Minix/pkgsrc-ng
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Import of pkgsrc-2015Q1

Browse Source
This commit is contained in:
Lionel Sambuc
2015-04-22 14:34:26 +02:00
committed by Lionel Sambuc
parent 9a8c06dafb
commit 4af1cdf7a9
25114 changed files with 870550 additions and 795435 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
www/p5-LWP-Protocol-https/Makefile
View File

@@ -1,9 +1,10 @@
# $NetBSD: Makefile,v 1.11 2013/07/10 02:51:56 schmonz Exp $
# $NetBSD: Makefile,v 1.15 2014/05/29 23:38:11 wiz Exp $
DISTNAME= LWP-Protocol-https-6.04
DISTNAME= LWP-Protocol-https-6.06
PKGNAME= p5-${DISTNAME}
PKGREVISION= 2
CATEGORIES= www perl5
MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=LWP/}
MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=../../authors/id/M/MS/MSCHILLI/}
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= http://search.cpan.org/dist/LWP-Protocol-https/
@@ -14,6 +15,8 @@ CONFLICTS+= p5-libwww<6.02
DEPENDS+= p5-IO-Socket-SSL>=1.38:../../security/p5-IO-Socket-SSL
DEPENDS+= p5-Mozilla-CA>=20110101:../../security/p5-Mozilla-CA
# needed for tests, but p5-libwww depends on this package
#DEPENDS+= p5-libwww>=6.06:../../www/p5-libwww
USE_LANGUAGES= # empty
PERL5_PACKLIST= auto/LWP/Protocol/https/.packlist

10
www/p5-LWP-Protocol-https/distinfo
View File

@@ -1,5 +1,7 @@
$NetBSD: distinfo,v 1.3 2013/07/10 02:51:56 schmonz Exp $
$NetBSD: distinfo,v 1.5 2014/05/15 10:17:38 wiz Exp $
SHA1 (LWP-Protocol-https-6.04.tar.gz) = 5a63cb409ff4ba34006d5a45120e7facc52dc837
RMD160 (LWP-Protocol-https-6.04.tar.gz) = cc430e930aa607c1436b2be94d171c1192f64f3f
Size (LWP-Protocol-https-6.04.tar.gz) = 4035 bytes
SHA1 (LWP-Protocol-https-6.06.tar.gz) = 210a2f7ba3f82ffc7a18836d0a4356986080d407
RMD160 (LWP-Protocol-https-6.06.tar.gz) = faefe1526b6a04be2deac8c6f96a9d6cf2d4a647
Size (LWP-Protocol-https-6.06.tar.gz) = 8376 bytes
SHA1 (patch-lib_LWP_Protocol_https.pm) = b4129bf47059955b8527761c81674ee44318f8a0
SHA1 (patch-t_https__proxy.t) = 0653e29cdbe683329ccfa065d527a2e37bd3fde7

20
www/p5-LWP-Protocol-https/patches/patch-lib_LWP_Protocol_https.pm Normal file
View File

@@ -0,0 +1,20 @@
$NetBSD: patch-lib_LWP_Protocol_https.pm,v 1.1 2014/05/15 10:17:38 wiz Exp $
Fix for CVE-2014-3230 from
https://github.com/libwww-perl/lwp-protocol-https/pull/14
--- lib/LWP/Protocol/https.pm.orig 2014-04-18 16:33:26.000000000 +0000
+++ lib/LWP/Protocol/https.pm
@@ -21,7 +21,11 @@ sub _extra_sock_opts
$ssl_opts{SSL_verifycn_scheme} = 'www';
}
else {
- $ssl_opts{SSL_verify_mode} = 0;
+ if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
+ $ssl_opts{SSL_verifycn_scheme} = '';
+ } else {
+ $ssl_opts{SSL_verifycn_scheme} = 'none';
+ }
}
if ($ssl_opts{SSL_verify_mode}) {
unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {

19
www/p5-LWP-Protocol-https/patches/patch-t_https__proxy.t Normal file
View File

@@ -0,0 +1,19 @@
$NetBSD: patch-t_https__proxy.t,v 1.1 2014/05/15 10:17:38 wiz Exp $
Fix for CVE-2014-3230 from
https://github.com/libwww-perl/lwp-protocol-https/pull/14
--- t/https_proxy.t.orig 2014-04-18 16:21:26.000000000 +0000
+++ t/https_proxy.t
@@ -66,7 +66,10 @@ my %ua;
$ua{noproxy} = LWP::UserAgent->new(
keep_alive => 10, # size of connection cache
# server does not know the expected name and returns generic certificate
- ssl_opts => { verify_hostname => 0 }
+ ssl_opts => {
+ verify_hostname => 0,
+ SSL_ca_file => $cafile,
+ }
);
$ua{proxy} = LWP::UserAgent->new(