04a40e18d -DIST LWP-Protocol-https-6.10.tar.gz 33691 BLAKE2B 9436d81e2049b09bc7d0323f89ae41d7a7e0df6f2a01451a5badcbd3c2bb842935c947c543636415e11fcb5972203bb362de448b6888423cb1130fa3f472c4c4 SHA512 4d3c89dab6fadcb574c176977ca6debba177ee3f817e87319d9cd81e0a0b09214e271c2e97edc456dad2f4a1ebf8c6266a4ae52c3a93144880a5b32db97e7a31 DIST LWP-Protocol-https-6.11.tar.gz 32599 BLAKE2B 1177b02a9a35bf9a7959eaa181b1fe156164c6d4a16043021a39e8691dd9fa677ec83401545fadeb4a49f9f989cb0ea801be94ba0cfe496b1a75868d0423dca4 SHA512 1e74c45898778c58d00eefbdd04a3ed47cf38164296278bec66c9b85f48ad635931873d2bf5423be8562df2c22b4bbf8eff0502bd29ba1c790bbbf76f3616ecf -EBUILD LWP-Protocol-https-6.100.0.ebuild 829 BLAKE2B 19103cf8bac1cecc55d8635238a910aa3a53635c18827994afcb504b37b62234103182913a4804bf3b02cbe346d213657a59e176b06f90bc1418ef3b8b23e207 SHA512 6c8020a7308b64faf923e372b20f5a0b57c2b2ffd47a47d358ee7db56a048a187d4d396ac7ad8044c396632396fc3ab9ef680011932d5fc0edb22cddd3bcd4d5 EBUILD LWP-Protocol-https-6.110.0.ebuild 643 BLAKE2B f8727b3233092db061aca2864e529c6750142cf67d95c4cad3a69fc4fb6d0c1a3c3cf502cbb18027142e57205c02cb2141cb9cbdf2e73a62086d4d5e75e534a2 SHA512 41c28590d624bd2d2648f2eb200622a153c0d8a81fb2a3475e253216a7cb60e089599905231f05ad923210582767d18ab85988152824c48dc0f7feef6d43c78a MISC metadata.xml 471 BLAKE2B 146b7964a443d12de0db87033741ffcd01d57985fcc70ce32f95d618354c1b233789e0242067c326ce41f4adbd2c6a051e895b731c225192a9e9ba1d02c1c970 SHA512 747e960b78d6825c52b9964fb42b98408998fcc7d32e046cd6bf9c5f2348d97692bf013438a522ec7e0a52aba6104f7d832fd24f95e3dfa03dca5941f78f4a41 diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch deleted file mode 100644 index 781d72ee03e9..000000000000 --- a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 67de137e737e4fa92d0cb746bdc8474d7bb5e000 Mon Sep 17 00:00:00 2001 -From: Kent Fredric <kentnl@gentoo.org> -Date: Tue, 21 Mar 2017 10:11:32 +1300 -Subject: Use SSL_verifycn_scheme instead of disabling SSL_verify_mode - -Re: CVE-2014-3230 - -Redhat Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1094440 - -Combines: https://bugzilla.redhat.com/attachment.cgi?id=894747 - https://bugzilla.redhat.com/attachment.cgi?id=894748 ---- - lib/LWP/Protocol/https.pm | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm -index f8ab398..ba69966 100644 ---- a/lib/LWP/Protocol/https.pm -+++ b/lib/LWP/Protocol/https.pm -@@ -21,7 +21,12 @@ sub _extra_sock_opts - $ssl_opts{SSL_verifycn_scheme} = 'www'; - } - else { -- $ssl_opts{SSL_verify_mode} = 0; -+ if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) { -+ $ssl_opts{SSL_verifycn_scheme} = ''; -+ } -+ else { -+ $ssl_opts{SSL_verifycn_scheme} = 'none'; -+ } - } - if ($ssl_opts{SSL_verify_mode}) { - unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { --- -2.12.0 - diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch deleted file mode 100644 index 2553c7949af9..000000000000 --- a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 9baa19987f93284be254415d15db56c599e52e1e Mon Sep 17 00:00:00 2001 -From: Kent Fredric <kentnl@gentoo.org> -Date: Tue, 21 Mar 2017 10:07:35 +1300 -Subject: Ensure using System Certificates instead of Mozilla-CA - -Bug: https://bugs.gentoo.org/358081 ---- - lib/LWP/Protocol/https.pm | 24 +++--------------------- - 1 file changed, 3 insertions(+), 21 deletions(-) - -diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm -index ed4d832..f8ab398 100644 ---- a/lib/LWP/Protocol/https.pm -+++ b/lib/LWP/Protocol/https.pm -@@ -24,27 +24,9 @@ sub _extra_sock_opts - $ssl_opts{SSL_verify_mode} = 0; - } - if ($ssl_opts{SSL_verify_mode}) { -- unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { -- eval { -- require Mozilla::CA; -- }; -- if ($@) { -- if ($@ =~ /^Can't locate Mozilla\/CA\.pm/) { -- $@ = <<'EOT'; --Can't verify SSL peers without knowing which Certificate Authorities to trust -- --This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE --environment variable or by installing the Mozilla::CA module. -- --To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME --environment variable to 0. If you do this you can't be sure that you --communicate with the expected peer. --EOT -- } -- die $@; -- } -- $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file(); -- } -+ unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { -+ $ssl_opts{SSL_ca_path} = '/etc/ssl/certs'; -+ } - } - $self->{ssl_opts} = \%ssl_opts; - return (%ssl_opts, $self->SUPER::_extra_sock_opts); --- -2.12.0 - |